urlscan.io logo urlscan.io
SecurityTrails logo

leveling-solo.org Open in urlscan Pro
2606:4700:3036::6815:3c7d  Public Scan

Go To Rescan Add Verdict Report
URL: https://leveling-solo.org/
Submission: On September 19 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 58 IPs in 6 countries across 42 domains to perform 130 HTTP transactions. The main IP is 2606:4700:3036::6815:3c7d, located in United States and belongs to CLOUDFLARENET, US. The main domain is leveling-solo.org.
TLS certificate: Issued by E1 on August 15th 2022. Valid for: 3 months.
This is the only time leveling-solo.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 2606:4700:303... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
3 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 13.32.99.31 16509 (AMAZON-02)
1 151.101.12.193 54113 (FASTLY)
5 2606:4700::68... 13335 (CLOUDFLAR...)
2 23.20.163.248 14618 (AMAZON-AES)
2 2001:4860:480... 15169 (GOOGLE)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 45.133.44.3 39572 (ADVANCEDH...)
1 2001:4860:480... 15169 (GOOGLE)
1 172.217.16.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 2a0c:5c81:514... 55081 (24SHELLS)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
6 54.204.7.68 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 178.250.0.165 44788 (ASN-CRITE...)
1 35.244.159.8 15169 (GOOGLE)
1 50.31.142.31 23352 (SERVERCEN...)
2 37.252.173.22 29990 (ASN-APPNEX)
1 77.245.57.72 36057 (WEBAIR-IN...)
2 147.75.85.234 54825 (PACKET)
1 185.184.8.90 204995 (RTB-HOUSE...)
1 54.90.243.153 14618 (AMAZON-AES)
1 185.255.84.150 200271 (IGUANE-)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 8.2.111.104 46636 (NATCOWEB)
1 52.30.62.193 16509 (AMAZON-02)
1 34.107.148.139 15169 (GOOGLE)
1 54.157.211.237 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.35.236.201 16625 (AKAMAI-AS)
1 150.136.26.45 31898 (ORACLE-BM...)
1 3.126.56.137 16509 (AMAZON-02)
1 1 213.19.147.44 3356 (LEVEL3)
2 34.235.255.87 14618 (AMAZON-AES)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 216.52.2.19 30282 (AS-INAPCD...)
3 35.157.246.167 16509 (AMAZON-02)
1 213.19.147.42 3356 (LEVEL3)
1 205.185.216.10 20446 (STACKPATH...)
1 185.64.190.78 62713 (AS-PUBMATIC)
2 2a02:2638::3 44788 (ASN-CRITE...)
1 3 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
130 58
20    2606:4700:3036::6815:3c7d (United States)

ASN13335 (CLOUDFLARENET, US)
leveling-solo.org
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
3    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2606:4700:20::681a:c1b (United States)

ASN13335 (CLOUDFLARENET, US)
papayads.net
1    13.32.99.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-31.fra60.r.cloudfront.net
cdn.purpleads.io
1    151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
5    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
2    23.20.163.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-163-248.compute-1.amazonaws.com
api.purpleads.io
2    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
player.adtcdn.com
3    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googletagmanager.com
1    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
a.exdynsrv.com
8    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a02:26f0:3500:595::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tg1.aniview.com
3    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
3    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a02:26f0:3500:c::5c7b:6822 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
6    54.204.7.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-7-68.compute-1.amazonaws.com
track1.aniview.com
1    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
3    2a02:26f0:3500:58c::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adsparc-d.openx.net
1    50.31.142.31 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1h.zemanta.com
2    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
cpm.unibots.in
2    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
1    54.90.243.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-243-153.compute-1.amazonaws.com
hb.minutemedia-prebid.com
1    185.255.84.150 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    2606:4700:10::6816:2460 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    8.2.111.104 (United States)

ASN46636 (NATCOWEB, US)
smartssp-us-east.iqzone.com
1    52.30.62.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-62-193.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    54.157.211.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-211-237.compute-1.amazonaws.com
go1.aniview.com
3    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    150.136.26.45 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    213.19.147.44 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
2    34.235.255.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-255-87.compute-1.amazonaws.com
sync.aniview.com
1    2606:4700::6813:ac6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
1    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
3    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
web.ssp.yahoo.com
c2shb.pubgw.yahoo.com
1    213.19.147.42 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
tag.1rx.io
1    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.psdn.xyz
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
Apex Domain
Subdomains		 Transfer
20 leveling-solo.org
leveling-solo.org
331 KB
13 aniview.com
tg1.aniview.com — Cisco Umbrella Rank: 10029
track1.aniview.com — Cisco Umbrella Rank: 1995
player.aniview.com — Cisco Umbrella Rank: 1781
go1.aniview.com — Cisco Umbrella Rank: 5041
sync.aniview.com — Cisco Umbrella Rank: 2096
197 KB
12 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
328 KB
8 gstatic.com
fonts.gstatic.com
279 KB
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 761
gum.criteo.com — Cisco Umbrella Rank: 406
mug.criteo.com — Cisco Umbrella Rank: 2876
3 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3387
onesignal.com — Cisco Umbrella Rank: 1231
img.onesignal.com — Cisco Umbrella Rank: 7087
99 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 75
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2282
www.google.com — Cisco Umbrella Rank: 2
83 KB
5 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 5896
ghb.adtelligent.com — Cisco Umbrella Rank: 5717
35 KB
5 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
211 KB
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
web.ssp.yahoo.com — Cisco Umbrella Rank: 2378
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 858
654 B
4 papayads.net
papayads.net — Cisco Umbrella Rank: 75567
26 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1785
mp.4dex.io — Cisco Umbrella Rank: 2010
24 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2989
20 KB
3 purpleads.io
cdn.purpleads.io — Cisco Umbrella Rank: 79492
api.purpleads.io — Cisco Umbrella Rank: 58539
10 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 40
5 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 673
57 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
tag.1rx.io — Cisco Umbrella Rank: 1340
408 B
2 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 462
image6.pubmatic.com — Cisco Umbrella Rank: 648
6 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1006
412 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 228
3 KB
2 adtcdn.com
player.adtcdn.com — Cisco Umbrella Rank: 30719
108 KB
1 psdn.xyz
cdn.psdn.xyz — Cisco Umbrella Rank: 115313
98 KB
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 597
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 909
382 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1190
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1065
876 B
1 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1646
617 B
1 iqzone.com
smartssp-us-east.iqzone.com — Cisco Umbrella Rank: 69298
244 B
1 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 11028
265 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4209
887 B
1 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 4810
384 B
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6489
179 B
1 unibots.in
cpm.unibots.in — Cisco Umbrella Rank: 50099
264 B
1 zemanta.com
b1h.zemanta.com — Cisco Umbrella Rank: 4948
123 B
1 openx.net
adsparc-d.openx.net — Cisco Umbrella Rank: 62627
591 B
1 avplayer.com
player.avplayer.com — Cisco Umbrella Rank: 10265
60 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 9081
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 857
648 B
1 exdynsrv.com
a.exdynsrv.com — Cisco Umbrella Rank: 55663
39 KB
1 googletagmanager.com
googletagmanager.com — Cisco Umbrella Rank: 61
74 KB
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 5839
42 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 654
33 KB
130 42
Domain Requested by
20 leveling-solo.org leveling-solo.org
9 pagead2.googlesyndication.com leveling-solo.org
pagead2.googlesyndication.com
tpc.googlesyndication.com
8 fonts.gstatic.com fonts.googleapis.com
6 track1.aniview.com leveling-solo.org
4 papayads.net leveling-solo.org
papayads.net
3 gum.criteo.com 1 redirects static.criteo.net
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 player.aniview.com player.avplayer.com
player.aniview.com
3 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
3 ghb.adtelligent.com player.adtelligent.com
3 onesignal.com cdn.onesignal.com
3 securepubads.g.doubleclick.net papayads.net
securepubads.g.doubleclick.net
3 fonts.googleapis.com leveling-solo.org
cdn.purpleads.io
2 mug.criteo.com
2 static.criteo.net player.adtcdn.com
static.criteo.net
2 c2shb.pubgw.yahoo.com player.aniview.com
2 sync.aniview.com player.aniview.com
2 prebid.a-mo.net player.adtcdn.com
2 ib.adnxs.com player.adtcdn.com
2 script.4dex.io player.adtcdn.com
script.4dex.io
2 player.adtelligent.com player.adtcdn.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 player.adtcdn.com papayads.net
2 www.google-analytics.com leveling-solo.org
www.google-analytics.com
2 api.purpleads.io cdn.purpleads.io
2 cdn.onesignal.com leveling-solo.org
cdn.onesignal.com
1 image6.pubmatic.com ads.pubmatic.com
1 cdn.psdn.xyz cdn.purpleads.io
1 tag.1rx.io player.aniview.com
1 web.ssp.yahoo.com player.aniview.com
1 ap.lijit.com player.aniview.com
1 csync.loopme.me 1 redirects
1 sync.1rx.io 1 redirects
1 ups.analytics.yahoo.com player.aniview.com
1 sync.technoratimedia.com player.aniview.com
1 ads.pubmatic.com player.aniview.com
1 www.google.com tpc.googlesyndication.com
1 go1.aniview.com player.aniview.com
1 prebid.media.net player.adtcdn.com
1 ads.servenobid.com player.adtcdn.com
1 smartssp-us-east.iqzone.com player.adtcdn.com
1 mp.4dex.io player.adtcdn.com
1 useast.quantumdex.io player.adtcdn.com
1 hb-api.omnitagjs.com player.adtcdn.com
1 hb.minutemedia-prebid.com player.adtcdn.com
1 prebid-eu.creativecdn.com player.adtcdn.com
1 cpm.unibots.in player.adtcdn.com
1 b1h.zemanta.com player.adtcdn.com
1 adsparc-d.openx.net player.adtcdn.com
1 bidder.criteo.com player.adtcdn.com
1 img.onesignal.com leveling-solo.org
1 player.avplayer.com tg1.aniview.com
1 tg1.aniview.com papayads.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com googletagmanager.com
1 a.exdynsrv.com leveling-solo.org
1 googletagmanager.com papayads.net
1 i.imgur.com leveling-solo.org
1 cdn.purpleads.io leveling-solo.org
1 code.jquery.com leveling-solo.org
130 62

This site contains links to these domains. Also see Links.

Domain
papayads.net
www.papayads.net
Subject Issuer Validity Valid
*.leveling-solo.org
E1		 2022-08-15 -
2022-11-13		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
*.purpleads.io
Amazon		 2021-12-01 -
2022-12-29		 a year crt.sh
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-03-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
exdynsrv.com
R3		 2022-08-01 -
2022-10-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
player.adtelligent.com
R3		 2022-09-18 -
2022-12-17		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-08-05 -
2022-11-03		 3 months crt.sh
outstreamedia.com
R3		 2022-07-17 -
2022-10-15		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.unibots.in
AlphaSSL CA - SHA256 - G2		 2021-09-02 -
2022-10-04		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
hb.minutemedia-prebid.com
Amazon		 2022-02-03 -
2023-03-04		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.iqzone.com
Go Daddy Secure Certificate Authority - G2		 2022-04-05 -
2023-05-07		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-24 -
2023-02-15		 6 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
psdn.xyz
E1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh

This page contains 14 frames:

