urlscan.io logo urlscan.io
SecurityTrails logo

pinoytambayansteleserye.su Open in urlscan Pro
195.154.207.225  Public Scan

Go To Rescan Add Verdict Report
URL: https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Submission: On October 26 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 32 IPs in 6 countries across 22 domains to perform 155 HTTP transactions. The main IP is 195.154.207.225, located in France and belongs to Online SAS, FR. The main domain is pinoytambayansteleserye.su.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 29th 2021. Valid for: 3 months.
This is the only time pinoytambayansteleserye.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 195.154.207.225 12876 (Online SAS)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
6 2a00:1450:400... 15169 (GOOGLE)
4 2606:2800:234... 15133 (EDGECAST)
2 2a02:26f0:170... 20940 (AKAMAI-ASN1)
2 151.101.128.84 54113 (FASTLY)
2 104.244.42.136 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 3 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
33 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a04:4e42:400... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:310... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
6 172.217.23.98 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 7 185.33.220.145 29990 (ASN-APPNEX)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 151.101.65.108 54113 (FASTLY)
4 2a03:2880:f11... 32934 (FACEBOOK)
18 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
155 32
22    195.154.207.225 (France)

ASN12876 (Online SAS, FR)
PTR: 195-154-207-225.rev.poneytelecom.eu
pinoytambayansteleserye.su
tvking.net
3    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
4    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2a02:26f0:1700:792::1931 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
assets.pinterest.com
2    151.101.128.84 (United States)

ASN54113 (FASTLY, US)
widgets.pinterest.com
log.pinterest.com
2    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a00:1450:4001:80e::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
5    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
3    2606:4700:3037::6815:13d5 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.dramacool.so
3    2606:4700:20::681a:9de (United States)

ASN13335 (CLOUDFLARENET, US)
asianembed.com
33    2606:4700:3034::6815:a3 (United States)

ASN13335 (CLOUDFLARENET, US)
sorrelma.com
1    2a04:4e42:400::626 (Ascension Island)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i9.ytimg.com
3    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2606:4700:3108::ac42:28be (United States)

ASN13335 (CLOUDFLARENET, US)
api.adinplay.com
6    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
7    185.33.220.145 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
4    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com
2    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
4    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
18    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
Domain Requested by
33 sorrelma.com tvking.net
sorrelma.com
19 pinoytambayansteleserye.su pinoytambayansteleserye.su
18 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
pinoytambayansteleserye.su
07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com
sorrelma.com
7 ib.adnxs.com 1 redirects api.adinplay.com
acdn.adnxs.com
6 securepubads.g.doubleclick.net api.adinplay.com
securepubads.g.doubleclick.net
pinoytambayansteleserye.su
sorrelma.com
6 pagead2.googlesyndication.com sorrelma.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
6 apis.google.com pinoytambayansteleserye.su
apis.google.com
accounts.google.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 www.google.com 1 redirects apis.google.com
tpc.googlesyndication.com
07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com
sorrelma.com
4 www.facebook.com connect.facebook.net
www.facebook.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com
4 platform.twitter.com pinoytambayansteleserye.su
platform.twitter.com
3 www.gstatic.com embed.dramacool.so
www.gstatic.com
3 asianembed.com tvking.net
3 embed.dramacool.so 3 redirects
3 tvking.net pinoytambayansteleserye.su
tvking.net
embed.dramacool.so
3 fonts.googleapis.com pinoytambayansteleserye.su
sorrelma.com
tpc.googlesyndication.com
2 acdn.adnxs.com api.adinplay.com
2 07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 cdn.jsdelivr.net api.adinplay.com
2 api.adinplay.com sorrelma.com
api.adinplay.com
2 syndication.twitter.com platform.twitter.com
pinoytambayansteleserye.su
2 assets.pinterest.com pinoytambayansteleserye.su
assets.pinterest.com
2 connect.facebook.net pinoytambayansteleserye.su
connect.facebook.net
2 fonts.gstatic.com fonts.googleapis.com
1 www.googletagservices.com 07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com
1 log.pinterest.com pinoytambayansteleserye.su
1 i9.ytimg.com tvking.net
1 ssl.p.jwpcdn.com embed.dramacool.so
1 ssl.gstatic.com accounts.google.com
1 accounts.google.com apis.google.com
1 widgets.pinterest.com assets.pinterest.com
155 34

This site contains links to these domains. Also see Links.

Domain
www.pinterest.com
www.reddit.com
Subject Issuer Validity Valid
pinoytambayansteleserye.su
cPanel, Inc. Certification Authority		 2021-08-29 -
2021-11-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
tvking.net
cPanel, Inc. Certification Authority		 2021-10-04 -
2022-01-02		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-04 -
2021-11-02		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-26 -
2022-08-05		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
asianembed.com
Cloudflare Inc ECC CA-3		 2021-10-19 -
2022-10-18		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-24 -
2022-06-23		 a year crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-20 -
2022-05-22		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
adinplay.com
Cloudflare Inc ECC CA-3		 2021-07-22 -
2022-07-21		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 20 frames:

Primary Page: https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Frame ID: 4137920CCDB01E236E02A7BF5D9D3E36
Requests: 35 HTTP requests in this frame

Frame: https://tvking.net/video.php?id=UkxBNlZXUEpvaS9xaXNzYXhGZ3ZUZz09
Frame ID: 3B01D6EA4DDC28FFF046F7E750740761
Requests: 12 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fpinoytambayansteleserye.su
Frame ID: 030EAB8A375FDCA5F8135A37FD201C3D
Requests: 2 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fpinoytambayansteleserye.su&url=https%3A%2F%2Fpinoytambayansteleserye.su%2Feverybody-sing-september-18-2021-today-hd-episode.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Frame ID: A504FF1052815B3B39D25A9CE56449EB
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fpinoytambayansteleserye.su&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Frame ID: 583E247A5AC30DE6B4A888A8F665CC90
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html
Frame ID: 44607F4D37ECB156B84442C8A5D5C38F
Requests: 2 HTTP requests in this frame

Frame: https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Frame ID: DBFCF23532CBF1FFFC17059282CEBD2B
Requests: 1 HTTP requests in this frame

Frame: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Frame ID: 7514F3D92F16279648204597C778D422
Requests: 62 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html
Frame ID: 7E7664CED7E58F8DD9417E5353321552
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223587&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635229540882&bpp=3&bdt=191&idt=62&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=7113222368455&frm=8&ife=1&pv=2&ga_vid=1784717487.1635229541&ga_sid=1635229541&ga_hid=44164379&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=21065724%2C31062525&oid=2&pvsid=86037222474715&pem=827&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.9g6fzv7salik&fsb=1&dtd=73
Frame ID: A34E6DB2B1A556945F75A22653F3E8E8
Requests: 1 HTTP requests in this frame

Frame: https://07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 7DE689A1CDEFE4575C31C51F7B8BCBA1
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CDAD804C09BD1DE220D42497C23C641E
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e5fba086e2208%26domain%3Dpinoytambayansteleserye.su%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpinoytambayansteleserye.su%252Ff1d9329bcbfe3a%26relation%3Dparent.parent&container_width=90&href=https%3A%2F%2Fpinoytambayansteleserye.su%2Feverybody-sing-september-18-2021-today-hd-episode.html&layout=button_count&locale=en_US&sdk=joey
Frame ID: EC413CADEBE85DB731EC4274CFBFA63A
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df30d59529f5ccdc%26domain%3Dpinoytambayansteleserye.su%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpinoytambayansteleserye.su%252Ff1d9329bcbfe3a%26relation%3Dparent.parent&container_width=92&href=https%3A%2F%2Fpinoytambayansteleserye.su%2Feverybody-sing-september-18-2021-today-hd-episode.html&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=150
Frame ID: 94F03B3F68EDFCDE89DF723056B9A9CC
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4BCC9A3A8A9FFEB251DBBFCD09C8DF0D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 30BB5AF49593408B0AEAC5C040E0C558
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 361D084394BB494DBDF76150AF9A0F4E
Requests: 2 HTTP requests in this frame

Frame: https://07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 65AB730CC049D9322A72D554439D601E
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/index.html
Frame ID: 47CE530B62AA73014F44C6669F46D9BD
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1FCFEC6BEA08D2FAB748052EC14B72F4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Everybody Sing September 18 2021 Today HD Episode - Pinoy Teleserye

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • //assets\.pinterest\.com/js/pinit\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

155
Requests

99 %
HTTPS

81 %
IPv6

22
Domains

34
Subdomains

32
IPs

6
Countries

2859 kB
Transfer

6715 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1 HTTP 301
  • https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
Request Chain 48
  • https://embed.dramacool.so/js/jw8.9/jwplayer.core.controls.html5.js HTTP 301
  • https://asianembed.com/js/jw8.9/jwplayer.core.controls.html5.js
Request Chain 50
  • https://embed.dramacool.so/js/jw8.9/provider.cast.js HTTP 301
  • https://asianembed.com/js/jw8.9/provider.cast.js
Request Chain 107
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 140
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