Primary Page: https://leveling-solo.org/
Frame ID: E04F3034627F7D383CA0AC4282081B10
Requests: 105 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html
Frame ID: F7215613F27A89CB27825ED7E940D3E7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3190457468549923&output=html&adk=1812271804&adf=3025194257&lmt=1663539950&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fleveling-solo.org%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663577640939&bpp=4&bdt=814&idt=431&shv=r20220914&mjsv=m202209080102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6895207442616&frm=20&pv=2&ga_vid=899368643.1663577641&ga_sid=1663577641&ga_hid=1115854680&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069507%2C31069641%2C44771548&oid=2&pvsid=4346987188564336&tmod=331663697&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=447
Frame ID: F1ED5786156B3F420A4A4F07F61BCBB0
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61bb50b4ad11e83d79154566
Frame ID: DB1CB9511C2C9D47CCCF37F5AF4D8FC5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6BCD6A8C1E71A2903A5B572C0EC6F2BA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FB799634F2D72DA54E07CAE2F1086383
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1663577642376-945312066536-008218-004-008206%26biddername%3D1%26key%3D
Frame ID: E1E660F9109392226D309AD57CE04371
Requests: 2 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1663577642376-945312066536-008218-004-008206&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1663577642376-945312066536-008218-004-008206%26biddername%3D3%26key%3D%5BUSER_ID%5D
Frame ID: 0B8043E24994B793E3061ADE63FCAAB6
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: BC3EA8DAA6B3316EEE9BB475F772315B
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1663577642376-945312066536-008218-004-008206&biddername=200&key=OPTOUT
Frame ID: D8F81AEBA5DF099CD80F914C6D2F426F
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1663577642376-945312066536-008218-004-008206&biddername=56&pid=59c9148628a0612da3689288&key=2d970b6a-030b-4f84-aaf1-803dd2c05ffa
Frame ID: 25383F8B3C9A431ED078E562DEF5843C
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1663577642376-945312066536-008218-004-008206%26biddername%3D18%26key%3D%24UID
Frame ID: A820D79D66BA64504C1FD1112E8AFBD2
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato&display=swap
Frame ID: E92555BA23FB5A8B059D44725434228F
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=leveling-solo.org&gdpr=1&gdpr_consent=
Frame ID: 901A2EFEC77059E0E242CE8BA110D694
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Solo Leveling - Solo Leveling Manga Online

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

130
Requests

99 %
HTTPS

50 %
IPv6

42
Domains

62
Subdomains

58
IPs

6
Countries

2178 kB
Transfer

6239 kB
Size

19
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1663577642376-945312066536-008218-004-008206%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1663577642376-945312066536-008218-004-008206&biddername=200&key=OPTOUT
Request Chain 102
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1663577642376-945312066536-008218-004-008206%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%3D%7Bdevice_id%7D HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1663577642376-945312066536-008218-004-008206&biddername=56&pid=59c9148628a0612da3689288&key=2d970b6a-030b-4f84-aaf1-803dd2c05ffa
Request Chain 127
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fleveling-solo.org%2F&domain=leveling-solo.org&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=ta3jMXx1dmVRQW9wOHdXcmszdGdCbzJEVTRrQ1UvR1ZvSUtJSlY3QnF5NW1DTzU3QXFBVktFSi9aVjY0dXVBUDN2MnRWNHQwb2laUUM1emNEM1o5TmNpNFcvWGsreVl3SW96QUNVSlZEQWQ0YVpadlRuVHpRWjZLTGFJTGRtMjFZVEFIMHZuTFRqc3pPNFdIajA1QzRSNko4QnJ3Mi9lc2pJK3JaeCtEblZCZkdKWGg4aDNaZ2t2K29SKzVoR1Rla0R4WlhBcTZVR0t3ck1qdU96ZldXcW5rY0J0VDg3ZGl5N2RuWmNCQndBQis3TVJQWEFpcWxmUDRRU3RXWmlBbkRVMmFyfA&cppv=2

130 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
leveling-solo.org/ 		93 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://leveling-solo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:3c7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
018ede197a970c44238a85512316f4a6e02611d13ef0a55f65aa75853792f886

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74d1181a1f22839a-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 08:54:00 GMT
last-modified
Sun, 18 Sep 2022 22:25:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCdhNBBX4FiCdYGHr2ON6RhMFKTGDnwzFoByPqwbxxMdjkZZct%2FhW10WgTCHKx2dN3hLcllvmhypfLfpXs5RoC4faSrTlhY8VZuXTA4fi%2BIA571GMm%2BRa77ZQXn%2BPZfivcusp49t8DcIXBxLYVs6OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
jquery-1.11.3.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.3.min.js
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-176d5"
vary
Accept-Encoding
x-hw
1663577640.dop145.fr8.t,1663577640.cds106.fr8.hn,1663577640.cds127.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33261
style.min.css
leveling-solo.org/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://leveling-solo.org/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:3c7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2022 13:39:07 GMT
server
cloudflare
age
6584
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4PWme7vgGGNEuEahRWwPCh%2Bj%2B416owrzCzaCZsDO1rPRQWkqU4%2Fu71ckjvG4lu6WCwdFTeSqTKYq9I8YnOjAIQDrXG8XmpN1f4d1OFqmCTT74kK2gFKOsP2TIZ8rrF%2BupahC8WDxo5Uf025Q%2Fo3QIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d1181ae8a4839a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
frontend.css
leveling-solo.org/wp-content/plugins/wp-dark-mode/assets/css/ 		28 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://leveling-solo.org/wp-content/plugins/wp-dark-mode/assets/css/frontend.css
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:3c7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e880c8de639677c2ec0a2759d646fc8a6ff41245d648994176a8f1f22c0dcaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2022 13:39:36 GMT
server
cloudflare
age
6584
cf-polished
origSize=28543
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xnhh92eUIvca9sgIpQVnjeUv%2FgKsMCIQhFQ73vFUE7RccmwZby5Ra8pIM7ghHetonVRaXS7PNAcezbJmy9eDytNB%2Ffd%2BMf5Cl%2FECHA6ZI0RYouo0mYB%2F99hN%2BWYPg2cj2u1Q4Jak3fSqW2nMjA7new%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d1181ae8a6839a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
bootstrap.css
leveling-solo.org/wp-content/themes/Ifenzi/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://leveling-solo.org/wp-content/themes/Ifenzi/css/bootstrap.css
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:3c7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85651f9563a36aec7d188d222ec08b7fe8c90f982bd29fe69451f0494656f0ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Oct 2021 01:52:34 GMT
server
cloudflare
age
6583
cf-polished
origSize=124948
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEgJehNYHuE0cpvfz4syTkcoxOXopLMG4C5bVcGI92M4CiTsNRSbtcf%2BuUy5ephK0b8Y16EMRAkFvl45bt0xRVLimYV%2FpqjVLcAOjIyZZmR%2Bc37gNICkUqfsG3nVosRBl1p%2Fq3PEiiT%2BQi%2B1vLyhXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d1181ae8a8839a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
style.css
leveling-solo.org/wp-content/themes/Ifenzi/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://leveling-solo.org/wp-content/themes/Ifenzi/style.css
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:3c7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b177393bb52a27d045184e12b1bde8a164ebf8d12319003fe72cc36a2325f5fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 27 May 2022 16:49:16 GMT
server
cloudflare
age
6583
cf-polished
origSize=24746
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Opws5GkkipQpMYmRA9%2FcS4h%2Fz%2BwkALU%2Fi0ZQGifU9N6UFEUCdqYPe0DT%2BIV6iKkVTrNPcgd2YAy%2BPTe1ccycjhSnHQhwvscztE%2BfVULclxyXAHMXE%2Bt5dj9Wm9qvnBv5mhOXs6JpI8SNHVAdNcsh3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d1181ae8ab839a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
font-awesome.min.css
leveling-solo.org/wp-content/themes/Ifenzi/font-awesome/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://leveling-solo.org/wp-content/themes/Ifenzi/font-awesome/css/font-awesome.min.css
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:3c7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Oct 2021 01:52:34 GMT
server
cloudflare
age
6583
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4GeA60OhgCu8htFtgeIPU%2BEL7di1nt6LRsarPUrkzo3bJ8pZ2K8M%2F1YywD74lUjvmj7aFGipQ55evBuPhSHL7K2Ro%2Fgca8t1A8PJlWvRD4oT%2Bs%2B%2Bn5u5hjBGJA3be1ucmwHhMm36p4Hzq%2BHSBH1Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d1181af8db839a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7d9e1488be90235f9cec4b6690a0184ee3215fb123469bc141b82699abb6bbb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 08:54:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 19 Sep 2022 08:54:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Sep 2022 08:54:00 GMT
jquery.min.js
leveling-solo.org/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leveling-solo.org/wp-includes/js/jquery/jquery.min.js
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:3c7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Oct 2021 22:56:40 GMT
server
cloudflare
age
6582
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZB3f%2BuXP11B4Nb0SvloI5Qn7L6eQX4ikFbHg08L%2BHPl9kc1haPPpjDlUdviEuY%2FTCw%2Ffe6xXw6RHCqFNJqCm%2FXCmjm5TFDm4BWZwVA%2Bu03TlhJbq2bJZpnDKoxWizzC%2B%2BUNLXtzbYBUOCpaLAjCpQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d1181af8dc839a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
dark-mode.min.js
leveling-solo.org/wp-content/plugins/wp-dark-mode/assets/js/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leveling-solo.org/wp-content/plugins/wp-dark-mode/assets/js/dark-mode.min.js
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:3c7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d230fa6c14bf1f2df177f38c46f0d091f90ea57753e36e035616a381bd43a2db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2022 13:39:36 GMT
server
cloudflare
age
6582
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKvV9S7cza7LkMNRxwenPcnlPaE%2FFlElavmXCsOmZCGz92aU%2F%2BkHZ%2B3TapYHLUSrPD%2Bs%2FIz0IMi3HMUsoO5hNHQSdfrtQrvjkvlGLvmHJPBiZRkdAAeNHdsFQX5qmgxgSGuBy7STT%2FngMa6piRyokQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d1181b08dd839a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		168 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3190457468549923
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7249c86196aac381a70ce5bfe4297f1383f415d48313acbc07a41ffc151a10d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://leveling-solo.org/
Origin
https://leveling-solo.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58089
x-xss-protection
0
server
cafe
etag
12475472653944375204
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 08:54:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		168 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
213a305244789dd590315724f9f9e52efc52dda5478181e269c067ad5dadae4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58103
x-xss-protection
0
server
cafe
etag
13252592027583456606
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 08:54:00 GMT
adtags.js
papayads.net/self/clnt/1235-1674/ 		37 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://papayads.net/self/clnt/1235-1674/adtags.js
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
67572a59b9c0105089c1cac9f3f3aab047b6cd881a6913ea275d47c51379511d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2160
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Sep 2022 22:57:24 GMT
server
cloudflare
etag
W/"6324ff54-cc46"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XU7GyNpLa9hrVyJsx3XtHr66SV9xjF5BTaXqTRYdnEocevEXfN%2Bp%2FcD%2BpT6QfzSNrACx1oN0gv3rPMVVvQmU8sZHiyyrOxTBzmkJTP0SKWQgSsjgxg3kuDHhs1%2BTTxC7qhGlmR4hyvH9hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-polished
origSize=52294
cf-ray
74d1181b7890d608-MXP
cf-bgj
minify
load.js
cdn.purpleads.io/ 		33 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/load.js?publisherId=6e724f39e000cf94a64299000d3d1ece:29d6fc7c7ed8b4ada92f0c10ed16f27fc4c95037027776b4e8d47bf971673204157a5b6baf7c540c1d3059f1a4bd56be61a51a8d3ca0b30f6c48a129c114223c
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d2a3923f616efb37f239b81b44fd0891a06485f1a488935c2e5495745b41048

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 20:23:27 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 09:45:59 GMT
server
AmazonS3
age
45034
etag
"25a9d6f914d876952d266e0d44aa5efa"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
8255
x-amz-cf-id
fWr1nwhh52mH9ZjScrzNha_mknkI10wqZRmY4R-3KDC_g0LBy-Ampg==
7AGpaFG.jpg
i.imgur.com/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/7AGpaFG.jpg
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
0f43e7bd71c75ec1675d1389dcd863341114d08ccbaa529d3c39fe2e90bd39da
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
x-content-type-options
nosniff
age
2257268
x-cache
HIT, HIT
content-length
42832
x-served-by
cache-iad-kcgs7200156-IAD, cache-fra19175-FRA
last-modified
Wed, 05 May 2021 05:57:31 GMT
server
cat factory 1.0
x-timer
S1663577641.927232,VS0,VE2
etag
"6d088a69d3576a31c6ebd05af444b243"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
icons.css
leveling-solo.org/wp-content/plugins/shortcodes-ultimate/includes/css/ 		37 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://leveling-solo.org/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3c7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96eed42e394f5b00f1e02a12d1ce9557aae7cd751e4a9ae2b3e8fc392b1db945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 May 2022 01:42:14 GMT
server
cloudflare
age
6579
cf-polished
origSize=37491
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZleZSviZOk0CdqOx946VbDfypO7acelX%2BFeg7Y3G%2FBwov%2F7c2i22MAL0YasPC1PLwGEaQFu7IUEY5vghOqVjKf3eQ4h4domePHVh0YfXfnxjDiJoI32jkNJB7irh40%2BP6gRqje5QxROvZY3c6vlqVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d1181bb8823747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
shortcodes.css
leveling-solo.org/wp-content/plugins/shortcodes-ultimate/includes/css/ 		45 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://leveling-solo.org/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3c7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6f51cdaa2f03fe8b3d665c33fcfd8e4356dea2a13bb354efc709b8a9c7057ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 May 2022 01:42:14 GMT
server
cloudflare
age
396
cf-polished
origSize=45570
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejo0Sw9J%2FSTK%2Bwr48zHgSuICdHyJqgresC95hieSZtkdWqVorqgNGy%2BcXVO4VqiOPg9oUQneBqKnRHyCdiNoTsr3avpxdd3bFUztVzS4vRFBZxp8xLjLjULg53EHi%2B1hbn33y5JxHJnpjP6F9dQRzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d1181bf8ca3747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
underscore.min.js
leveling-solo.org/wp-includes/js/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leveling-solo.org/wp-includes/js/underscore.min.js
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3c7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0da4791b446818516f710c51707081aec7b23a7c5212fc0b2629c973210136a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2022 13:39:07 GMT
server
cloudflare
age
6578
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=llh%2FWh88vWo2lJ2mF5NNfJ%2Bxs3jPRn7zLpbZgsiNwKA7chSQlgLRzUZKUvjeRUWRUx1t4idjb5%2BkBKBgVeSIX%2FFXGpuWHJyZVei9S%2FR%2BDbdviWdvaEPB5w9IScaqsydxl171vrbYSGIhdjZQccX1MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d1181c391c3747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-util.min.js
leveling-solo.org/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leveling-solo.org/wp-includes/js/wp-util.min.js
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3c7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Oct 2021 22:56:40 GMT
server
cloudflare
age
6578
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOglwdTPb4P3XXHAUA7d7FLycumOsze2RBLcosCpGMNREFQvlsJCiiH%2FvS%2FVqJ%2FUFL75ALMeQ2LsqpSZnB0lZXSuShMoF%2Bl%2F6Bbr%2BSq3GpBDLDQQzOlA0qKTDonzoSMmeZpzUY7WB%2Bn5rEiiUWda2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d1181c697c3747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
frontend.min.js
leveling-solo.org/wp-content/plugins/wp-dark-mode/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leveling-solo.org/wp-content/plugins/wp-dark-mode/assets/js/frontend.min.js
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3c7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e5fb48cee849a51910344f29460662f8b5703dfa6102042122b47d081ca73d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2022 13:39:36 GMT
server
cloudflare
age
6577
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZL8PAHp7rDOtF2YAWkUzbUNyGCE6EQheQ3MiPHRBG67tf%2BsQ9SiWzQUQaZkMD7vupzqOQUxiJOBCAA8LDmzqhru4RQogOMwew8dvl9%2Bfqj0LXwG2t7boGRmLZCMrcWFUp7Jm%2BxAfw7AQaKNZazx32g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d1181ca9d23747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.js
leveling-solo.org/wp-content/themes/Ifenzi/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leveling-solo.org/wp-content/themes/Ifenzi/js/bootstrap.js
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3c7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
835f79262dd6633b91d8bbfeb62f78afa60dbd0a40072b402c1d3ed2a6d4a410

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Oct 2021 01:52:34 GMT
server
cloudflare
age
6577
cf-polished
origSize=36790
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q50hLEDg3rgRQ3FjTuKLiHgPMM1MWa59jbiMD5nuBn2Bvc8EmTK%2B%2FErckHOZZmieBwexpbe5QdCx1EJBb3mizn7IhwmKcYVEi7z746iT0bqERUoFS8S9b%2FiPksaENyKj7yIFdiCOMwFhKXTlBTkh0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d1181cea2e3747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
skip-link-focus-fix.js
leveling-solo.org/wp-content/themes/Ifenzi/js/ 		588 B
780 B 		Script
General
Check archive.org
Download Go to
Full URL
https://leveling-solo.org/wp-content/themes/Ifenzi/js/skip-link-focus-fix.js
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3c7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2ff39ccfc80daf66110e4b104956bc70911dec5c51764de1c19422439a34ba5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Oct 2021 01:52:34 GMT
server
cloudflare
age
6577
cf-polished
origSize=751
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9mGwFK%2Fw%2BBgc6lbDsGdHcihmSCHnkZ7%2ByLEajndeO8QyrHgEWs2%2BvBc3i%2BXIUHoQPyTWSgwnh3FpxV9CdARO34TNdCKVvbxDjMJNtCU43cZq2ppmvTDjqNnM9WKK%2FpMfLbkMioPseC9L%2BtmtnajkTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d1181d1a7e3747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
lighthouse.js
leveling-solo.org/wp-content/themes/Ifenzi/js/ 		1010 B
848 B 		Script
General
Check archive.org
Download Go to
Full URL
https://leveling-solo.org/wp-content/themes/Ifenzi/js/lighthouse.js
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3c7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
110c7932b78e1f27d049f7a3718b9099a8aba3fba09a65e7e22d771661c58022

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Oct 2021 01:52:34 GMT
server
cloudflare
age
6577
cf-polished
origSize=1100
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QD6OXeNJ%2Fw%2BeWh96I3t8SVJ%2BkVrwW9bkJbI2epXRGF6vA9dOb9I7cdyk1u42p4fo3I%2BH3lrgRkZEVn%2FR2gLMvhsEMfmotIkdInzBzDMP765FXgOBVeXxJHVUGeUUFTBWezoUCQRCEr6ZuT0OE%2FcTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d1181d5ad63747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d118201c9c0215-ZRH
date
Mon, 19 Sep 2022 08:54:00 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
845
etag
W/"ae63ef8ff03da61fffaa7f165729897a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 22 Sep 2022 08:54:00 GMT
index.js
leveling-solo.org/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leveling-solo.org/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/index.js
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3c7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c40f49abe2eeaddfd8fa4a7decc93bb66f7066c4b6c0f115e7d97a6989424532

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 May 2022 01:42:14 GMT
server
cloudflare
age
6576
cf-polished
origSize=12195
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPG%2BjtYigmbf394q9V2%2FFffRkcMtAhHPmyj82%2FrNiQaXs%2FZeQaH%2FHF3GjG2VQneASmsYpUI%2FHUFrbIK8QF309MOTWthu1sBoWElNPD9riAt1K4jgUYv6gwiTGA3uBnqCmwME6PLwblFXsEmR65Ke%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d1181d8b243747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
lazyload.min.js
leveling-solo.org/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leveling-solo.org/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3c7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 06 Oct 2021 01:52:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgVSpZiyW9fN3YJYuegwGiZ2Dw4iNJYo6mdUYUAZIbIR%2FTGfLFoFlRBsEfx8IHQ8c9RZ7Rxsf55G2kxMg%2ByxKQ2k3wTPtDa8c9Tsz%2BeNZCJPCGwWtP7sihFz8oqG%2FKwvP0Y0xiP%2BY%2F4d%2FAvwq0raSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d1181fbe2f3747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
api.purpleads.io/x/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/?ts=1663577640905
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.163.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-163-248.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://leveling-solo.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://leveling-solo.org
date
Mon, 19 Sep 2022 08:54:01 GMT
x-request-id
c6cf3d77-8fe7-446c-997f-8903b19a815a
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5882
date
Mon, 19 Sep 2022 07:15:58 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 19 Sep 2022 09:15:58 GMT
adtags.css
papayads.net/self/common/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://papayads.net/self/common/adtags.css
Requested by
Host: papayads.net
URL: https://papayads.net/self/clnt/1235-1674/adtags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
f1a4624721d62d9259a823a3e14a464dc5be32a58327dcedc68e2e15e4a66360
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5550
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 01 Sep 2022 09:03:54 GMT
server
cloudflare
etag
W/"6310757a-a00"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9q4npR5L1vu3NpHit7hrH%2Bn8pHIICnLVKdWZKPi4%2F1PfjKK4JtMqHSclenN9v1u8zg%2BZ05nVk4JiZnRe3kMilaXOAEkXP6y%2FQkPl2SgHd%2BgAfwPb65mE1yXhEWix5JN6%2FJ6xM1EABLBnGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=691200
cf-polished
origSize=2560
cf-ray
74d1181fedf8374e-MXP
cf-bgj
minify
hb_313926_16406.js
player.adtcdn.com/prebidlink/462104/ 		362 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/462104/hb_313926_16406.js
Requested by
Host: papayads.net
URL: https://papayads.net/self/clnt/1235-1674/adtags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bd16027fd572fe9567228ebc95b323a8a37eb3249c57a271bc968d859e1c897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 19 Sep 2022 07:27:48 GMT
server
cloudflare
age
395
etag
W/"632819f4-5a868"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yoSa6v%2F5%2BQsGtxZyU52g%2FQNLYZbcFyiBoYwQ7HbM%2FDejBuXKF0AboVWVG8FHgbzyHJPp0kvMu%2BcvYgl6ms4csUZgLF4IfznjilRNIHgTO2AwuaD4vF7WQLu05BwxuqVGPld%2FD1LkwObY8mgbz5Wizw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d118202ed7bb13-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 19 Sep 2022 09:02:25 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: papayads.net
URL: https://papayads.net/self/clnt/1235-1674/adtags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a591a418c058b4516b83097ab3d4b1e839e25daca61659022cc96a693953b2ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27742
x-xss-protection
0
server
sffe
etag
"1338 / 679 of 1000 / last-modified: 1663366203"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 19 Sep 2022 08:54:00 GMT
wrapper_hb_313926_16406.js
player.adtcdn.com/prebidlink/462104/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/462104/wrapper_hb_313926_16406.js
Requested by
Host: papayads.net
URL: https://papayads.net/self/clnt/1235-1674/adtags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee0a41babb6883a6b4bd5d9f2b307d719540a68891fc003ae3b519c77c19e016

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 19 Sep 2022 07:27:48 GMT
server
cloudflare
age
395
etag
W/"632819f4-6e5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2F9K7ITggvmWaLAD9ekBVopcBMfxVwOSATkkHkwM3FSLhDqzANLeWZEzywlTdTaAiSHibFEyXSTHLME2nplnF7kCQ1FCBQUAlUj1kEH2n4cjnHDFGGTEMbS2EApS6t%2BopOf2ewQIEzDecbAWf4%2B58w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d118202edabb13-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 19 Sep 2022 09:02:25 GMT
js
googletagmanager.com/gtag/ 		210 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googletagmanager.com/gtag/js?id=G-45SYS0EFS8
Requested by
Host: papayads.net
URL: https://papayads.net/self/clnt/1235-1674/adtags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b09cf1a598216378f27f09d5346aa88666ca401542407eb492a4d4099b3849ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75187
x-xss-protection
0
expires
Mon, 19 Sep 2022 08:54:00 GMT
/
api.purpleads.io/x/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/?ts=1663577640905
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=6e724f39e000cf94a64299000d3d1ece:29d6fc7c7ed8b4ada92f0c10ed16f27fc4c95037027776b4e8d47bf971673204157a5b6baf7c540c1d3059f1a4bd56be61a51a8d3ca0b30f6c48a129c114223c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.163.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-163-248.compute-1.amazonaws.com
Software
/
Resource Hash
0a90b6e374f6b86c902a714740075a147d72c8f0b2faa746f309898c5c07f9d0

Request headers

accept-language
de-DE,de;q=0.9
Authorization
Bearer 6e724f39e000cf94a64299000d3d1ece:29d6fc7c7ed8b4ada92f0c10ed16f27fc4c95037027776b4e8d47bf971673204157a5b6baf7c540c1d3059f1a4bd56be61a51a8d3ca0b30f6c48a129c114223c
x-request-url
aHR0cHM6Ly9sZXZlbGluZy1zb2xvLm9yZy8=
Accept
application/json
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json
x-purpleads-version
1.0.1