155 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request everybody-sing-september-18-2021-today-hd-episode.html
pinoytambayansteleserye.su/ 		36 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
03a0bcf0c8d6652fb92e35a7c6ca34aee4575e94f84113f821be27746de8b0ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
pinoytambayansteleserye.su
:scheme
https
:path
/everybody-sing-september-18-2021-today-hd-episode.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Tue, 26 Oct 2021 06:25:39 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-pingback
https://pinoytambayansteleserye.su/xmlrpc.php
link
<https://pinoytambayansteleserye.su/wp-json/>; rel="https://api.w.org/", <https://pinoytambayansteleserye.su/wp-json/wp/v2/posts/2392>; rel="alternate"; type="application/json", <https://pinoytambayansteleserye.su/?p=2392>; rel=shortlink
x-litespeed-tag
b3f_HTTP.200,b3f_PGSRP
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-upstream-cache-status
MISS
x-server-powered-by
Engintron
content-encoding
gzip
style.min.css
pinoytambayansteleserye.su/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 29 Aug 2021 19:45:51 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
expires
Thu, 25 Nov 2021 06:25:39 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
style.css
pinoytambayansteleserye.su/wp-content/themes/mts_magxp/ 		68 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/style.css
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
c9671c66e5ece29de88b9499080ccafa75f547ea2c34edb347d1d239f68b05b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/mts_magxp/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Jul 2018 05:46:39 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
expires
Thu, 25 Nov 2021 06:25:39 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
font-awesome.min.css
pinoytambayansteleserye.su/wp-content/themes/mts_magxp/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/css/font-awesome.min.css
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
795534a47cda8149a867c710d77cc20ac76f4554468e632afa23a2faa7f7489e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/mts_magxp/css/font-awesome.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Jul 2018 05:46:39 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
expires
Thu, 25 Nov 2021 06:25:39 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
responsive.css
pinoytambayansteleserye.su/wp-content/themes/mts_magxp/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/css/responsive.css
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
aa48dec78a0c69ebc4867e474e9e68d379ffdb8500710f6e13246453db63c864
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/mts_magxp/css/responsive.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Jul 2018 05:46:39 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
expires
Thu, 25 Nov 2021 06:25:39 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
jquery.min.js
pinoytambayansteleserye.su/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-includes/js/jquery/jquery.min.js
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/jquery/jquery.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 29 Aug 2021 19:45:51 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:25:39 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
jquery-migrate.min.js
pinoytambayansteleserye.su/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 29 Aug 2021 19:45:51 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:25:39 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
css
fonts.googleapis.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Allan:normal|Armata:normal&subset=latin
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e85af27feceea9b0d42d59458b326b55a15841af68b54b44bedda943bf658563
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 06:25:39 GMT
server
ESF
date
Tue, 26 Oct 2021 06:25:39 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 06:25:39 GMT
reddit.png
pinoytambayansteleserye.su/wp-content/themes/mts_magxp/images/ 		921 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/images/reddit.png
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
136f336d0c5e8c08d6c03a973b2e8d16cf7459b71a0fb60d57aa30b7f2918d6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/mts_magxp/images/reddit.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Jul 2018 05:46:39 GMT
server
nginx
content-type
image/png
expires
Sat, 25 Dec 2021 06:25:39 GMT
cache-control
max-age=5184000
x-server-powered-by
Engintron
accept-ranges
bytes
content-length
921
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
postviews-cache.js
pinoytambayansteleserye.su/wp-content/plugins/wp-postviews/ 		133 B
410 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-content/plugins/wp-postviews/postviews-cache.js
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
aa8ab2153beec5132d9268e321035fbee7f935ddcf90294ceb3424f7fe3e5405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/wp-postviews/postviews-cache.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Sep 2021 07:58:16 GMT
server
nginx
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:25:39 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
accept-ranges
bytes
content-length
133
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
comment-reply.min.js
pinoytambayansteleserye.su/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-includes/js/comment-reply.min.js
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/comment-reply.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 29 Aug 2021 19:45:51 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:25:39 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
customscript.js
pinoytambayansteleserye.su/wp-content/themes/mts_magxp/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/js/customscript.js
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
7f3bc7b4be6099584627703c3a0054021b3045faca29c270dde716ed62be9537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/mts_magxp/js/customscript.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Jul 2018 05:46:39 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:25:39 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
wp-embed.min.js
pinoytambayansteleserye.su/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-includes/js/wp-embed.min.js
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/wp-embed.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 29 Aug 2021 11:17:50 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:25:39 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
wp-emoji-release.min.js
pinoytambayansteleserye.su/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 29 Aug 2021 19:45:51 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:25:39 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
nobg.png
pinoytambayansteleserye.su/wp-content/themes/mts_magxp/images/ 		68 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/images/nobg.png
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/mts_magxp/images/nobg.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Jul 2018 05:46:39 GMT
server
nginx
content-type
image/png
expires
Sat, 25 Dec 2021 06:25:39 GMT
cache-control
max-age=5184000
x-server-powered-by
Engintron
accept-ranges
bytes
content-length
68
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
gokvH63_HV5jQ-ENkzR2.woff2
fonts.gstatic.com/s/armata/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/armata/v12/gokvH63_HV5jQ-ENkzR2.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Allan:normal|Armata:normal&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
315124a1c80ef3c682f34e36aca57e118ce2309c5734ef0b383e9e72691991ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pinoytambayansteleserye.su
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:23:53 GMT
x-content-type-options
nosniff
age
460906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17540
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 04:36:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 22:23:53 GMT
ea8XadU7WuTxEubxNdU.woff2
fonts.gstatic.com/s/allan/v13/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/allan/v13/ea8XadU7WuTxEubxNdU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Allan:normal|Armata:normal&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da0a763cb88419837ee68bec4fde133a4646df0b7ef8de75b953ee09f39c4f76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pinoytambayansteleserye.su
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 18:03:59 GMT
x-content-type-options
nosniff
age
476500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21104
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 05:44:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 18:03:59 GMT
fontawesome-webfont.woff2
pinoytambayansteleserye.su/wp-content/themes/mts_magxp/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/fonts/fontawesome-webfont.woff2
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/mts_magxp/fonts/fontawesome-webfont.woff2
pragma
no-cache
origin
https://pinoytambayansteleserye.su
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/css/font-awesome.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/css/font-awesome.min.css
Origin
https://pinoytambayansteleserye.su
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Jul 2018 05:46:39 GMT
server
nginx
content-type
font/woff2
expires
Sat, 25 Dec 2021 06:25:39 GMT
cache-control
max-age=5184000
x-server-powered-by
Engintron
accept-ranges
bytes
content-length
71896
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
The-Bureau-of-Magical-Things-203x150.jpg
pinoytambayansteleserye.su/wp-content/uploads/2021/09/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinoytambayansteleserye.su/wp-content/uploads/2021/09/The-Bureau-of-Magical-Things-203x150.jpg
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
7d9be1f28c0118f357041bbb920f6b3a02e28ea4bdb0771bfa4dbffaf4443d72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2021/09/The-Bureau-of-Magical-Things-203x150.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:39 GMT
x-content-type-options
nosniff
last-modified
Mon, 27 Sep 2021 06:07:29 GMT
server
nginx
content-type
image/jpeg
expires
Sat, 25 Dec 2021 06:25:39 GMT
cache-control
max-age=5184000
x-server-powered-by
Engintron
accept-ranges
bytes
content-length
11670
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
Legal-Wives-1-203x150.jpg
pinoytambayansteleserye.su/wp-content/uploads/2021/08/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinoytambayansteleserye.su/wp-content/uploads/2021/08/Legal-Wives-1-203x150.jpg
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
eff3e2ec84a71f86b585b475e98b745bf36c9d2cd1b048fe448c21843ffc1bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2021/08/Legal-Wives-1-203x150.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:39 GMT
x-content-type-options
nosniff
last-modified
Mon, 30 Aug 2021 14:50:38 GMT
server
nginx
content-type
image/jpeg
expires
Sat, 25 Dec 2021 06:25:39 GMT
cache-control
max-age=5184000
x-server-powered-by
Engintron
accept-ranges
bytes
content-length
8951
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
Hiwaga-ng-Kambat-203x150.jpg
pinoytambayansteleserye.su/wp-content/uploads/2021/09/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinoytambayansteleserye.su/wp-content/uploads/2021/09/Hiwaga-ng-Kambat-203x150.jpg
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
38737755f536264abdbc06bb33b0d29f9b6bb491f6091574d4029004b333900e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2021/09/Hiwaga-ng-Kambat-203x150.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:39 GMT
x-content-type-options
nosniff
last-modified
Fri, 03 Sep 2021 10:37:23 GMT
server
nginx
content-type
image/jpeg
expires
Sat, 25 Dec 2021 06:25:39 GMT
cache-control
max-age=5184000
x-server-powered-by
Engintron
accept-ranges
bytes
content-length
8534
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
video.php
tvking.net/ Frame 3B01 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tvking.net/video.php?id=UkxBNlZXUEpvaS9xaXNzYXhGZ3ZUZz09
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
c1145a9e3667d54d370fabb8f645db84c7ed63ebb0af2cdf239e580315b36cbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tvking.net
:scheme
https
:path
/video.php?id=UkxBNlZXUEpvaS9xaXNzYXhGZ3ZUZz09
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pinoytambayansteleserye.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/