Response headers

date
Mon, 19 Sep 2022 08:54:01 GMT
content-encoding
gzip
etag
W/"d90-yO1DemUrUZrgZMj/vdN9gKaRoCk"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://leveling-solo.org
access-control-allow-credentials
true
x-request-id
da36df85-06f9-436a-b744-300ac808d1dd
popunder1000.js
a.exdynsrv.com/ 		93 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.exdynsrv.com/popunder1000.js
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
32164f1fc7b3a532d0f450ba7ea2f34d2a50e84b64e156963b4a3e0a78d1544d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 08:54:00 GMT
Content-Encoding
gzip
Server
nginx
etag
W/"3ad893acf0f115f3a9b29e6fafa"
X-HW
1663577640.dop127.fr8.t,1663577640.cds207.fr8.shn,1663577640.dop127.fr8.t,1663577640.cds103.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
39971
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://leveling-solo.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 17:08:09 GMT
x-content-type-options
nosniff
age
488751
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 17:08:09 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://leveling-solo.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 17:08:09 GMT
x-content-type-options
nosniff
age
488751
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 17:08:09 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://leveling-solo.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 16:24:40 GMT
x-content-type-options
nosniff
age
491360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 16:24:40 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080102/ 		346 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3190457468549923&plah=leveling-solo.org&bust=31069641
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3190457468549923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9271afc725a2dfd9d4c4c83206d4e2fe4e63a27dde2c7a7853fbf1cdad3a646
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124831
x-xss-protection
0
server
cafe
etag
4129684494708628098
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 08:54:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/ Frame F721 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3190457468549923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://leveling-solo.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51343
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 18:38:18 GMT
etag
9671129459699598864
expires
Sun, 02 Oct 2022 18:38:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://leveling-solo.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:39:58 GMT
x-content-type-options
nosniff
age
393242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12580
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:19:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 19:39:58 GMT
fontawesome-webfont.woff2
leveling-solo.org/wp-content/themes/Ifenzi/font-awesome/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://leveling-solo.org/wp-content/themes/Ifenzi/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/wp-content/themes/Ifenzi/font-awesome/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3c7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer
https://leveling-solo.org/wp-content/themes/Ifenzi/font-awesome/css/font-awesome.min.css
Origin
https://leveling-solo.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:01 GMT
cf-cache-status
HIT
last-modified
Wed, 06 Oct 2021 01:52:34 GMT
server
cloudflare
age
2160
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCyrfibHZC9kaOT03A8ljagLdpU3q%2BOQfovFMCl7lOWM4LuH5SF54FJgPY%2FI%2Bc1HSMt%2B3vgjv9cwEPeZC7zpkJy4A6N8w81i5lMYir9FkDFWlrMj0amGaj0BzbU2%2FcrpUpmFJUsHnawcWxrwdURSfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74d11820efdf3747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
56780
forkawesome-webfont.woff2
leveling-solo.org/wp-content/plugins/shortcodes-ultimate/vendor/fork-awesome/fonts/ 		107 KB
108 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://leveling-solo.org/wp-content/plugins/shortcodes-ultimate/vendor/fork-awesome/fonts/forkawesome-webfont.woff2?v=1.2.0
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3c7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8810ba3440bf482ced33d2f74b7803bba711f689d8e4caa7da5c6ae6844a1b49

Request headers

Referer
https://leveling-solo.org/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Origin
https://leveling-solo.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:01 GMT
cf-cache-status
HIT
last-modified
Fri, 13 May 2022 01:42:14 GMT
server
cloudflare
age
2160
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IUzChut6EWdOnM9xmE3sNsYjVVKtWgR%2FW2D9UUdkU%2BOdUhx1WKFX4fIeUAt8gmHZcxrUZ90F6nWWpyIaQyr%2FbhyYcK%2FR1DquM2D1uTaP2UkNOPzOtxkWdzfdwL630Qug5FBcm5ToepJTNbtYAqWsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74d11820efe13747-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
109916
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1115854680&t=pageview&_s=1&dl=https%3A%2F%2Fleveling-solo.org%2F&ul=en-us&de=UTF-8&dt=Solo%20Leveling%20-%20Solo%20Leveling%20Manga%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=841184094&gjid=350355144&cid=899368643.1663577641&tid=UA-226385220-5&_gid=1535070865.1663577641&_r=1&_slc=1&z=1915692167
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://leveling-solo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 08:54:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://leveling-solo.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
hbw_master_313926_16406.js
player.adtelligent.com/prebidlink/x462104/ 		155 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/x462104/hbw_master_313926_16406.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462104/wrapper_hb_313926_16406.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
5962e9ba25d962ce6de397a01f514c4c9b412922f335e5da5130606ae708a1dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:01 GMT
content-encoding
gzip
last-modified
Mon, 19 Sep 2022 07:27:48 GMT
server
nginx
etag
W/"632819f4-26aa0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 21 Sep 2022 08:54:01 GMT
cache-control
max-age=172800
x-proxy-cache
HIT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d11822288801eb-ZRH
date
Mon, 19 Sep 2022 08:54:01 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
843
etag
W/"2f96824aee4bf927e734cc519e3e726d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 22 Sep 2022 08:54:01 GMT
pubads_impl_2022091401.js
securepubads.g.doubleclick.net/gpt/ 		376 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f7bdb9c79c5498f8a5ed7229bf62d3ab6d11dca4698bfdd0f6249f624da13c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 11:27:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
336372
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131297
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 08:37:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Sep 2023 11:27:49 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		392 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=leveling-solo.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7392b909d494f62eb0e164cefc1ce2abba2e58b238eb4e214468a39c58e85557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 08:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
169
x-xss-protection
0
expires
Mon, 19 Sep 2022 08:54:01 GMT
collect
region1.google-analytics.com/g/ 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-45SYS0EFS8&gtm=2oe9e0&_p=1115854680&cid=899368643.1663577641&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663577641&sct=1&seg=0&dl=https%3A%2F%2Fleveling-solo.org%2F&dt=Solo%20Leveling%20-%20Solo%20Leveling%20Manga%20Online&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: googletagmanager.com
URL: https://googletagmanager.com/gtag/js?id=G-45SYS0EFS8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 08:54:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://leveling-solo.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		221 B
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=leveling-solo.org&callback=_gfp_s_&client=ca-pub-3190457468549923
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3190457468549923&plah=leveling-solo.org&bust=31069641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
574fb0e5941ad51fa8dae5c59d1ddb98c8cf784fd8800b490786dfcf5e7406c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=leveling-solo.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3190457468549923&plah=leveling-solo.org&bust=31069641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 08:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=leveling-solo.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3190457468549923&plah=leveling-solo.org&bust=31069641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 08:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fleveling-solo.org%2F&tn=NAV&cls=navbar%20lh-nav-bg-transform%20navbar-default%20navbar-fixed-top%20navbar-left&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 08:54:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F1ED 		194 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3190457468549923&output=html&adk=1812271804&adf=3025194257&lmt=1663539950&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fleveling-solo.org%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663577640939&bpp=4&bdt=814&idt=431&shv=r20220914&mjsv=m202209080102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6895207442616&frm=20&pv=2&ga_vid=899368643.1663577641&ga_sid=1663577641&ga_hid=1115854680&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069507%2C31069641%2C44771548&oid=2&pvsid=4346987188564336&tmod=331663697&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=447
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3190457468549923&plah=leveling-solo.org&bust=31069641
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
263e77aebeeae60b347bec7bf882a7fd68d4bc719eb030db2c7b8e8167b35706
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://leveling-solo.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
51148
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 08:54:01 GMT
expires
Mon, 19 Sep 2022 08:54:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
web
onesignal.com/api/v1/sync/09e49aac-ba07-4908-bf5d-5eefc9e44275/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/09e49aac-ba07-4908-bf5d-5eefc9e44275/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f20cf9ea39f3e98de997c6ab2e8f249042d481bcb0dc6c56ba9ea41439ea0fa7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:01 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
3399
cf-polished
origSize=3386
status
200 OK
x-envoy-upstream-service-time
33
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
705e0c3d-6fbe-4bd1-a1ae-86886253d3a5
x-runtime
0.031668
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"44962015f27d0e2a5700e232ce8df422"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
74d11822ea000215-ZRH
access-control-allow-headers
SDK-Version
expires
Mon, 19 Sep 2022 09:54:01 GMT
spt
tg1.aniview.com/api/adserver/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.aniview.com/api/adserver/spt?AV_TAGID=62458616d0561a27b0165c14&AV_PUBLISHERID=61bb50b4ad11e83d79154566
Requested by
Host: papayads.net
URL: https://papayads.net/self/clnt/1235-1674/adtags.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3d14dc44b89f17cf0c062ee7fb670c59f4bbd241875bd7a51f914924c951be5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 08:54:01 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length
5843
Expires
Mon, 19 Sep 2022 08:59:01 GMT
/
ghb.adtelligent.com/geo/ 		168 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x462104/hbw_master_313926_16406.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2f901fd99add45c61fad98a41a0f1d49436269acc25c4e85bd01a36492997af7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 08:54:00 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://leveling-solo.org
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
168
tracking
ghb.adtelligent.com/adunit/ 		43 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=313926&site_id=16406&pbjsv=v6.25.1-c&full_page_url=https%3A%2F%2Fleveling-solo.org%2F&adid=8j6bb4.mz&features=81952&vpbv=N084&lifecycle_tte=1472
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x462104/hbw_master_313926_16406.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 08:54:00 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://leveling-solo.org
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
config.json
player.adtelligent.com/exchange_rates/313925/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/313925/config.json?cb=https%3A%2F%2Fleveling-solo.org%2F
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462104/hb_313926_16406.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
2b636bd764196304a9b2ca3eedfd78c56aa6fa080edc0fe26cd33f81ae2e7dfa