Response headers

server
nginx
date
Tue, 26 Oct 2021 06:25:40 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=7fcfefe99105a9bc3e56237f1963a06c; path=/
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-upstream-cache-status
MISS
x-server-powered-by
Engintron
content-encoding
gzip
admin-ajax.php
pinoytambayansteleserye.su/wp-admin/ 		1 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-admin/admin-ajax.php?postviews_id=2392&action=postviews&_=1635229539713
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
19581e27de7ced00ff1ce50b2047e7a567c76b1cbaebabe5ef03f7c3017bb5b7
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-admin/admin-ajax.php?postviews_id=2392&action=postviews&_=1635229539713
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
pinoytambayansteleserye.su
x-requested-with
XMLHttpRequest
:scheme
https
sec-fetch-site
same-origin
referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
:method
GET
Accept
*/*
Referer
https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
expires
Wed, 11 Jan 1984 05:00:00 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
no-cache, must-revalidate, max-age=0
x-server-powered-by
Engintron
x-robots-tag
noindex
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-nginx-upstream-cache-status
BYPASS
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/js/customscript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f5dcf1e0cd6147516641a0977a3de1e3015eb40dd8f53630fa84aafd035c4aab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ZDahfPNDvwZiRn8je63jXQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
Bc+CtTvWQ/rd91ObVY4jp1ST5Kn8jjCfsnMhIskH3nbyhAhG1x11nCo5ZcdMCBDNwROFbFO0ywt6xOcIX7m/qA==
x-fb-trip-id
686109401
x-fb-content-md5
e1fdd80bf732fb04d50940e5c711eae6
x-frame-options
DENY
date
Tue, 26 Oct 2021 06:25:39 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"4f4e4479d9e9a03f2212baa9af67dcea"
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:40:10 GMT
plusone.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/js/customscript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ea2e619c99231908d6923f542c82afde953ae0680a61af7b4cfc27d93232b6a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lGgT9WJSHUJBe7DhCUMY1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"4e89e82f0eeb0512bfb2d7642aaf4840"
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-lGgT9WJSHUJBe7DhCUMY1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires
Tue, 26 Oct 2021 06:25:39 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/js/customscript.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BE) /
Resource Hash
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 26 Oct 2021 06:25:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 18:33:56 GMT
Server
ECS (frb/67BE)
Age
610
Etag
"a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
29104
pinit.js
assets.pinterest.com/js/ 		361 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit.js
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/js/customscript.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:792::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-cdn
akamai
etag
"62d32c28f14783b94192cd8d35bc010d"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=277
accept-ranges
bytes
content-length
203
access-control-expose-headers
X-CDN
all.js
connect.facebook.net/en_US/ 		271 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=42bb1991af6b5e545b7984ac257a9089
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83f5396ca97cb352df30a8eb8c28b07e7b445bc60f101de0c0baaf8607ec45c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://pinoytambayansteleserye.su/
Origin
https://pinoytambayansteleserye.su
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
wyV4enrJ4mdcyXpgRqLa5w==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
78058
x-fb-rlafr
0
x-fb-debug
aV/pk8JJ5I3Ia2ga+kFO3VEmmTR9ZfHqae+7aAOar40QzovvUS3adKCvC4juhgvHLUbTb1YifRtUSeBtn6hs1Q==
x-fb-trip-id
686109401
x-fb-content-md5
415829cd31710dc4c3cd2ec80dc62736
x-frame-options
DENY
date
Tue, 26 Oct 2021 06:25:39 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"d40e62b3b0c7141ffef4741fd9dafe09"
timing-allow-origin
*
expires
Wed, 26 Oct 2022 04:30:03 GMT
widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html
platform.twitter.com/widgets/ Frame 030E 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fpinoytambayansteleserye.su
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pinoytambayansteleserye.su/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
353411
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 26 Oct 2021 06:25:39 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 18 Oct 2021 18:32:00 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6725)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
pinit_main.js
assets.pinterest.com/js/ 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit_main.js?0.46228790015704524
Requested by
Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:792::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
75ad585dd9aeca2614593614f6fd317e98b267e6595ffc18e9675e1c744b7a03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-cdn
akamai
etag
"0c6c6fa4aaa25b5091d9f0d1fe79700b"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=187
accept-ranges
bytes
content-length
18683
access-control-expose-headers
X-CDN
count.json
widgets.pinterest.com/v1/urls/ 		142 B
368 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fpinoytambayansteleserye.su%2Feverybody-sing-september-18-2021-today-hd-episode.html&callback=PIN_1635229539846.f.callback[0]
Requested by
Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit_main.js?0.46228790015704524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a7c034e2349f215c78ce851d157812aee42ab2352d973dc7226f9713929d9938
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
must-revalidate, max-age=887
x-envoy-upstream-service-time
2
accept-ranges
none
x-pinterest-rid
1342655684352022
expires
Tue, 26 Oct 2021 06:40:39 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2225afd62ab21bba128c4f5ab05706d90d1ad070ca23a4c967025fab62d97293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
422542
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
51558
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 17:21:04 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Fri, 21 Oct 2022 09:03:17 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ 		96 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e55db8c8216170be34f4055ae640d88e27ece72c5483453bcfe05cc31dccc6d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 03:04:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
357667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33943
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 17:21:04 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Sat, 22 Oct 2022 03:04:32 GMT
fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame A504 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fpinoytambayansteleserye.su&url=https%3A%2F%2Fpinoytambayansteleserye.su%2Feverybody-sing-september-18-2021-today-hd-episode.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8

Request headers

:method
GET
:authority
apis.google.com
:scheme
https
:path
/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fpinoytambayansteleserye.su&url=https%3A%2F%2Fpinoytambayansteleserye.su%2Feverybody-sing-september-18-2021-today-hd-episode.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pinoytambayansteleserye.su/
accept-encoding
gzip, deflate, br
cookie
NID=511=dYqdljSumWLlmVUo_flo0xRQe9JzwDliSN9U0rQoQnIKaENXxlr6A76viE9QgzeKYwF_H1Lom-UCdS-0kzHQNQBKvqNYRfDWaR6sfeKPOjWyQTk7lqR-7oR3BREwOspRNpcLUgdrg0tEubmg2Pn8sGn_ckEQy5LogxYx89lEaxs
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/

Response headers

content-type
text/html; charset=UTF-8
referrer-policy
no-referrer
content-length
1585
date
Tue, 26 Oct 2021 06:25:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
settings
syndication.twitter.com/ Frame 030E 		232 B
448 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=a51fea01529d64eb96556216ebee8b033c26b474
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fpinoytambayansteleserye.su
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-response-time
105
date
Tue, 26 Oct 2021 06:25:39 GMT
content-encoding
gzip
last-modified
Tue, 26 Oct 2021 06:25:39 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
b40a56034337e4fb80b1391091d513a4b23cf3ce82754802885937548b9043e4
content-length
166
postmessageRelay
accounts.google.com/o/oauth2/ Frame 583E 		566 B
827 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fpinoytambayansteleserye.su&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31d818b5346157e981b93a9411f50fd414075813109cf1c20f1688fad0dd1f6d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qW6l6VpcqooplfbmR6bLbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fpinoytambayansteleserye.su&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pinoytambayansteleserye.su/
accept-encoding
gzip, deflate, br
cookie
NID=511=dYqdljSumWLlmVUo_flo0xRQe9JzwDliSN9U0rQoQnIKaENXxlr6A76viE9QgzeKYwF_H1Lom-UCdS-0kzHQNQBKvqNYRfDWaR6sfeKPOjWyQTk7lqR-7oR3BREwOspRNpcLUgdrg0tEubmg2Pn8sGn_ckEQy5LogxYx89lEaxs
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 26 Oct 2021 06:25:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-qW6l6VpcqooplfbmR6bLbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame A504 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png
Requested by
Host: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fpinoytambayansteleserye.su&url=https%3A%2F%2Fpinoytambayansteleserye.su%2Feverybody-sing-september-18-2021-today-hd-episode.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://apis.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 26 Oct 2021 06:25:39 GMT
2759057950-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame 583E 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/2759057950-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fpinoytambayansteleserye.su&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
897211354bbbae29c006fc3a2eada1ce96279b4b0f50c87eca72764f3276c9ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 11:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
328569
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4293
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 00:07:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="federated-signon-mpm-access"
expires
Sat, 22 Oct 2022 11:09:31 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame 583E 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fpinoytambayansteleserye.su&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7072c25798bd9320d7fc373f555a8b0a231edea5d7ea7e816245468ec5e005f8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-atFa68fhGTYa/UfuzBhcjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"998951b1d5405dad0418a425bf80cab9"
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-atFa68fhGTYa/UfuzBhcjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires
Tue, 26 Oct 2021 06:25:40 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ Frame 583E 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47c2a064595a04eef284052f1c0e2a6eb32c61f04a5238d09ebca7ad16a7c617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 03:39:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18151
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 17:21:04 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Fri, 21 Oct 2022 03:39:24 GMT
button.0d6aa7fd095b2a9dd19cc66c7c2ed64b.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.0d6aa7fd095b2a9dd19cc66c7c2ed64b.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BE) /
Resource Hash
186ef01aca1c73789f73c2f4388a26387e38e5fd8a05f4f1c3785709cec25f66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 26 Oct 2021 06:25:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 18:31:51 GMT
Server
ECS (frb/67BE)
Age
375827
Etag
"e8090d17c9828f5a217bebb39dd3e689+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2294
tweet_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html
platform.twitter.com/widgets/ Frame 4460 		32 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BE) /
Resource Hash
d94cce9ec0cffd5417657d26aa1741a7e3b2b0a5f4232a80d789c1a254c4e2ef