Request headers

Referer
https://leveling-solo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 08:54:01 GMT
content-encoding
gzip
last-modified
Sat, 17 Sep 2022 12:01:09 GMT
server
nginx
etag
W/"6325b705-1983"
content-type
application/json
access-control-allow-origin
https://leveling-solo.org
expires
Wed, 21 Sep 2022 08:54:01 GMT
cache-control
max-age=172800
x-proxy-cache
HIT
22377623070
fundingchoicesmessages.google.com/i/ 		104 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/22377623070?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
843a6a827748d4e7325d0ad2e8127517f3415fcb8cf925d9e148c6506f6df060
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-DVPwM5AYq7gWPMkznUh8rA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-DVPwM5AYq7gWPMkznUh8rA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Mon, 19 Sep 2022 08:54:01 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d118235ad501eb-ZRH
date
Mon, 19 Sep 2022 08:54:01 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
830
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 19 Oct 2022 08:54:01 GMT
avcplayer.js
player.avplayer.com/script/2/v/ 		251 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/v/avcplayer.js
Requested by
Host: tg1.aniview.com
URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=62458616d0561a27b0165c14&AV_PUBLISHERID=61bb50b4ad11e83d79154566
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:6822 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:01 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduGB2AlLYWO9z1o9MZw3py8-TiNXy0xSw8Y-H7jVVYgkTfXYOmbJIkYFFscMkPtM6TY0pxalGwhD7xlrfFFZLZYF7lWag
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
61326
last-modified
Thu, 03 Mar 2022 17:18:44 GMT
server
UploadServer
etag
"9dff0335699f04080269947f40c366ae"
vary
Accept-Encoding
x-goog-hash
crc32c=DITkQg==
content-language
en
x-goog-generation
1646327924579580
cache-control
public, max-age=300
x-goog-stored-content-length
61326
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 19 Sep 2022 08:59:01 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=61bb50b4ad11e83d79154566&cid=623bcb733a9409464f354a57&cb=1663577641504&r=leveling-solo.org&stagid=62458616d0561a27b0165c14&stplid=61bb5afd4990cb1eab7afba4&d35=&d65=&e=playerLoaded
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.7.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-7-68.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:01 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
icon
onesignal.com/api/v1/apps/09e49aac-ba07-4908-bf5d-5eefc9e44275/ 		184 B
600 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/09e49aac-ba07-4908-bf5d-5eefc9e44275/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5f36dae0c790ab82b9492cdb04d7a673a781da7f09fdf94b51fb37fcaecee31
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:01 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-permitted-cross-domain-policies
none
status
200 OK
x-envoy-upstream-service-time
8
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
0ad09ce7-095b-44ae-b14b-16492a23f29b
x-runtime
0.006340
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"c5f36dae0c790ab82b9492cdb04d7a67"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=0, private, must-revalidate
cf-ray
74d11823eead01f0-ZRH
access-control-allow-headers
SDK-Version
AGSKWxXOQj0-axiKMcuLDhr_TOpegxwnTyHOm_xx_bDn0XRS_EkOUIkFUP7f2SsSLPp9PwkE7aknScaKTlVdsF3DGrA=
fundingchoicesmessages.google.com/f/ 		301 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXOQj0-axiKMcuLDhr_TOpegxwnTyHOm_xx_bDn0XRS_EkOUIkFUP7f2SsSLPp9PwkE7aknScaKTlVdsF3DGrA=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYzNTc3NjQxLDYwMDAwMDAwMF0sIkU3NzZCRUY0LTU4NkItNDdDQi04QTY0LTRFMjFGNTgxNEQxNiIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vbGV2ZWxpbmctc29sby5vcmcvIixudWxsLFtbOCwiMHoyWFRqQjBQZWciXSxbOSwiZGUiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.0z2XTjB0Peg.es5.O/d=1/rs=AJlcJMyGYWSPjJCw1g4RviwKj0ODS1kX6Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9b95753dd80d16fd2ef23b8bc068cfa4a826a20193ea9f82b667ebe0a9f1b109
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-a6GRq_xlzWYrL0pSLLu3cA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-a6GRq_xlzWYrL0pSLLu3cA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
date
Mon, 19 Sep 2022 08:54:01 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080102/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080102/reactive_library_fy2021.js?bust=31069641
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3190457468549923&plah=leveling-solo.org&bust=31069641
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f8c7ba0425ca532c53ccf58aee3cb07ff13e70ee98c58cad9406687a37c5b97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54580
x-xss-protection
0
server
cafe
etag
8087532802734268293
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 08:54:01 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame DB1C 		390 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61bb50b4ad11e83d79154566
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
cba86461b1f20796f7057d81076f6fa501de3f975a23270c007c1687a0b721d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:01 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsD50L2MsoKxw-8AFM7cCmIVJrqWvwGCCeffvoiFUwH5tKTHEY8RzHsUF8M920gAzHfXPQLPPdlfDS5eyYKfFdNVQ5ynVny
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
112390
last-modified
Sun, 18 Sep 2022 06:56:49 GMT
server
UploadServer
etag
"e9509ada961c02abd260ef9f802c8530"
vary
Accept-Encoding
x-goog-hash
crc32c=VY++/w==, md5=6VCa2pYcAqvSYO+fgCyFMA==
x-goog-generation
1663484209831593
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
112390
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 19 Sep 2022 08:59:01 GMT
538a7013-8dc7-4ed4-a79a-797bf8f68325
img.onesignal.com/permanent/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/538a7013-8dc7-4ed4-a79a-797bf8f68325
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52ad5428e7abb3f537b800c9933de11285ad02e062f53ba8d08f9272244bcc6c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:01 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
3350
x-amz-meta-cache-control
public, maxage=604800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16114
x-amz-id-2
rDe485Fr1pPiJ7J7JPbZdEbfhUU2UsG4Heb3elG4Y7ApWxYJjjSPBU6ebIpu58cXc6+PbnB7apU=
last-modified
Sun, 22 May 2022 18:05:22 GMT
server
cloudflare
etag
"4c7024a9acf828408a86af9bf3df28a3"
strict-transport-security
max-age=15552000; includeSubDomains
x-amz-request-id
EA52FXC98ACXVWEV
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
74d118253ec50215-ZRH
expires
Thu, 20 Oct 2022 08:54:01 GMT
css
fonts.googleapis.com/ 		60 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.0z2XTjB0Peg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyGYWSPjJCw1g4RviwKj0ODS1kX6Q/m=web_iab_tcf_v2_wall_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c1a81488296b841fda61a06523b215eed80046e5ab85fb894fc51d9528048160
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 08:54:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 19 Sep 2022 08:54:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Sep 2022 08:54:01 GMT
AGSKWxVBjdKbMh9hLAbxeVyYnNX2iM4DHSzAaZqOv9WIgmAM4xFB0o4aUJYyMfRuq4GMOKU0gxyBxMRahkJyc8Ia6ep_s24rVsLCcnPnY-upv5nTOMXV5ZRvpGuibOkP8ot7TtUguLAehw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVBjdKbMh9hLAbxeVyYnNX2iM4DHSzAaZqOv9WIgmAM4xFB0o4aUJYyMfRuq4GMOKU0gxyBxMRahkJyc8Ia6ep_s24rVsLCcnPnY-upv5nTOMXV5ZRvpGuibOkP8ot7TtUguLAehw==?dmid=d0ec1046fe2c60ec
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.0z2XTjB0Peg.es5.O/d=1/rs=AJlcJMyGYWSPjJCw1g4RviwKj0ODS1kX6Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-obH7kmJAY00u-SLB0nyMFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://leveling-solo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 08:54:01 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://leveling-solo.org
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-obH7kmJAY00u-SLB0nyMFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 		125 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://leveling-solo.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 20:32:16 GMT
x-content-type-options
nosniff
age
303705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128352
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 00:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 20:32:16 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://leveling-solo.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 08:01:51 GMT
x-content-type-options
nosniff
age
348730
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 08:01:51 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://leveling-solo.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 18:50:34 GMT
x-content-type-options
nosniff
age
569007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 18:50:34 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=leveling-solo.org&sn=&ic=0&tgt=0&app=&wi=256&he=145&test=&d36=6.2.55&apppkg=&fv=1&proto=https&clsid=816bcc06-f700-4538-839c-6f386f9108a6&rando=28&pid=61bb50b4ad11e83d79154566&cid=623bcb733a9409464f354a57&stagid=62458616d0561a27b0165c14&stplid=61bb5afd4990cb1eab7afba4&e=inventory&vi=0&cb=1663577641957
Requested by
Host: leveling-solo.org
URL: https://leveling-solo.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.7.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-7-68.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:02 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
localstore.js
script.4dex.io/ 		483 B
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462104/hb_313926_16406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
838354
x-amz-request-id
txaf6e2c1c2f9f41df87375-00631b6357
x-amz-id-2
txaf6e2c1c2f9f41df87375-00631b6357
last-modified
Fri, 09 Sep 2022 16:00:45 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gLwoRfxGSzHhZrslfgN%2BK0zMmQgwiXbtrIRBK%2FqO5glxuUOZJsxdIuO58Wx0NkmIB54o8I3WYOElSjeX71WFWq5lSN6CzLBT1KT1Et1YXPKoYRY4%2BQ7suL6zJS1oJH3h6Txfrh5LT%2FFvIrkW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1662739245697142
cf-ray
74d118275bb7baa6-MXP
cdb
bidder.criteo.com/ 		18 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=4345708716
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462104/hb_313926_16406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://leveling-solo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 08:54:01 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://leveling-solo.org
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
arj
adsparc-d.openx.net/w/1.0/ 		172 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsparc-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fleveling-solo.org%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ee62bff9-ad6a-47b0-a184-87f4e1610fe8%2Cd5586b1e-7be3-4a80-acbf-5cdb1c45153c%2C68dde571-338a-46f9-ae9b-454f952f3e28&nocache=1663577641974&gdpr=0&pubcid=d4ec4d44-3c96-4a4a-ad16-ae491fc71747&schain=1.0%2C1!papayads.net%2C313926%2C1%2C%2C%2C&aus=300x600%2C160x600%2C120x600%2C300x250%7C300x600%2C160x600%2C120x600%2C300x250%7C970x90%2C728x90&divids=div-gpt-ad-1619369614006-0%2Cdiv-gpt-ad-1619369967951-0%2Cdiv-gpt-ad-1619370165823-0&aucs=%252F22791345099%252F1235-1674_PapayAds_Skyscraper_1%2523div-gpt-ad-1619369614006-0%2C%252F22791345099%252F1235-1674_PapayAds_Skyscraper_2%2523div-gpt-ad-1619369967951-0%2C%252F22791345099%252F1235-1674_PapayAds_StickyFooter_0%2523div-gpt-ad-1619370165823-0
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462104/hb_313926_16406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
d8a91411990e5c71c8b5d3fe717688f19c047b1db685eba3756d92f058c9bb50

Request headers

Referer
https://leveling-solo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 08:54:02 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://leveling-solo.org
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
b1h.zemanta.com/api/bidder/prebid/bid/ 		0
123 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462104/hb_313926_16406.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.31 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://leveling-solo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://leveling-solo.org
Access-Control-Allow-Credentials
true
prebid
ib.adnxs.com/ut/v3/ 		379 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462104/hb_313926_16406.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
bf63416a7211dddf1b4e8f36127af239187f68c897662c9919864defb0d36efa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://leveling-solo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 08:54:02 GMT
X-Proxy-Origin
217.64.151.5; 217.64.151.5; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f703ab58-47d3-4ac2-9f81-03dc03bbc6ca
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://leveling-solo.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
379
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
cpm.unibots.in/ 		0
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.unibots.in/hb?zone=154227&v=1.6
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462104/hb_313926_16406.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://leveling-solo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 08:54:02 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://leveling-solo.org
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
0
c
prebid.a-mo.net/a/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462104/hb_313926_16406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://leveling-solo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://leveling-solo.org
date
Mon, 19 Sep 2022 08:54:01 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
53
vary
origin, Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462104/hb_313926_16406.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://leveling-solo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://leveling-solo.org
date
Mon, 19 Sep 2022 08:54:02 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
hb-mm-multi
hb.minutemedia-prebid.com/ 		78 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462104/hb_313926_16406.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.243.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-243-153.compute-1.amazonaws.com
Software
/
Resource Hash
ee5aaba83694971668782620a778e18a5156775e959233fe9b60d44bbf6fc070

Request headers

Referer
https://leveling-solo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 08:54:02 GMT
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://leveling-solo.org
x-reason
maxmind hosting provider
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
78
c
prebid.a-mo.net/a/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462104/hb_313926_16406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://leveling-solo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://leveling-solo.org
date
Mon, 19 Sep 2022 08:54:01 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
51
vary
origin, Accept-Encoding
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		536 B
887 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fleveling-solo.org%2F&CanonicalUrl=https%3A%2F%2Fleveling-solo.org%2F&PublisherDomain=https%3A%2F%2Fleveling-solo.org
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462104/hb_313926_16406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
42248f3ae92834623c31a681835a0caf0a612eedb2e041f8e7b1a4fd88208478
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://leveling-solo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 08:54:01 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://leveling-solo.org
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
24
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
536
expires
0
pbjs
useast.quantumdex.io/auction/ 		0
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462104/hb_313926_16406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://leveling-solo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://leveling-solo.org
date
Mon, 19 Sep 2022 08:54:02 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74d118275ca501f0-ZRH
access-control-allow-methods
POST, GET
prebid
mp.4dex.io/ 		114 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462104/hb_313926_16406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bc6da3ea0b88d4f8ba0060dc13fc24b9290a0e3f80a87c38f67b4961f579e38

Request headers

Referer
https://leveling-solo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
74d118275c9f01f0-ZRH
pragma
no-cache
date
Mon, 19 Sep 2022 08:54:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://leveling-solo.org
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
x-err
Shapings: no adunits with size and seat and mapping
pbjs
smartssp-us-east.iqzone.com/ 		2 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smartssp-us-east.iqzone.com/pbjs
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462104/hb_313926_16406.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.2.111.104 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://leveling-solo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://leveling-solo.org
Date
Mon, 19 Sep 2022 08:54:02 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
prebid
ib.adnxs.com/ut/v3/ 		379 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462104/hb_313926_16406.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
04c0b64e3f6c73a55d2af4260380ec489263df92dfdc2eb4d34e0f876f3d30f7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://leveling-solo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 08:54:02 GMT
X-Proxy-Origin
217.64.151.5; 217.64.151.5; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5334c8d9-d9fd-446f-bfa5-fdff413f5275
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://leveling-solo.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
379
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adreq
ads.servenobid.com/ 		591 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=5997
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462104/hb_313926_16406.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.62.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-62-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
70e4799e08f552c25c8f2ef999ed9f20331d76fb9c5d9780d2f46c295da9fa19

Request headers

Referer
https://leveling-solo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 08:54:02 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://leveling-solo.org
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
876 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU9S042X
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462104/hb_313926_16406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
34dd67d447e35ae9dd5791af2bfe0181bd1b84f43558a50c476f950cb802abb4