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pinoytambayansteleserye.su/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
375827
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 26 Oct 2021 06:25:40 GMT
Etag
"89e8ce4106e3294685b0af818d97b80c+gzip"
Last-Modified
Mon, 18 Oct 2021 18:31:56 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67BE)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
12235
truncated
/ Frame 4460 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
jquery.min.js
tvking.net/js/ Frame 3B01 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tvking.net/js/jquery.min.js
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=UkxBNlZXUEpvaS9xaXNzYXhGZ3ZUZz09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tvking.net/video.php?id=UkxBNlZXUEpvaS9xaXNzYXhGZ3ZUZz09
Origin
https://tvking.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 06 Jan 2021 19:20:35 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:25:40 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
jwplayer.js
asianembed.com/js/jw8.9/ Frame 3B01
Redirect Chain
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1
  • https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
107 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=UkxBNlZXUEpvaS9xaXNzYXhGZ3ZUZz09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e061854c5a7141f3b8671a32e22513584b04ecbc185fe1bdc642fa9c3a891a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
414060
pragma
public
last-modified
Mon, 28 Oct 2019 04:34:13 GMT
server
cloudflare
etag
W/"5db66fc5-1aa99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfjkJ3KCb2QA7Jn1HYKBqgtz%2B44kYCtqV3l6AQ8hD9sHG7%2FdKfZ3BFL1YwQcZiEbH9reCPHrAg0bmdF9LXvIDe3od4hYFbXLGpywUf2BGNV6GTUU4e7pXWvGXmPikFY1yoJn5GpbaGnUiCuW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
6a419bd2eff64a61-FRA
expires
Sat, 20 Nov 2021 11:24:40 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:25:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sftoU1xJMKwWI1%2FuzLy37IpC6fPVP12WHkWDe5nVXT9%2FmTWtjIBsWbAaqqzSaguvGAw1iuznfewZveKKcrjphaEU%2Ba5VgKvCb1MLmGpVRzHnkYB25LQ3ACuOeUdmQQY4X05NwfBe%2BDNfLAYHig8565s%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
cf-ray
6a419bd278e04ab6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jot
syndication.twitter.com/i/ 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fpinoytambayansteleserye.su%2Feverybody-sing-september-18-2021-today-hd-episode.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1635229540194%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22f001879%3A1634581029404%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
106
pragma
no-cache
last-modified
Tue, 26 Oct 2021 06:25:40 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
b40a56034337e4fb80b1391091d513a4b23cf3ce82754802885937548b9043e4
x-transaction
28ba5ce95721479c
expires
Tue, 31 Mar 1981 05:00:00 GMT
newbottom.php
sorrelma.com/ Frame DBFC 		496 B
945 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=UkxBNlZXUEpvaS9xaXNzYXhGZ3ZUZz09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1efe86e6074b7b39fb12b9215d0ef280839cb3b5be8b5a1786d85b00e120b9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sorrelma.com
:scheme
https
:path
/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tvking.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
EXPIRED
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0h3%2Bouc9DceG1EFWUkXjjykBL8NRh4N2tin4GpO7UdcrAQ9Ncm6LNGwv7AMR3NrAs4ivOl%2BxHfhnZNq7XQs8fiOk2Kc4bzJv5SiXdCh4EOqHXVObuhB6dx%2Bfm2ts%2Fvnmv3HbSbBWd1ULEU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a419bd35d7e323c-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.9.2/ Frame 3B01 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.9.2/jwpsrv.js
Requested by
Host: embed.dramacool.so
URL: https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f44ac5619379731a4dd9a546101768c537a472dcbe049735c3740661a9f582d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
via
1.1 varnish
age
3527
x-cache
HIT
content-encoding
gzip
content-length
16060
x-served-by
cache-fra19177-FRA
last-modified
Wed, 25 Nov 2020 15:46:29 GMT
server
AmazonS3
x-timer
S1635229540.370090,VS0,VE0
etag
"9ce4655dbc7b8410f510da753f3be441"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
42
jwplayer.core.controls.html5.js
asianembed.com/js/jw8.9/ Frame 3B01
Redirect Chain
  • https://embed.dramacool.so/js/jw8.9/jwplayer.core.controls.html5.js
  • https://asianembed.com/js/jw8.9/jwplayer.core.controls.html5.js
301 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asianembed.com/js/jw8.9/jwplayer.core.controls.html5.js
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=UkxBNlZXUEpvaS9xaXNzYXhGZ3ZUZz09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
601498fc6d5ac29556ef63d805c90b3aa1fccf2c23abb93883f88a6d7c08b625

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
414058
pragma
public
last-modified
Wed, 02 Dec 2020 04:33:22 GMT
server
cloudflare
etag
W/"5fc71912-4b22c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dIDI3nAwQiKK7U5LPcBGlPoPnL2hmY2bLb6G2t4%2BTbUdSeU8LUxoxbKPmn%2Brkj5U8Yh1TIRaWImh6%2BzezNUm%2FUXaa3Ojfq31qWfKvmAzDWDHVp4eOYFAa%2BodynSE%2BtX0r17aNBdJDY73BKaY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
6a419bd348884a61-FRA
expires
Sat, 20 Nov 2021 11:24:42 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:25:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U56um9WTnjkr3C%2FACfVMeRcUEXBX6VjSIBKIgHeONUqZUV0DysdR5vNXr%2F3mWxO80ykwq4yuqx5vIDNshESrhhJsKgKQp4BMHn%2Fh%2FRdjRKvfnnafIzgnaK7jFHISl2KPEsGL8dQZxlTVaFKFJnF8tPI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://asianembed.com/js/jw8.9/jwplayer.core.controls.html5.js
cf-ray
6a419bd32a4e4ab6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
netflix.css
tvking.net/css/ Frame 3B01 		130 KB
73 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tvking.net/css/netflix.css
Requested by
Host: embed.dramacool.so
URL: https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
555ea69e8c5a2d3fd25a763fc5b3f6974665339036c81f71a45b0e42a66a4e8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/video.php?id=UkxBNlZXUEpvaS9xaXNzYXhGZ3ZUZz09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Jan 2021 17:52:16 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
expires
Thu, 25 Nov 2021 06:25:40 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
provider.cast.js
asianembed.com/js/jw8.9/ Frame 3B01
Redirect Chain
  • https://embed.dramacool.so/js/jw8.9/provider.cast.js
  • https://asianembed.com/js/jw8.9/provider.cast.js
23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asianembed.com/js/jw8.9/provider.cast.js
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=UkxBNlZXUEpvaS9xaXNzYXhGZ3ZUZz09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86b5fdfdd9a5b4fa54fcd051762b3fc1ff8df181c9ce547a8c401ae2fb85d129

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
414057
pragma
public
last-modified
Tue, 02 Jul 2019 04:04:09 GMT
server
cloudflare
etag
W/"5d1ad7b9-5d17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HiEkPOsou9Rp1gkmGcOi3AS1DoVSVVy5gmEEAnlIbvwgiqMKwzWorT7oNIpEVheMGxfEKiE0%2F5i%2Fya6INwg6Hg4mWN97Dek3QHxiK3IQhESIXK10Z51ihNX2iMlH%2FHXnM3KMQ3hraf4N2W1e"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
6a419bd3d9504a61-FRA
expires
Sat, 20 Nov 2021 11:24:43 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:25:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xCfM4F0CeFnT8YGvc%2FjtvKjFTsyvJcro0PDCrokgABhS8c4f%2FfQ3%2FDIuuRa%2BM1c0Op2OAKxuRHmtaruhGPqcqJ3JVMwTcJat5vS%2F7TUEITwEkBNa0c%2F7%2Bmw1LYeIWDJ8epbrjlKzEKzx0Funmz7jxBI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://asianembed.com/js/jw8.9/provider.cast.js
cf-ray
6a419bd3bb044ab6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1.jpg
i9.ytimg.com/vi_blogger/eRNnD84DN3Y/ Frame 3B01 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i9.ytimg.com/vi_blogger/eRNnD84DN3Y/1.jpg?sqp=COO-3osGGPDEAfqGspsBBgjAAhC0AQ&rs=AMzJL3nwNyD4zf5CiM-SF0jEKD3jVLh0YA
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=UkxBNlZXUEpvaS9xaXNzYXhGZ3ZUZz09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
870ce6aa3324c5b0340fc0ccb5a76f663edf36487c8fe55c791aec7764e049b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
x-content-type-options
nosniff
server
sffe
etag
"0"
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
private, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9954
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 26 Oct 2021 06:25:40 GMT
truncated
/ Frame 3B01 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a73feb1de68a3d732df0c6c86267a846d989a2f32f91434127ba4cd1a7ff8b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
/
sorrelma.com/geometric-tattoos/ Frame 7514 		55 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d03a54eaab2a50ce9ad558bab3f88d8fe3e5e5137ce58524f08e36957a882d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sorrelma.com
:scheme
https
:path
/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-pingback
https://sorrelma.com/xmlrpc.php
link
<https://sorrelma.com/wp-json/>; rel="https://api.w.org/", <https://sorrelma.com/?p=1056>; rel=shortlink
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
EXPIRED
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsghLOo1HwsaPtcRVkgeGlWateNay7dHY5%2B0rSt0XWUEy%2FjabVC5QiSJD6dhXD5qATe30DC3jEj7wvLMNOSXtRUoXjPB%2BoGFD0CwsmsC7ni4e2MjSEsIT1xTBasl6t98H6ugSNrUc2j%2Fd8Q%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a419bd3ee24323c-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 3B01 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: embed.dramacool.so
URL: https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Oct 2021 06:25:40 GMT
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 3B01 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
12390
x-xss-protection
0
last-modified
Mon, 06 Jul 2020 23:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="chrome-dongle"
expires
Tue, 26 Oct 2021 06:25:40 GMT
cast_sender.js
www.gstatic.com/eureka/clank/93/ Frame 3B01 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/93/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 08:55:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15346
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 17:05:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Tue, 26 Oct 2021 08:55:41 GMT
style.min.css
sorrelma.com/wp-includes/css/dist/block-library/ Frame 7514 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2148838
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 19 Feb 2019 07:15:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3XT5Q8bHU7VevEvmUx96ZqphfE4wLGPFvSTKf3OqQJxOR5%2FCN7Goqp2RrXfGzla1xizeh2WsOkxRbFO68%2Fg21LKudm9Dsxbflr09ykRKJEwXiA3giY4r%2BlJPgGObosg%2BUX3%2Bn5miJR9Vv0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a419bd56866323c-FRA
expires
Sun, 31 Oct 2021 09:31:42 GMT
styles.css
sorrelma.com/wp-content/plugins/contact-form-7/includes/css/ Frame 7514 		2 KB
909 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2148838
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 18 Feb 2019 09:39:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ix4GKDe7tUXXmqvsqRUYiAsIx9RUBfNiu6H348cmRFJ2zDQFE54hOHDC1A%2FiK6qvYMII4ZOV1zlXDJI4LqknaVxEvKOW5m2N0ErDjYgRhGDsvXUeiYU%2Fdz0aywILsXyf1qjrj0ZtFvq9O6k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a419bd56868323c-FRA
expires
Sun, 31 Oct 2021 09:31:42 GMT
wp-fs-publisher-plugin-public.css
sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/css/ Frame 7514 		600 B
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/css/wp-fs-publisher-plugin-public.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
031627e2b1467583d62e5923230cc5629a9380f899092a40deccda4298fafb88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2114789
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 18 Jun 2020 19:14:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BJmXqHNA5cPkrulAGToX4OkeY0hUIuBaKUBuOlAWhw33EfkFltUe4ph8NoN5Z%2Br%2F3aw0H%2BkmTdeuWe4C718W0q2%2FrX4fPksbhh45kj4giULGMXoBPqk7VDGIclaT57FNdcphIgGVwf5fxo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a419bd56869323c-FRA
expires
Sun, 31 Oct 2021 18:59:11 GMT
style.css
sorrelma.com/wp-content/themes/sahifa/ Frame 7514 		194 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/style.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e773633689e3114bce010648744f723a65228e2da4a18be83b2ee1a684a8a99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
274300
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FrrYUdCRRDVx9DirJlNtz7tvqvXaxie0djGdmGFqBQsV0355%2Fr1hrPLDHZih4cGJ4MZgt5vpk0lxu5jSZsvqObsRj6WwuvM0QRwe9%2Fqe2JFZ%2BMdv3Sl1%2FRqA7h%2FwCZsmIl4Kr6JYELnhykE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a419bd5686e323c-FRA
expires
Mon, 22 Nov 2021 02:14:00 GMT
skin.css
sorrelma.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/ Frame 7514 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1688072
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2B9F%2BvIZvv3bSqQA4XFpVedOqiNxZcJbwdZdysLbiGtY9eqaesKAxni3YBuUelWEKF2YJjylOOsg3nnAVH%2FfUDKO1JqQXQu9nPK87dH7LkH0FvkdH%2FRdwu95%2FMM96nUhOa6wB5qxi2jHELo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a419bd5686f323c-FRA
expires
Fri, 05 Nov 2021 17:31:08 GMT
css
fonts.googleapis.com/ Frame 7514 		754 B
429 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 05:19:29 GMT
server
ESF
date
Tue, 26 Oct 2021 06:25:40 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 06:25:40 GMT
jquery.js
sorrelma.com/wp-includes/js/jquery/ Frame 7514 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/jquery/jquery.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
365643
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Jun 2020 18:21:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Q2LHjaf%2BEmIIGIPkOwqLaH6vUUljx27SJxxZPLnjPLTlTtwMp0QwxTxURNGEj5NfUqyMknV4W3yh8BAZoUgTngnCsFmyA46efSlVcnFKpjcjaIkQG7TVhNRNu2dQxrRLLXkCYoXp4ZmrLM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a419bd56872323c-FRA
expires
Sun, 21 Nov 2021 00:51:37 GMT
jquery-migrate.min.js
sorrelma.com/wp-includes/js/jquery/ Frame 7514 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1688072
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Fri, 20 May 2016 15:41:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvVFET4bfO%2BT0RKKrmMNxj81qxB8pGNXwj1bVr1wZ%2BuYI8z68B3LntLNu4y%2FNbsrw3pd5VZWy%2FVPLbOSMkOaWMkLKbyLpuVthFhiw6fKB1sDPT%2B5Ay4DID1RAKlpw6gaI4NAsMNjtClhRp8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a419bd56873323c-FRA
expires
Fri, 05 Nov 2021 17:31:08 GMT
sab_bar_script.js
sorrelma.com/wp-content/plugins/sticky-ad-bar/js/ Frame 7514 		692 B
517 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/sticky-ad-bar/js/sab_bar_script.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82daca67f98ff065aa7278d8e15dbab73f3af089d8fa6418fa3af7d87963c1c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2114789
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Apr 2019 16:59:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1q50GLrow9UA1%2BIAsp8ITuUU0iDPO%2FiwqfGr4r0Fxe0f2WQDIKfvsioxoCNLoB77ezZsBUS%2BpPRPqNRdmf2QHtQO3f9po7RfG1vQ2FjebttlNa6Ml3YZAeCS10WfE52KEQ0Ph90bJdDqeeU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a419bd56874323c-FRA
expires
Sun, 31 Oct 2021 18:59:11 GMT
jquery.cookie.js
sorrelma.com/wp-content/plugins/sticky-ad-bar/js/ Frame 7514 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/sticky-ad-bar/js/jquery.cookie.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2114789
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Apr 2019 16:59:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVHl9EL7vGWCzV5x86y1NLw6ULDrQpWJ0lbVcC6Hrdt0CXiLNeBl3jHpHD%2BWrx1F%2BOxFwfsmLTxM7SaJs9MWimibrcRtCtjrL5LcnamTXYEnZL%2FZWtN8%2Bmz34d3S6ZXcw9KW%2Fiqxvk%2Fqo9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a419bd56875323c-FRA
expires
Sun, 31 Oct 2021 18:59:11 GMT
ai-jquery.js
sorrelma.com/wp-content/plugins/ad-inserter/includes/js/ Frame 7514 		18 B
370 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/ad-inserter/includes/js/ai-jquery.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5257f9ca13e924a41ca83bdec64768c6b1eaaa16fbb0e9a0fe22873f0c6efa7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2114789
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18
pragma
public
last-modified
Wed, 26 Sep 2018 10:04:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6P7oNXiL0Om7iKATChEeH0MZXUwwMF%2BYonTt7QwesgltmxxrVHGJ0FmyZ0bj9hHChbbzGOz22Zh%2FdoFIUXc8WzlDXkoxOOr3iVtM2%2BbLgQbFEa5Hbhn3DMhNYrOjcXumKUIpPQcrbiXHBMw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6a419bd56876323c-FRA
expires
Sun, 31 Oct 2021 18:59:11 GMT
tag.min.js
api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/ Frame 7514 		386 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:28be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57c56b3cce79b87247db023162b2906cef6b417ffc15abbc23a8f085ce3f258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2217055
x-host
adinplay-1
last-modified
Wed, 21 Jul 2021 14:04:03 GMT
server
cloudflare
etag
W/"60f82953-608ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUkbN8BnQMPs3kYzuJ%2Bu1OZoAt2k4cMaOcW3%2BAdcdR%2B7tEMvVEgNxoOTl0ax9MZL5GXDf79XAnQtxWF0fHBx5GmVPn9aCuMREvtqLm7ADVA7jPC%2Bysry80rTZWdSSYT3m8LSU1Lh%2F4GlSMdw2iI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
6a419bd5f8942b35-FRA
geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7514 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9660bc3fc184263500f63203061e633f1b3048b50650f4580e5cdcc68605f7b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2405812
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
41596
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J72586HI%2BHdBkDLoi39OPaDSwM%2Ft%2BWuNOokkttJh4c4SKkx0NsiJpCHh%2Bab8SXGO6Y5Y%2FGK0RvcfRuKANJ7IRshMH7Jql2ihDPE5sn3D22LEXCyLGIbf0b0Gf48Tftsaw%2BWxRqoHpKBF1Yc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a419bd5b8d0323c-FRA
expires
Sat, 27 Nov 2021 10:08:48 GMT
1519250928_338_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7514 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_338_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16dc5edfec3c800b3cfb11b9deba2b8eb4fcda05324ae8426da3ade93b209fcf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
274300
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
53414
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2F9J3ovR8QvBHUfqw%2BoYUTacT4c2KMUfenZmqrFPrDxYbvuYLehd5ciYvp%2Fwx3CTZPi3TJNLytFP184uJAtU8tcSHH7JW2Ayf%2Beh5hdh6u7VPGGwDAZ%2By7LLl9e%2Btr%2BQyB%2Bnrvm714g6HYM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a419bd5b8d2323c-FRA
expires
Wed, 22 Dec 2021 02:14:00 GMT
1519250928_833_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7514 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_833_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb72de3f054ecfe84350d5022993fcb749f73e81d6c3a5ba250e925f600b659b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1308836
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
132464
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnvkryhaLQZ%2BxTrNqnRbXvAEUvDfiM072y%2BJkkOve9514nabwm1UNVvQanNUaBRS%2FqI3PfGyHB9WCRJRYk%2BVl3UseJQlYQsaUyRkegVyptPOuvKv8qgDc9ujYr0VQsOfFnurazQnP4rwmZU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a419bd5b8d5323c-FRA
expires
Fri, 10 Dec 2021 02:51:44 GMT
1519250928_72_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7514 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_72_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
116adf28abdb115d993292c9ce4761c202a7207c76e8acc0c3cfd99213bb581a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3728308
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
51854
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rx22bjVJREwX4VxEO8LHyVx2xF8JDtQI1DUiCK9TxuLEMtjwrS2HgMiJd80BIYbbYTB5sP23VmRADuXg0MkUNnuge0kSuRcF4GBd%2FLbQmchoQnubarEUAr7ggUpGdLEUXbaP8aqi2Wk%2F74c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a419bd5b8d7323c-FRA
expires
Fri, 12 Nov 2021 02:47:12 GMT
1519250928_78_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7514 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_78_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492294eb78fb67898f1202f544c863c64aa5c79639792740af38afb59474a20d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2114793
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
34721
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15fMePnS7Cis1rmIgkShyfeILWjTNbq%2BE3TBmlX4tCPL2n%2BkRoseJmo4pg6nzgGSFlhn7HceWNPzQcRnrUeBeBpVKUUCfysWg3vUHQ4T%2FpRraqdZUHyTeCpgGYchYHT6RLYHBu0a2lhaY6E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a419bd5b8d8323c-FRA
expires
Tue, 30 Nov 2021 18:59:07 GMT
1519250928_579_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7514 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_579_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b927edf1265f2093056926ed02d2dc129ea192dc8c01419165f41ccbcf9f9024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2114793
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
66290
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7VCKF25jfxErkAoLKTJQc7ce7gJRu9kVjF%2B%2Be8m6uUAieRMTimIGpnKc70xcfD8l3f1HI99BJZz7N6dtqrAb3qgq7s6cU2GYey9tbP2idzzQjvANNX2atP5ypj0aUosHWJCAyGP3vbZlelc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a419bd5b8db323c-FRA
expires
Tue, 30 Nov 2021 18:59:07 GMT
1519250928_550_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7514 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_550_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80979b94ac7b493bd5c78d559b196de8142463ddb0b87c1ea7c0db97fb2618b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2114793
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
52987
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkme9a96KGv7cj74w5EzOe94FRz2JmFA6RLVgDwbymXmeMQNBOU9iWiLjtXSCKRRlxStIwAo0y3wypqKdU7gF50d5EQzHm%2BT9x1zPEsZAsC51b1UCnRn6YnIVz03%2FdekTTwgaXB6p%2F9WVTw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a419bd5b8dc323c-FRA
expires
Tue, 30 Nov 2021 18:59:07 GMT
1519250928_109_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7514 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_109_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09f58582c4ce1789a058697d2149b4ebb0523197184ec67ff5c48340f32fa776