Request headers

Referer
https://leveling-solo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 08:54:02 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://leveling-solo.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
go1.aniview.com/api/adserver/tag/ 		22 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fleveling-solo.org%2F&AV_PUBLISHERID=61bb50b4ad11e83d79154566&AV_CHANNELID=623bcb733a9409464f354a57&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=leveling-solo.org&AV_DADPOS=1&AV_TAG=62458616d0561a27b0165c14&AV_TEMPLATE=61bb5afd4990cb1eab7afba4&d36=6.2.55&responsive=1&sver=2&avtoken=641956&omv=1.0.1&clsid=816bcc06-f700-4538-839c-6f386f9108a6&rando=28&AV_WIDTH=256&AV_HEIGHT=145&AV_DNT=0&cb=1663577642018&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61bb50b4ad11e83d79154566
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.157.211.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-211-237.compute-1.amazonaws.com
Software
/
Resource Hash
dedcdeeadca614d6c01dc14993d84f9b9cb3b7b096a3e6c396bf2406888a6dcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:02 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://leveling-solo.org
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 07 Sep 2022 19:07:22 GMT
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65910d9ad85211ab3195d9d6947901ca337e779f404344bc7209b5809d70e18c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
838109
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txdf4281b560894a01aaa1b-00631b6358
x-amz-id-2
txdf4281b560894a01aaa1b-00631b6358
last-modified
Fri, 09 Sep 2022 16:00:45 GMT
server
cloudflare
etag
W/"831813ee9b2fc0d248741417a0e3b488"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9hFI6pvFJpSfZlezGQ5hQ2eT97MvCg6LP80G7cJZbN1sQ0amhEBy9xT2F6zBRtcqHqXUhPrQqrNs8QtmV5j0SgL5xNYh3upDkDp2bNrsbv1L99k5q4GaD8H09RcOp39Aze%2Fyd2U3szV2Lc7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1662739245061580
cf-ray
74d11827ecd3375c-MXP
access-control-allow-headers
Authorization
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3190457468549923&plah=leveling-solo.org&bust=31069641
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77d6cc8c1e69ad02ebfea03cc7b9fe8143e7df89d415e9e53b3a83fb2c069405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 08:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11067
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3190457468549923&plah=leveling-solo.org&bust=31069641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 08:54:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6BCD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://leveling-solo.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
46
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 08:53:16 GMT
expires
Tue, 19 Sep 2023 08:53:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FB79 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0f48027138a0d56f083d37235b1b9f7b58a3c82935fc9283a575013c7a568bdb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kz7fdrTwG41F73xyuljHzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://leveling-solo.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-kz7fdrTwG41F73xyuljHzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 08:54:02 GMT
expires
Mon, 19 Sep 2022 08:54:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js
pagead2.googlesyndication.com/bg/ Frame 6BCD 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:24:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16029
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Sep 2023 08:24:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FB79 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220914&jk=4346987188564336&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E1E6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1663577642376-945312066536-008218-004-008206%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61bb50b4ad11e83d79154566
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://leveling-solo.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=119398
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 08:54:02 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 20 Sep 2022 18:04:00 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
services
sync.technoratimedia.com/ Frame 0B80 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1663577642376-945312066536-008218-004-008206&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1663577642376-945312066536-008218-004-008206%26biddername%3D3%26key%3D%5BUSER_ID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61bb50b4ad11e83d79154566
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://leveling-solo.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://leveling-solo.org/
age
0
date
Mon, 19 Sep 2022 08:54:02 GMT
server
nginx
via
1.1 varnish
x-varnish
327181969
occ
ups.analytics.yahoo.com/ups/58543/ Frame BC3E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61bb50b4ad11e83d79154566
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://leveling-solo.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
date
Mon, 19 Sep 2022 08:54:02 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
cookiesyncendpoint
sync.aniview.com/ Frame D8F8
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1663577642376-945312066536-008218-004-008206%26bid...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1663577642376-945312066536-008218-004-008206&biddername=200&key=OPTOUT
0
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1663577642376-945312066536-008218-004-008206&biddername=200&key=OPTOUT
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61bb50b4ad11e83d79154566
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.255.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-255-87.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://leveling-solo.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 19 Sep 2022 08:54:02 GMT

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 19 Sep 2022 08:54:02 GMT
etag
OPTOUT
expires
0
location
https://sync.aniview.com/cookiesyncendpoint?auid=1663577642376-945312066536-008218-004-008206&biddername=200&key=OPTOUT
pragma
no-cache
cookiesyncendpoint
sync.aniview.com/ Frame 2538
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1663577642376-945312066536-008218-004-008206%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1663577642376-945312066536-008218-004-008206&biddername=56&pid=59c9148628a0612da3689288&key=2d970b6a-030b-4f84-aaf1-803dd2c05ffa
0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1663577642376-945312066536-008218-004-008206&biddername=56&pid=59c9148628a0612da3689288&key=2d970b6a-030b-4f84-aaf1-803dd2c05ffa
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61bb50b4ad11e83d79154566
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.255.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-255-87.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://leveling-solo.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 19 Sep 2022 08:54:02 GMT

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74d11829ef2701e7-ZRH
content-length
0
date
Mon, 19 Sep 2022 08:54:02 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1663577642376-945312066536-008218-004-008206&biddername=56&pid=59c9148628a0612da3689288&key=2d970b6a-030b-4f84-aaf1-803dd2c05ffa
server
cloudflare
pixel
ap.lijit.com/ Frame A820 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1663577642376-945312066536-008218-004-008206%26biddername%3D18%26key%3D%24UID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61bb50b4ad11e83d79154566
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://leveling-solo.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
date
Mon, 19 Sep 2022 08:54:02 GMT
pod
X-Sovrn-Pod: ad_ap4ams1
avpb7.12.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame DB1C 		174 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61bb50b4ad11e83d79154566
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
02fc09dfabfbab52f8760422f0e2f1d8a5009cfee409e7e03effdc567579f681