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2114793
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
68634
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4iZjuyHHvtWhM7exzyR8SRs04%2Fs1KqhMMgREfmuv2vpq7u7MftABx87xKe0QGFUL%2B076axcFrj3T9TfnGc33skERkalXsIb%2FWV%2B29k%2FWII%2BgtETW5y5x8EAdj93ma1MRWEABgxxV9IT3SI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a419bd5b8dd323c-FRA
expires
Tue, 30 Nov 2021 18:59:07 GMT
1519250928_601_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7514 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_601_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b54a2d91eb20dffe721af23f5378d01b404a936ea58cff2ddd2bd7d42eed41d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1308836
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50513
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D73Pk6CJGDq0DTrxjzY5DuhgcLXuHbmp7oZEWhKTpaWXraVZairh8GgMVdxPHSUEkR7bSCqbXd%2BgsjFQpH4irp1SxmPdQsudAfcN6EJ9KZ5f8t0h99yro2WTSFDLi%2F9ieqCvyPZrBGUUrec%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a419bd5b8de323c-FRA
expires
Fri, 10 Dec 2021 02:51:44 GMT
1519250928_640_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7514 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_640_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd34bb6ab60052bec78b792a0645cef8212b7e9a1dcdaa5fd402d8cfa3376e70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2114793
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
58074
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOIhjFBl0VjayWIgjfqIoYq2WuBpqYkYz92ZbkVjZPPUx%2FOEU24vSNvN50S0I%2FRARjYfY05RURsEi%2Fxo5eL66XC6p8jePHIYyPeDUyCbMxSSZg6Cs%2B%2FE7l6TkGznCzJ7Ewxfbmpr%2FYZseJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a419bd5b8e0323c-FRA
expires
Tue, 30 Nov 2021 18:59:07 GMT
1519250928_413_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7514 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_413_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f0814404fd437b1558f0e577e5404e3d2636551a8914c0f18bb6743152b5609

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2114793
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39407
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRCh4MOhE%2BfALh4lF%2FiITFkb6tq2dyAvFbWhu%2BIl26HHX0QVvDrCP2PoSE1XHhVMdFx5oR7fp5y6hBu8BxgReMcY1JFqZP90qipvg9Z3M8VqwbDKAXXZmB5fcjxEZ2%2BNkmcxeaAaxh8BUPQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a419bd5b8e1323c-FRA
expires
Tue, 30 Nov 2021 18:59:07 GMT
1519250928_485_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7514 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_485_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9251ad8e436d54be0398fe433c665125f99d4f8e28e56d27aae11c5c4c95b04e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2114793
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50338
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5sb%2FlTAsVdd7I80g0GyEJPGVUaMPtqZrKozHyIaBVritTE1545tER5y6X0nX9bgg9KwetP5iFaJotKOpX0SxbFibuSM%2FvS6t5YjJMDbsQhsCB9%2BFQba0S9JunI5oakmoLSpqQm2GwKOXHNk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a419bd5b8e2323c-FRA
expires
Tue, 30 Nov 2021 18:59:07 GMT
1519250928_592_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7514 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_592_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d21f6e59514e46c054dc772250efd9d5f32d2f52029e8ed0899526636aa8692

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
274300
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35682
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5pMTAYPDCoKZYHFoOp5SQkGyl%2BkXQD96Hd6uiJv59Ch7DZFqS1yBU%2FLSkbiHO9s8de%2Bt3p7JZI8%2F9U7S%2BS1Bvv6APygFbjj2aZW9belJ20BPbRPDntsRwLmaHNiWqcl7dJq1CUJWIDNJB0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a419bd5b8e3323c-FRA
expires
Wed, 22 Dec 2021 02:14:00 GMT
1519250928_598_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7514 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_598_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdcc2d96d84b3d2481ab11b76a9509c927c8fc601bcd9d191e3192901fba2231

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2114793
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
49828
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDtUK7txmHRaGUPU4tsTmbKlWnU4A5KyTXSiylXJSk2LueH8KbbFPP%2BjIMkkOK9BnLPZT6RX%2B9mz%2FsnbUy7sLJPKlOqBPKbQy41l8VhDatIhYX5jyPA6vCxMBUsvomhlGB%2FjNuyp3N8D1oY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a419bd5b8e4323c-FRA
expires
Tue, 30 Nov 2021 18:59:07 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 7514 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d4f7712ca2d31ecf8056bfde29f31bc69ed86ff1388c5c14e134c211ec7a66bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
51341
x-xss-protection
0
server
cafe
etag
5376547957962546843
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:25:40 GMT
scripts.js
sorrelma.com/wp-content/plugins/contact-form-7/includes/js/ Frame 7514 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2114779
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 18 Feb 2019 09:39:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bI%2BhxmS4gKSQx42GUGY8rKeobm4rtfFMfcH%2BNiGVn%2B6E4Dphxw%2Fn9GeGpKdhmBl3%2F1Y30CkWywxwBhOEkqpyVlZAfBLxX2vTE%2Be9f%2BYKq%2FhCznPvs%2BhgnNe0F9EenEOEV4PCdS9wwwuPj78%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a419bd598a5323c-FRA
expires
Sun, 31 Oct 2021 18:59:21 GMT
wp-fs-publisher-plugin-public.js
sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/js/ Frame 7514 		48 B
454 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/js/wp-fs-publisher-plugin-public.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26e18f9b0e4b60adcb16c2414fc48a26a72b888de86dc68eea1ddf5d21e8e796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2114788
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 18 Jun 2020 19:14:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=joQCQz0%2BN8XGqONNE0ueedj4KKIM17veAtayepe0cHgYxiqAXcc%2BaEgX01RK0xsctF0XkjQgHhluboHbapoaKey%2BheTgCFosZpeN7G6cLgjRKePdfNSwAqt6WcpzNm6pvhV1YsLaVINKGks%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a419bd5a8b2323c-FRA
expires
Sun, 31 Oct 2021 18:59:12 GMT
tie-scripts.js
sorrelma.com/wp-content/themes/sahifa/js/ Frame 7514 		78 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/js/tie-scripts.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5711e4959eb0f311e3005e867f10b2fdb68f9052d0f7534512805495efdb18d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1688072
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fzk3CZ86Us3jKklL6BChJmqYpCtFVonfRlaYLdNg6%2BXX1ba%2BhhQfeLw5ZQJRdYlClVGdpQe987arlcdMXkgRhu23jXvuhd7JJqz1IyEE25%2FNO5tiKsKr%2BVYJQaEawEHDL%2FVmqen9ZC0n3RE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a419bd5b8c3323c-FRA
expires
Fri, 05 Nov 2021 17:31:08 GMT
ilightbox.packed.js
sorrelma.com/wp-content/themes/sahifa/js/ Frame 7514 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e09e03517424a8ee433640b77d9b2b891919d0a2cf4a01a5d3847b535777a104

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
365642
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJ%2F5bFJuXsoP7H9RJ1KtgbTKMzUJyzSP5nTImfzYQD%2B7UW0OreeY6GHppkUR72L7%2FPMyCpuntgOLjRgX%2ByoXr46da1J7tJORGlCDvd9kfyQtiXEPbkA66MWa5pTOiY%2BaWTd6FqG0jhHVql4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a419bd5b8cc323c-FRA
expires
Sun, 21 Nov 2021 00:51:38 GMT
comment-reply.min.js
sorrelma.com/wp-includes/js/ Frame 7514 		1 KB
867 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/comment-reply.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2114788
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1F5CzcYh6y123Sf1ExUvHE5tDb7hTDoOxoslCKJhdJQ0ZsxgPADHUeDV97usGzrXPqTCiZ%2BMZ3jr0VYPBuXqSJTnGPMqYgL%2Fcdt5Nl%2BBmOQdtUQRyVorbCiNXW8vGnx4lBQcN2yqXT%2Fb6as%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a419bd5b8cd323c-FRA
expires
Sun, 31 Oct 2021 18:59:12 GMT
wp-embed.min.js
sorrelma.com/wp-includes/js/ Frame 7514 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/wp-embed.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
274300
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GnaD19Hk6Sa%2BcqUf%2FddwMCNuo9%2Fz3Eg1ZJZYqiEt067XBJGg%2F%2FCjc3VXm%2B5BPS%2B0s%2FCMfBwRXbIEcXYlQ5yTiH4%2F%2Bt0fupcqoc3TQCn7Ram3PtVNwngBkNpzENwX450RPOSx6EW0f05%2FEQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a419bd5b8ce323c-FRA
expires
Mon, 22 Nov 2021 02:14:00 GMT
wp-emoji-release.min.js
sorrelma.com/wp-includes/js/ Frame 7514 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1136288
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzOMBHqyUpaxuuhq2o0cM%2BZ2doug9t1yO3rNaw8PKdPlTHhH4ZM8nBglYthfy8kI9uu7mYV4RTLC82RvCAnI4rdjK4aXiJd1GsEHGTkMu4d%2BvDDk7PkfGp9rETc9Zxo4ibUSsol5%2FBQBFRQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a419bd5b8e5323c-FRA
expires
Fri, 12 Nov 2021 02:47:32 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 7514 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
sffe /
Resource Hash
b10f796cd4fd81dbb1a7d9c96e7e661dcc52019930b64f4e4da9c7e22646b823
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1024 / 374 of 1000 / last-modified: 1635199591"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27204
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:25:40 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 7514 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211026
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
34730
x-jsd-version
1.0.1141
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-IbAjCTPPADJ70cCO1b/fgs4OmD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a419bd67f2c5cb0-FRA
adsbygoogle.js
api.adinplay.com/libs/aiptag/assets/ Frame 7514 		16 B
368 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:28be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2217064
x-host
adinplay-2
content-length
16
last-modified
Wed, 04 Apr 2018 16:13:25 GMT
server
cloudflare
etag
"5ac4f9a5-10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5pNG%2BBe45MbKGefjhH9Mq3wuyD1F%2BjZuDc%2FubaZsaSktXxfoTNiN0Og3zN3AqJbqSMKDRbDi2mFMWZrovKI05ZgotbiA9Lb%2Bcqc4NdlJ0Q89a%2BeJXM5qo1%2F0isHlu%2B3bw5OB2ikabU%2B%2BPCLD6o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6a419bd6592c2b35-FRA
prebid
ib.adnxs.com/ut/v3/ Frame 7514 		138 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
2dd6c611063f361d919506269d52fa7e293d55b520baf2fe34ce009502056e21
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:25:40 GMT
X-Proxy-Origin
136.243.198.81; 136.243.198.81; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4bca5767-55cd-4dcd-816f-7b525cddc62c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sorrelma.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 7514 		2 KB
927 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211026
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
34730
x-jsd-version
1.0.1141
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-IbAjCTPPADJ70cCO1b/fgs4OmD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a419bd67f2f5cb0-FRA
/
log.pinterest.com/ 		0
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.pinterest.com/?type=pidget&guid=epptfk4mBydG&tv=2021082501&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fpinoytambayansteleserye.su%2Feverybody-sing-september-18-2021-today-hd-episode.html&viaSrc=canonical
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
1
x-cache-hits
0
content-length
0
x-served-by
cache-fra19123-FRA
pragma
no-cache
server
envoy
x-timer
S1635229541.873183,VS0,VE91
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-pinterest-rid
1137443224573214
accept-ranges
bytes
expires
Sat, 01 Jan 2000 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/ Frame 7514 		270 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51fbc43a986a30d22ab621f23d0d95e51dd574f1f1b677af3bc77c226cf957cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
99003
x-xss-protection
0
server
cafe
etag
2748601908783812869
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:25:40 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/ Frame 7E76 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211020/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 26 Oct 2021 04:50:41 GMT
expires
Tue, 09 Nov 2021 04:50:41 GMT
content-type
text/html; charset=UTF-8
etag
15765991816257340444
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4703
x-xss-protection
0
age
5699
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
pubads_impl_2021101901.js
securepubads.g.doubleclick.net/gpt/ Frame 7514 		362 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
sffe /
Resource Hash
63cc53f922756833d0ef84cd106362b7039e6fc5dcdb93cd9d885d74ee254157
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
125444
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 08:35:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:25:40 GMT
integrator.js
adservice.google.de/adsid/ Frame 7514 		107 B
716 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7514 		107 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A34E 		603 B
248 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223587&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635229540882&bpp=3&bdt=191&idt=62&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=7113222368455&frm=8&ife=1&pv=2&ga_vid=1784717487.1635229541&ga_sid=1635229541&ga_hid=44164379&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=21065724%2C31062525&oid=2&pvsid=86037222474715&pem=827&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.9g6fzv7salik&fsb=1&dtd=73
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223587&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635229540882&bpp=3&bdt=191&idt=62&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=7113222368455&frm=8&ife=1&pv=2&ga_vid=1784717487.1635229541&ga_sid=1635229541&ga_hid=44164379&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=21065724%2C31062525&oid=2&pvsid=86037222474715&pem=827&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.9g6fzv7salik&fsb=1&dtd=73
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 26 Oct 2021 06:25:40 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 26-Oct-2021 06:40:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Tue, 26 Oct 2021 06:25:40 GMT
cache-control
private
prebid
ib.adnxs.com/ut/v3/ Frame 7514 		138 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e9b053f3bb9b6de77e5c4b1782068ca9040ef490aff316414468e917db2afa8e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:25:40 GMT
X-Proxy-Origin
136.243.198.81; 136.243.198.81; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
02520cd3-211e-4875-8c46-d7ed8a11a737
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sorrelma.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 7514 		97 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=86037222474715&correlator=3070471739837781&output=ldjh&impl=fif&eid=21065724%2C31062525&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=421469808%2Csorrelma.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=GS%3DYes%26OS%3DOther&cdm=sorrelma.com&bc=31&abxe=1&lmt=1635229540&dt=1635229540989&dlt=1635229540692&idt=275&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=2026580777&ucis=2aiakbsi4gw1&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fsorrelma.com%2Fgeometric-tattoos%2F%3Futm_source%3Dtwitter%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&top=https%3A%2F%2Ftvking.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=1784717487.1635229541&ga_sid=1635229541&ga_hid=44164379&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
1967198fe7b3eed0aba97965e8aa9c889a0c8b59fe2f5b95dd6f61286c0e0942
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP3hrd-45_MCFbTyuwgdoj4E_g&gqi=&layout=/sadbundle/%24csp%253Der3%24/1073233227793505334/cw32_logitech_worf-from-home-300x250px/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP3hrd-45_MCFbTyuwgdoj4E_g&gqi=&layout=/sadbundle/%24csp%253Der3%24/1073233227793505334/cw32_logitech_worf-from-home-300x250px/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
32241
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Tue, 26 Oct 2021 06:25:41 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sorrelma.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7DE6 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:25:41 GMT
expires
Wed, 26 Oct 2022 06:25:41 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
async_usersync.html
acdn.adnxs.com/dmp/ Frame CDAD 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sorrelma.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 25 Oct 2021 05:07:02 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 26 Oct 2021 06:25:41 GMT
Age
4716
X-Served-By
cache-lga21933-LGA, cache-fra19167-FRA
X-Cache
HIT, HIT
X-Cache-Hits
3, 52055
X-Timer
S1635229541.044729,VS0,VE0
Vary
Accept-Encoding
bounce
ib.adnxs.com/ Frame CDAD
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
805 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:25:41 GMT
X-Proxy-Origin
136.243.198.81; 136.243.198.81; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