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:02 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtrTzJDHrsAElfby9oLPJu-4PaLq-s8L7KqzD4Lix8nZQxRH2PmfgzU3mUKIqQyo6Ze32hbvD9jORm6A8gOsgdyLvM_3uiT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
55752
last-modified
Sun, 18 Sep 2022 06:56:50 GMT
server
UploadServer
etag
"22c70aca675e87510b7a9d8f98b078bc"
vary
Accept-Encoding
x-goog-hash
crc32c=9EaRLA==, md5=IscKymdeh1ELep2PmLB4vA==
x-goog-generation
1663484210863897
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
55752
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 19 Sep 2022 08:59:02 GMT
avpb7.12.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame DB1C 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61bb50b4ad11e83d79154566
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:02 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycds8biAfcRPkpVetCwJ638u6ItEhPe-9Xi3MC9bRU2yoGt6IhA6FnE-oKzcl65eER2uIAEcjWXPfwz_3oepT2iShWQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20450
last-modified
Sun, 18 Sep 2022 06:56:50 GMT
server
UploadServer
etag
"f1f6edcb51297f35e7b284fefececbe3"
vary
Accept-Encoding
x-goog-hash
crc32c=EKJz2Q==, md5=8fbty1EpfzXnsoT+/s7L4w==
x-goog-generation
1663484210854341
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
20450
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 19 Sep 2022 08:59:02 GMT
adServe.do
web.ssp.yahoo.com/admax/ 		240 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?dcn=8a969d1e018080181a0418856e520015&pos=8a969d1e018080181a041886254f0017&secure=1&euconsent=&gdpr=1&us_privacy=1---&d(id24)=&ht=180&wd=320&reserve=1.9&req(url)=leveling-solo.org&schain=1.0,1!aniview.com,61bb50b4ad11e83d79154566,1,,,&cbb=3577642475
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61bb50b4ad11e83d79154566
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 08:54:02 GMT
server
ATS/9.1.10.25
age
0
access-control-allow-methods
GET,POST
content-type
text/xml;charset=utf-8
access-control-allow-origin
https://leveling-solo.org
access-control-expose-headers
X-Nexage-AdTid
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
240
expires
Thu, 01 Jan 1970 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=leveling-solo.org&rs=leveling-solo.org&sid=96654&t=1663577642&cip=217.64.151.5&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=256&he=145&app=&AV_PUBLISHERID=61bb50b4ad11e83d79154566&test=&aafaid=&proto=https&uid=1663577642376-945312066536-008218-004-008206&cha=0.7&stagid=62458616d0561a27b0165c14&stplid=61bb5afd4990cb1eab7afba4&d35=&d36=6.2.55&cb=65733763982&d39=&d65=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=320&AV_HEIGHT=180&nid=61bb50b4ad11e83d79154566&ncid=623bcb733a9409464f354a57&e=request&cb=1663577642477&asid=623ca87ac98adf603a17a756%2C623bb8f715aba225ef35d367%2C631294a392ac726992137ec8%2C623b52f3e69bc35b2b503a7b%2C6312945332ff1a0868400b74%2C6312950be53c2c59d825afd7%2C623b530d04f14c43946ea354&ofpr=%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.7.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-7-68.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:02 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=leveling-solo.org&rs=leveling-solo.org&sid=96654&t=1663577642&cip=217.64.151.5&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=256&he=145&app=&AV_PUBLISHERID=61bb50b4ad11e83d79154566&test=&aafaid=&proto=https&uid=1663577642376-945312066536-008218-004-008206&cha=0.7&stagid=62458616d0561a27b0165c14&stplid=61bb5afd4990cb1eab7afba4&d35=&d36=6.2.55&cb=65733763982&d39=&d65=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=320&AV_HEIGHT=180&&copid=61bb50b4ad11e83d79154566&nid=59c9148628a0612da3689288&cocid=623bcb733a9409464f354a57&ncid=6214bbfb8bd713665a5ac236&coasid=6214bc6bc50a3f486c1eac66&e=request&cb=1663577642477&asid=6279004289d1f17ed70bc627%2C623c2a19f0b33e378c187aa9%2C62a7408bc71a3e344b788a45%2C6280c59bff04066e130cae33&ofpr=0.9%2C1%2C%2C&fpo=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.7.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-7-68.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:02 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/217227/0/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/217227/0/mvo?z=1r&hbv=7.12,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://leveling-solo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://leveling-solo.org
pragma
no-cache
date
Mon, 19 Sep 2022 08:54:02 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://leveling-solo.org/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://leveling-solo.org
date
Mon, 19 Sep 2022 08:54:02 GMT
access-control-allow-credentials
true
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://leveling-solo.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://leveling-solo.org
access-control-max-age
600
age
0
content-length
0
date
Mon, 19 Sep 2022 08:54:02 GMT
server
ATS/9.1.10.25
generate_204
tpc.googlesyndication.com/ Frame 6BCD 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?LRN7uA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
css
fonts.googleapis.com/ Frame E925 		708 B
367 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato&display=swap
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=6e724f39e000cf94a64299000d3d1ece:29d6fc7c7ed8b4ada92f0c10ed16f27fc4c95037027776b4e8d47bf971673204157a5b6baf7c540c1d3059f1a4bd56be61a51a8d3ca0b30f6c48a129c114223c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
76b2a103a4feac2ee3aa1bf11ce12032a38d8fa566fb95a39bcac61204811c5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 07:40:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 19 Sep 2022 08:54:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Sep 2022 08:54:02 GMT
prebid-2022-09-14.js
cdn.psdn.xyz/ Frame E925 		311 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.psdn.xyz/prebid-2022-09-14.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=6e724f39e000cf94a64299000d3d1ece:29d6fc7c7ed8b4ada92f0c10ed16f27fc4c95037027776b4e8d47bf971673204157a5b6baf7c540c1d3059f1a4bd56be61a51a8d3ca0b30f6c48a129c114223c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f3a3371cee191694f82b2aac06d875b5e688c1f5e33d256514b7fe95ab75d7b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:02 GMT
content-encoding
gzip
last-modified
Wed, 14 Sep 2022 12:03:25 GMT
x-amz-request-id
tx00000000000006e651882-006321c9c5-34c6886a-nyc3b
etag
"a6e513cee43039f0b786b8325a00a4aa"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1663577642.dop245.lo4.t,1663577642.cds277.lo4.hn,1663577642.cds224.lo4.c
content-type
application/javascript
cache-control
max-age=31536000
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
content-length
99802
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame E925 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://leveling-solo.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 17:08:09 GMT
x-content-type-options
nosniff
age
488753
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 17:08:09 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=leveling-solo.org&rs=leveling-solo.org&sid=96654&t=1663577642&cip=217.64.151.5&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=256&he=145&app=&AV_PUBLISHERID=61bb50b4ad11e83d79154566&test=&aafaid=&proto=https&uid=1663577642376-945312066536-008218-004-008206&cha=0.7&stagid=62458616d0561a27b0165c14&stplid=61bb5afd4990cb1eab7afba4&d35=&d36=6.2.55&cb=65733763982&d39=&d65=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=320&AV_HEIGHT=180&nid=61bb50b4ad11e83d79154566&ncid=623bcb733a9409464f354a57&e=bid&cb=1663577642713&asid=623ca87ac98adf603a17a756%2C623bb8f715aba225ef35d367%2C631294a392ac726992137ec8%2C623b52f3e69bc35b2b503a7b%2C6312945332ff1a0868400b74%2C6312950be53c2c59d825afd7%2C623b530d04f14c43946ea354&ofpr=%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.7.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-7-68.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:02 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=leveling-solo.org&rs=leveling-solo.org&sid=96654&t=1663577642&cip=217.64.151.5&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=256&he=145&app=&AV_PUBLISHERID=61bb50b4ad11e83d79154566&test=&aafaid=&proto=https&uid=1663577642376-945312066536-008218-004-008206&cha=0.7&stagid=62458616d0561a27b0165c14&stplid=61bb5afd4990cb1eab7afba4&d35=&d36=6.2.55&cb=65733763982&d39=&d65=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=320&AV_HEIGHT=180&&copid=61bb50b4ad11e83d79154566&nid=59c9148628a0612da3689288&cocid=623bcb733a9409464f354a57&ncid=6214bbfb8bd713665a5ac236&coasid=6214bc6bc50a3f486c1eac66&e=bid&cb=1663577642713&asid=6280c59bff04066e130cae33&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.7.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-7-68.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:02 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame E1E6 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=43630001&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1663577642376-945312066536-008218-004-008206%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:01 GMT
content-length
0
simple-close-button-gray.svg
papayads.net/images/ 		908 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://papayads.net/images/simple-close-button-gray.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
63994f197a7fcd29de80a687ca45bb84f652b73c989376276ba3c29477c10ba6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6081
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 17 Jan 2022 22:49:51 GMT
server
cloudflare
etag
W/"61e5f28f-38c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nfzb9qxtt9g0xExkRvMk5Jtj10TUKf7THeW66jsuIluQ5Cu4wfTl%2FFRoOaerVJugam3%2FygVzBZZaxmR8WK1%2BE1R5zNaLsi2lgDkSQU5DhxFru4bjePgepT5re3H26X3WpkwVjvNWjmfS%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=691200
cf-ray
74d1182c4fa2374e-MXP
multitracking
ghb.adtelligent.com/adunit/ 		0
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x462104/hbw_master_313926_16406.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://leveling-solo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://leveling-solo.org
Date
Mon, 19 Sep 2022 08:54:02 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220914&jk=4346987188564336&bg=!cHOlczfNAAZqQh0mSkI7ACkAdvg8WmJFGpEuW_dvaIwJIGm-kCG8cXo3_t7uff4J_ny24emMyfWIZQIAAAB2UgAAAAJoAQeZApomaOPFoIfcBQknEh8OnF2AukSxD0yaLim9yx7vTs-6SBsqDuF2e7CeXClcgRPkj6uar8-8iC_wV5gW6ISFWwgV1486txJspxs0a20xnfYBSP4VBrKRmcyy-Wza_IAY_Ol6dKz5g6rzJImSUf_stD9vT2BzrAtdkCO722kRiEsWiNyA0X9poBhJhWFhW5H9gkxJMN5PMv7Cn3e7ZWs9zlJe-rpZDWnkWwWugf_EEk2_xPCBznKMLf3Q-nrTb_c6qAwqaCqoZ9F2Y3I4bGT5FvIgNMb9wEyw07Nn8YxeyHFFWteFa88reShde7ZtRjdPdUo1PyksZmskFzclr6T62todtCEnvdycVm1e9VKFIi9Q_Q-Kw_T_jp5zlSiwVFBn9fZw2S3gFdeCCHZxq3bypNMdkqZWblcn165_pu0jfpdZ88_LeQJ-WV3t-ywLJqP2pN76PfIKMMrjiOK-hrOkKhNbEAyGcYWnQlrydWPDOnyfJoGKQXMkzijgDUjj8APCzIRZtC0xQ6hLRqrUlozgUtEECu4Cmr61HXsiGn6KYhzozYyrDgyQeRqm7QuNOOwCZ1LpKlBOdjPaIizHc-maPZTXBaJRx0_LJnOfGKSg5YRR7bPqUUScTljE3uf5_w_JYtj4choxBvW78ove6NJPeEXJNlXEoeJ9T8cOBx0FGFBpbGP2s3E5chx4dljMkfcdcwxDDcOtrCYehP7U1f9KtviVUe727jy5g904kpAjXMLuvKcNHLH6RiZh7hnU820RiTqUzdHLvSavTB6dBMYamolxUjYZ4fPXGmqPImQGylAJ6jXQ6Is0bBdK9uOt-sugYjT-yQimdapl2WOa6mvTfJ_ijauSELeHRqOzC9gb7UFeALEdlFRSYI_DawA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462104/hb_313926_16406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:04 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 20 Sep 2022 08:54:04 GMT
syncframe
gum.criteo.com/ Frame 901A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=leveling-solo.org&gdpr=1&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
de4074357122f6dcee51fb5b3b39d3ad99a460316bd2f9f0a477faf0c1bc3135
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://leveling-solo.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 08:54:03 GMT
server
Kestrel
server-processing-duration-in-ticks
172501
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:04 GMT
content-encoding
gzip
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 20 Sep 2022 08:54:04 GMT
logo-banners.svg
papayads.net/images/LOGO/ 		90 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://papayads.net/images/LOGO/logo-banners.svg
Requested by
Host: papayads.net
URL: https://papayads.net/self/common/adtags.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
94c3b7aef4f2ff7f46aa44ee6959cd1420a433a41e70bd8d901322c895752468
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://papayads.net/self/common/adtags.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 08:54:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6234
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 17 Jan 2022 22:52:28 GMT
server
cloudflare
etag
W/"61e5f32c-16733"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4n5N4yqXtKnu6HKPnqUa2dvy8bIOxBsbTrICyWsHDwJdyfp1Ot53ii5cQiWd3K2IeHAhHQc%2FhdMyBFj6eHK%2F%2Bzn7scd09Ww6snX1ULldw8ePqAtWU5mFx5cnzGrzP8vtDcN3liUqI79gsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=691200
cf-ray
74d11838da74374e-MXP
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fleveling-solo.org%2F&domain=leveling-solo.org&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://leveling-solo.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://leveling-solo.org
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 19 Sep 2022 08:54:04 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
550704
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fleveling-solo.org%2F&domain=leveling-solo.org&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=ta3jMXx1dmVRQW9wOHdXcmszdGdCbzJEVTRrQ1UvR1ZvSUtJSlY3QnF5NW1DTzU3QXFBVktFSi9aVjY0dXVBUDN2MnRWNHQwb2laUUM1emNEM1o5TmNpNFcvWGsreVl3SW96QUNVSlZEQWQ0YVpadlRuVHpRWjZLTGFJTG...
365 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ta3jMXx1dmVRQW9wOHdXcmszdGdCbzJEVTRrQ1UvR1ZvSUtJSlY3QnF5NW1DTzU3QXFBVktFSi9aVjY0dXVBUDN2MnRWNHQwb2laUUM1emNEM1o5TmNpNFcvWGsreVl3SW96QUNVSlZEQWQ0YVpadlRuVHpRWjZLTGFJTGRtMjFZVEFIMHZuTFRqc3pPNFdIajA1QzRSNko4QnJ3Mi9lc2pJK3JaeCtEblZCZkdKWGg4aDNaZ2t2K29SKzVoR1Rla0R4WlhBcTZVR0t3ck1qdU96ZldXcW5rY0J0VDg3ZGl5N2RuWmNCQndBQis3TVJQWEFpcWxmUDRRU3RXWmlBbkRVMmFyfA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
39c07f3bc4578f3adc2b029e986eb5f1950d209c535c0a92873a03300eb3e78f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leveling-solo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 08:54:05 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1575056
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 08:54:05 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=ta3jMXx1dmVRQW9wOHdXcmszdGdCbzJEVTRrQ1UvR1ZvSUtJSlY3QnF5NW1DTzU3QXFBVktFSi9aVjY0dXVBUDN2MnRWNHQwb2laUUM1emNEM1o5TmNpNFcvWGsreVl3SW96QUNVSlZEQWQ0YVpadlRuVHpRWjZLTGFJTGRtMjFZVEFIMHZuTFRqc3pPNFdIajA1QzRSNko4QnJ3Mi9lc2pJK3JaeCtEblZCZkdKWGg4aDNaZ2t2K29SKzVoR1Rla0R4WlhBcTZVR0t3ck1qdU96ZldXcW5rY0J0VDg3ZGl5N2RuWmNCQndBQis3TVJQWEFpcWxmUDRRU3RXWmlBbkRVMmFyfA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://leveling-solo.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
640981
content-length
0
expires
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ta3jMXx1dmVRQW9wOHdXcmszdGdCbzJEVTRrQ1UvR1ZvSUtJSlY3QnF5NW1DTzU3QXFBVktFSi9aVjY0dXVBUDN2MnRWNHQwb2laUUM1emNEM1o5TmNpNFcvWGsreVl3SW96QUNVSlZEQWQ0YVpadlRuVHpRWjZLTGFJTGRtMjFZVEFIMHZuTFRqc3pPNFdIajA1QzRSNko4QnJ3Mi9lc2pJK3JaeCtEblZCZkdKWGg4aDNaZ2t2K29SKzVoR1Rla0R4WlhBcTZVR0t3ck1qdU96ZldXcW5rY0J0VDg3ZGl5N2RuWmNCQndBQis3TVJQWEFpcWxmUDRRU3RXWmlBbkRVMmFyfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 19 Sep 2022 08:54:05 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
212319
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding

Verdicts & Comments Add Verdict or Comment

227 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| DarkMode string| GoogleAnalyticsObject function| ga object| wpDarkMode function| checkOsDarkMode function| documentInitOneSignal function| OneSignal function| loadCSS string| approvedsite string| sitematch string| countrycodeRef string| countrycodeckeck number| dmcaobfuscation number| dmcaobfuscationforced string| timestampPapayAds string| currentLocation number| whitalabel number| blockscrollenabled undefined| root number| OneBidEnabled undefined| FAILSAFE_TIMEOUT undefined| ONE_TIMEOUT undefined| lmonebid undefined| lmoneBidReq undefined| requestManager number| HBBypass undefined| gptinsert number| HBEnabled object| adSlot1 object| adSlot2 object| adSlot3 object| adSlot4 object| adSlot5 object| adSlot6 object| adSlot7 object| adSlot8 object| adSlot9 object| adSlot10 object| adSlot11 object| adSlot12 object| adSlot13 object| adSlot14 object| adSlot15 object| adSlot16 object| adSlot17 undefined| adSlot1exists undefined| adSlot2exists undefined| adSlot3exists undefined| adSlot4exists undefined| adSlot5exists undefined| adSlot6exists undefined| adSlot7exists undefined| adSlot8exists undefined| adSlot9exists undefined| adSlot10exists undefined| adSlot11exists undefined| adSlot12exists undefined| adSlot13exists undefined| adSlot14exists undefined| adSlot15exists undefined| adSlot16exists undefined| adSlot17exists object| refreshableSlots number| videoInreadRight number| videoFloatingRight number| videoFloatingLeft number| AnalyticsEnabled object| script undefined| newLocation undefined| biddersBack undefined| requestHeaderBids function| refreshBids function| adRefresh function| papayavideoads function| gtag object| googletag object| vmpbjs object| vpb object| dataLayer object| _0x3951 function| _0x4a9a boolean| _purpleadsWasLoaded object| _purpleads number| amountScrolled object| jQuery1113022051821952414996 object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| _ object| _wpUtilSettings object| wp function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| SUShortcodesL10n object| SUImageCarousel object| lazyLoadOptions object| gaplugins object| gaGlobal object| gaData function| LazyLoad function| H5 function| T1NN function| K1NN number| K0uuuu function| q3eeo function| W1_DJ2 number| W_B$WB function| N02i_ string| f336c3 function| l977 object| exoJsPop101 number| ad_idzone number| ad_frequency_period number| ad_frequency_count number| ad_trigger_method boolean| ad_popup_force boolean| ad_popup_fallback boolean| ad_chrome_enabled boolean| ad_new_tab boolean| ad_t_venor boolean| ad_cookieconsent string| ad_sub string| ad_sub2 string| ad_sub3 string| ad_cat string| ad_trigger_class string| ad_tags string| ad_el object| google_tag_manager object| vmpbjsChunk object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid number| height function| onYouTubeIframeAPIReady function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| aniplayerPos object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| ODk5ZDBjMTMwNGI3MzUxMmxvYWRlcl9qcw== string| ODk5ZDBjMTMwNGI3MzUxMmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_llp number| google_lpabyc object| com function| _avcp object| storageAni object| Criteo object| sas object| apntag object| _ADAGIO object| GoogleGcLKhOms object| node object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

19 Cookies

Domain/Path Name / Value
.leveling-solo.org/ Name: _gid
Value: GA1.2.1535070865.1663577641
.leveling-solo.org/ Name: _gat
Value: 1
.leveling-solo.org/ Name: _ga_45SYS0EFS8
Value: GS1.1.1663577641.1.0.1663577641.0.0.0
.leveling-solo.org/ Name: _ga
Value: GA1.1.899368643.1663577641
leveling-solo.org/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.leveling-solo.org/ Name: __gads
Value: ID=064efd03983a192b-225cb8c026ce0029:T=1663577641:RT=1663577641:S=ALNI_MYmC3gp8mygV7u3atD3omJUgwd24A
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.openx.net/ Name: i
Value: d4ec4d44-3c96-4a4a-ad16-ae491fc71747|1663577642
.adnxs.com/ Name: icu
Value: ChgIwtl9EAoYASABKAEwqtygmQY4AUABSAEQqtygmQYYAA..
.adnxs.com/ Name: uuid2
Value: 5707797118755649542
.prebid.a-mo.net/ Name: __amc
Value: 1_1663577642_1663577642
.quantumdex.io/ Name: uid
Value: 4f8f2bbe-128d-4bd1-aaec-f9b474cba6c7
.aniview.com/ Name: aniC
Value:
.csync.loopme.me/ Name: viewer_token
Value: 2d970b6a-030b-4f84-aaf1-803dd2c05ffa
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.aniview.com/ Name: 2_C_200
Value: OPTOUT
sync.aniview.com/ Name: 2_C_200
Value: OPTOUT
.leveling-solo.org/ Name: cto_bundle
Value: jvObgl9rVVV4NWZYSWN0Yk1mU05TdkhsWnRtJTJGUXdvVGtMVyUyQkZiWG40Zm8lMkJYd2h6SlcwR1BocEVGdmRUZWJERGlYakJ3RWR5RXJSRDNSYVphVmxWQjNCSDZ0TUJCUTZKRFdsbUxhdEpieVNUcklPU042MWF5S2h4JTJCcG1RNEQ3MEN2OCUyRmc
.leveling-solo.org/ Name: cto_bidid
Value: 6o_w719NdzZtUkFiMzZlUzZ5VkoydDdnN1RRR1clMkZJNjRhM3lvWkx5bXVOTHVnbEJUVHNhU0VoZEhLU29GR0Y0enZxT1dxJTJCQk9xQVh4JTJGS2tJNzNEUWd4c3YzdyUzRCUzRA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.exdynsrv.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.de
adsparc-d.openx.net
ap.lijit.com
api.purpleads.io
b1h.zemanta.com
bidder.criteo.com
c2shb.pubgw.yahoo.com
cdn.onesignal.com
cdn.psdn.xyz
cdn.purpleads.io
code.jquery.com
cpm.unibots.in
csync.loopme.me
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
ghb.adtelligent.com
go1.aniview.com
googleads.g.doubleclick.net
googletagmanager.com
gum.criteo.com
hb-api.omnitagjs.com
hb.minutemedia-prebid.com
i.imgur.com
ib.adnxs.com
image6.pubmatic.com
img.onesignal.com
leveling-solo.org
mp.4dex.io
mug.criteo.com
onesignal.com
pagead2.googlesyndication.com
papayads.net
partner.googleadservices.com
player.adtcdn.com
player.adtelligent.com
player.aniview.com
player.avplayer.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.media.net
region1.google-analytics.com
script.4dex.io
securepubads.g.doubleclick.net
smartssp-us-east.iqzone.com
static.criteo.net
sync.1rx.io
sync.aniview.com
sync.technoratimedia.com
tag.1rx.io
tg1.aniview.com
tpc.googlesyndication.com
track1.aniview.com
ups.analytics.yahoo.com
useast.quantumdex.io
web.ssp.yahoo.com
www.google-analytics.com
www.google.com
13.32.99.31
147.75.85.234
150.136.26.45
151.101.12.193
172.217.16.194
178.250.0.157
178.250.0.165
185.184.8.90
185.255.84.150
185.64.190.78
2001:4860:4802:32::36
2001:4860:4802:34::178
2001:4de0:ac18::1:a:2a
2001:4de0:ac19::1:b:1a
205.185.216.10
213.19.147.42
213.19.147.44
216.52.2.19
23.20.163.248
23.35.236.201
2606:4700:10::6816:2460
2606:4700:20::681a:9a9
2606:4700:20::681a:c1b
2606:4700:3036::6815:3c7d
2606:4700::6812:272
2606:4700::6812:e134
2606:4700::6812:e234
2606:4700::6813:ac6c
2a00:1450:4001:800::2008
2a00:1450:4001:801::2004
2a00:1450:4001:806::2001
2a00:1450:4001:806::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a02:2638::1c
2a02:2638::3
2a02:26f0:3500:58c::2c79
2a02:26f0:3500:595::2c79
2a02:26f0:3500:c::5c7b:6822
2a06:98c1:3120::3
2a0c:5c81:5142::2
3.126.56.137
34.107.148.139
34.235.255.87
35.157.246.167
35.244.159.8
37.252.173.22
45.133.44.3
50.31.142.31
52.30.62.193
54.157.211.237
54.204.7.68
54.90.243.153
77.245.57.72
8.2.111.104
018ede197a970c44238a85512316f4a6e02611d13ef0a55f65aa75853792f886
02fc09dfabfbab52f8760422f0e2f1d8a5009cfee409e7e03effdc567579f681
04c0b64e3f6c73a55d2af4260380ec489263df92dfdc2eb4d34e0f876f3d30f7
0a90b6e374f6b86c902a714740075a147d72c8f0b2faa746f309898c5c07f9d0
0da4791b446818516f710c51707081aec7b23a7c5212fc0b2629c973210136a4
0f43e7bd71c75ec1675d1389dcd863341114d08ccbaa529d3c39fe2e90bd39da
0f48027138a0d56f083d37235b1b9f7b58a3c82935fc9283a575013c7a568bdb
0f8c7ba0425ca532c53ccf58aee3cb07ff13e70ee98c58cad9406687a37c5b97
110c7932b78e1f27d049f7a3718b9099a8aba3fba09a65e7e22d771661c58022
1bc6da3ea0b88d4f8ba0060dc13fc24b9290a0e3f80a87c38f67b4961f579e38
1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7
208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb
213a305244789dd590315724f9f9e52efc52dda5478181e269c067ad5dadae4d
255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e
263e77aebeeae60b347bec7bf882a7fd68d4bc719eb030db2c7b8e8167b35706
2b636bd764196304a9b2ca3eedfd78c56aa6fa080edc0fe26cd33f81ae2e7dfa
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f901fd99add45c61fad98a41a0f1d49436269acc25c4e85bd01a36492997af7
32164f1fc7b3a532d0f450ba7ea2f34d2a50e84b64e156963b4a3e0a78d1544d
34dd67d447e35ae9dd5791af2bfe0181bd1b84f43558a50c476f950cb802abb4
36e5fb48cee849a51910344f29460662f8b5703dfa6102042122b47d081ca73d
39c07f3bc4578f3adc2b029e986eb5f1950d209c535c0a92873a03300eb3e78f
3d14dc44b89f17cf0c062ee7fb670c59f4bbd241875bd7a51f914924c951be5c
42248f3ae92834623c31a681835a0caf0a612eedb2e041f8e7b1a4fd88208478
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
52ad5428e7abb3f537b800c9933de11285ad02e062f53ba8d08f9272244bcc6c
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
574fb0e5941ad51fa8dae5c59d1ddb98c8cf784fd8800b490786dfcf5e7406c4
5962e9ba25d962ce6de397a01f514c4c9b412922f335e5da5130606ae708a1dc
5d2a3923f616efb37f239b81b44fd0891a06485f1a488935c2e5495745b41048
5e880c8de639677c2ec0a2759d646fc8a6ff41245d648994176a8f1f22c0dcaf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63994f197a7fcd29de80a687ca45bb84f652b73c989376276ba3c29477c10ba6
65910d9ad85211ab3195d9d6947901ca337e779f404344bc7209b5809d70e18c
67572a59b9c0105089c1cac9f3f3aab047b6cd881a6913ea275d47c51379511d
6bd16027fd572fe9567228ebc95b323a8a37eb3249c57a271bc968d859e1c897
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
70e4799e08f552c25c8f2ef999ed9f20331d76fb9c5d9780d2f46c295da9fa19
7249c86196aac381a70ce5bfe4297f1383f415d48313acbc07a41ffc151a10d1
7392b909d494f62eb0e164cefc1ce2abba2e58b238eb4e214468a39c58e85557
76b2a103a4feac2ee3aa1bf11ce12032a38d8fa566fb95a39bcac61204811c5c
77d6cc8c1e69ad02ebfea03cc7b9fe8143e7df89d415e9e53b3a83fb2c069405
7d9e1488be90235f9cec4b6690a0184ee3215fb123469bc141b82699abb6bbb4
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
835f79262dd6633b91d8bbfeb62f78afa60dbd0a40072b402c1d3ed2a6d4a410
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
843a6a827748d4e7325d0ad2e8127517f3415fcb8cf925d9e148c6506f6df060
85651f9563a36aec7d188d222ec08b7fe8c90f982bd29fe69451f0494656f0ac
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8810ba3440bf482ced33d2f74b7803bba711f689d8e4caa7da5c6ae6844a1b49
8f7bdb9c79c5498f8a5ed7229bf62d3ab6d11dca4698bfdd0f6249f624da13c1
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94c3b7aef4f2ff7f46aa44ee6959cd1420a433a41e70bd8d901322c895752468
96eed42e394f5b00f1e02a12d1ce9557aae7cd751e4a9ae2b3e8fc392b1db945
9b95753dd80d16fd2ef23b8bc068cfa4a826a20193ea9f82b667ebe0a9f1b109
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a591a418c058b4516b83097ab3d4b1e839e25daca61659022cc96a693953b2ac
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b09cf1a598216378f27f09d5346aa88666ca401542407eb492a4d4099b3849ec
b177393bb52a27d045184e12b1bde8a164ebf8d12319003fe72cc36a2325f5fe
b2ff39ccfc80daf66110e4b104956bc70911dec5c51764de1c19422439a34ba5
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf63416a7211dddf1b4e8f36127af239187f68c897662c9919864defb0d36efa
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1a81488296b841fda61a06523b215eed80046e5ab85fb894fc51d9528048160
c40f49abe2eeaddfd8fa4a7decc93bb66f7066c4b6c0f115e7d97a6989424532
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c5f36dae0c790ab82b9492cdb04d7a673a781da7f09fdf94b51fb37fcaecee31
cba86461b1f20796f7057d81076f6fa501de3f975a23270c007c1687a0b721d3
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d230fa6c14bf1f2df177f38c46f0d091f90ea57753e36e035616a381bd43a2db
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d8a91411990e5c71c8b5d3fe717688f19c047b1db685eba3756d92f058c9bb50
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
de4074357122f6dcee51fb5b3b39d3ad99a460316bd2f9f0a477faf0c1bc3135
dedcdeeadca614d6c01dc14993d84f9b9cb3b7b096a3e6c396bf2406888a6dcb
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9271afc725a2dfd9d4c4c83206d4e2fe4e63a27dde2c7a7853fbf1cdad3a646
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ee0a41babb6883a6b4bd5d9f2b307d719540a68891fc003ae3b519c77c19e016
ee5aaba83694971668782620a778e18a5156775e959233fe9b60d44bbf6fc070
f1a4624721d62d9259a823a3e14a464dc5be32a58327dcedc68e2e15e4a66360
f20cf9ea39f3e98de997c6ab2e8f249042d481bcb0dc6c56ba9ea41439ea0fa7
f3a3371cee191694f82b2aac06d875b5e688c1f5e33d256514b7fe95ab75d7b2
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6f51cdaa2f03fe8b3d665c33fcfd8e4356dea2a13bb354efc709b8a9c7057ca
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a