fcc9343a-c7f8-4046-9b6d-c160a3525396
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:25:41 GMT
X-Proxy-Origin
136.243.198.81; 136.243.198.81; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4d2009bc-46c8-456d-89a1-e3a1a5e1a844
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7514 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1a8c2849ea1aec5e992a9f3a0e6982cdadf30416d5c260e1ba9682a7e582654
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8540
x-xss-protection
0
share_button.php
www.facebook.com/plugins/ Frame EC41 		42 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e5fba086e2208%26domain%3Dpinoytambayansteleserye.su%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpinoytambayansteleserye.su%252Ff1d9329bcbfe3a%26relation%3Dparent.parent&container_width=90&href=https%3A%2F%2Fpinoytambayansteleserye.su%2Feverybody-sing-september-18-2021-today-hd-episode.html&layout=button_count&locale=en_US&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=42bb1991af6b5e545b7984ac257a9089
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2ba33a162b731dfb36f6d3cb1b21d8e0a2fd14ac225d697409014cb201c804df
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e5fba086e2208%26domain%3Dpinoytambayansteleserye.su%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpinoytambayansteleserye.su%252Ff1d9329bcbfe3a%26relation%3Dparent.parent&container_width=90&href=https%3A%2F%2Fpinoytambayansteleserye.su%2Feverybody-sing-september-18-2021-today-hd-episode.html&layout=button_count&locale=en_US&sdk=joey
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pinoytambayansteleserye.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
5fcMmz6fK8iXMGaTDmOQnltGiGW38imRh8L0fhwX2ZO5Okiumb+z4Nb295bWycI7l/nAKT1ZI3NA5xKQgdI/rQ==
date
Tue, 26 Oct 2021 06:25:41 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
like.php
www.facebook.com/plugins/ Frame 94F0 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df30d59529f5ccdc%26domain%3Dpinoytambayansteleserye.su%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpinoytambayansteleserye.su%252Ff1d9329bcbfe3a%26relation%3Dparent.parent&container_width=92&href=https%3A%2F%2Fpinoytambayansteleserye.su%2Feverybody-sing-september-18-2021-today-hd-episode.html&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=150
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=42bb1991af6b5e545b7984ac257a9089
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df30d59529f5ccdc%26domain%3Dpinoytambayansteleserye.su%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpinoytambayansteleserye.su%252Ff1d9329bcbfe3a%26relation%3Dparent.parent&container_width=92&href=https%3A%2F%2Fpinoytambayansteleserye.su%2Feverybody-sing-september-18-2021-today-hd-episode.html&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=150
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pinoytambayansteleserye.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
b0SVNzDOZeh5LMTNrxEywyNKaZFs709umN0CSXyoO4iJWHF81alh2CzaqNgliSlOFTEEunUrPI2n2Ulzqvwtmg==
content-length
0
date
Tue, 26 Oct 2021 06:25:41 GMT
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4BCC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sorrelma.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3167352038448388391
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 25 Oct 2021 05:07:02 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 26 Oct 2021 06:25:41 GMT
Age
4717
X-Served-By
cache-lga21933-LGA, cache-fra19167-FRA
X-Cache
HIT, HIT
X-Cache-Hits
3, 52057
X-Timer
S1635229541.125456,VS0,VE0
Vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7514 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 26 Oct 2021 06:25:41 GMT
async_usersync
ib.adnxs.com/ Frame 4BCC 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:25:41 GMT
X-Proxy-Origin
136.243.198.81; 136.243.198.81; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a5de1fd4-6ea4-4551-b354-5a8e68f617b7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 30BB 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 26 Oct 2021 06:11:18 GMT
expires
Wed, 26 Oct 2022 06:11:18 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
863
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame 361D 		783 B
960 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
49289269c2ed99ce2de6cba490ee76a6f1cf03921400d73b255cfc462b3de5c3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VCea114vneCkLmf4u6RtDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
cookie
NID=511=dYqdljSumWLlmVUo_flo0xRQe9JzwDliSN9U0rQoQnIKaENXxlr6A76viE9QgzeKYwF_H1Lom-UCdS-0kzHQNQBKvqNYRfDWaR6sfeKPOjWyQTk7lqR-7oR3BREwOspRNpcLUgdrg0tEubmg2Pn8sGn_ckEQy5LogxYx89lEaxs
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 26 Oct 2021 06:25:41 GMT
date
Tue, 26 Oct 2021 06:25:41 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-VCea114vneCkLmf4u6RtDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
rYsSliro57HlqQ0w1drzgXd5CbzCCwb6qdFIuIj2zIs.js
pagead2.googlesyndication.com/bg/ Frame 30BB 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rYsSliro57HlqQ0w1drzgXd5CbzCCwb6qdFIuIj2zIs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad8b12962ae8e7b1e5a90d30d5daf381777909bcc20b06faa9d148b888f6cc8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:55:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
34188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13232
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 25 Oct 2022 20:55:53 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 361D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=86037222474715&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
container.html
07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 65AB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:25:41 GMT
expires
Wed, 26 Oct 2022 06:25:41 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/ Frame 47CE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/index.html
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15360e8612ebbbaeb3c406a19976e422d12f618b71562febd5ae3a2d83c6ea49
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
content-length
3617
date
Tue, 19 Oct 2021 22:25:05 GMT
expires
Wed, 19 Oct 2022 22:25:05 GMT
last-modified
Thu, 29 Jul 2021 07:04:00 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
547236
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
adview
securepubads.g.doubleclick.net/pagead/ Frame 65AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Chb97ZZ93Yb2bArTl7_UPov2Q8A_i2q2EZJeO09CaDq79_OHBKBABIJHi5B9glYKAgLAHoAG-i5HQA8gBCakCxZ8zjLd3sz7gAgCoAwHIAwiqBOwBT9Df9OsGiOO69WOxPoSpBAYvS4oz2oJ4CyhwgrSepDWCvsW34faL0_mWvOcFpbgwvfQvh3Nb3BsBsAxEnSxlWcWW40PtVWlQd-tnYA-8-uPJIppkfjt9x2fWlO_ia-SjeePwBDNnE5-AYJkqMo751Rm_pLR78-WHu0h2wVveL2UwyNHr2ByQ3ooEUqmysfT40iX7px6lNK3bSihQbwb2jItFzXcQa8Lkfixkhs5_Oy6Rn40m7AqL3rCpLPmQxDs5De0CoByM36_-IbUPle7CcIKUFPB2nDmqqdAva_I-GS03K6LfgpcDvo5DHJXABP6F9cHOA-AEAZIFBAgEGAGSBQQIBRgEoAYugAfq0pUwqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEELWeCtIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OIAKA8gLAdgTCogUAdAVAYAXAbIXHgocCAASFHB1Yi0zMjgyNTQ3MTE0ODAwMzQ3GJD9Eg&sigh=dCXy65seTq4&uach_m=[UACH]&template_id=419
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/everybody-sing-september-18-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 65AB 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js
Requested by
Host: 07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com
URL: https://07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:24:45 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 65AB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: 07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com
URL: https://07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:24:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 65AB 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com
URL: https://07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Oct 2021 06:25:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 65AB 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com
URL: https://07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:24:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:24:24 GMT
l
www.google.com/ads/measurement/ Frame 65AB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSHyqQ4h_4C_nC5fyE-eL8k8RM4cUTk8MJAEoL3Q6Rvb3_WnObPw6OY2NxJpMWXoQitaAngJ-1867H98BXDMp3G_ooZ9g
Requested by
Host: 07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com
URL: https://07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
zSKZHMh8mXU.png
www.facebook.com/rsrc.php/v3/yr/r/ Frame EC41 		388 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/yr/r/zSKZHMh8mXU.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e5fba086e2208%26domain%3Dpinoytambayansteleserye.su%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpinoytambayansteleserye.su%252Ff1d9329bcbfe3a%26relation%3Dparent.parent&container_width=90&href=https%3A%2F%2Fpinoytambayansteleserye.su%2Feverybody-sing-september-18-2021-today-hd-episode.html&layout=button_count&locale=en_US&sdk=joey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e5fba086e2208%26domain%3Dpinoytambayansteleserye.su%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpinoytambayansteleserye.su%252Ff1d9329bcbfe3a%26relation%3Dparent.parent&container_width=90&href=https%3A%2F%2Fpinoytambayansteleserye.su%2Feverybody-sing-september-18-2021-today-hd-episode.html&layout=button_count&locale=en_US&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fb-debug
OzBFEWz1IP0JGrfUTzmssVvGK51JNrw7j1cQHTrzJ+H969vcqiybTYSB8neEAR0waie5BD+cnWFK+y20CMjigA==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
mLIKfuTnwd0c8uA9BXg4cQ==
date
Thu, 14 Oct 2021 03:56:13 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
content-length
388
x-fb-rlafr
0
expires
Fri, 14 Oct 2022 03:56:13 GMT
jFc7iKGVY01.js
www.facebook.com/rsrc.php/v3iEpO4/ya/l/en_US/ Frame EC41 		515 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iEpO4/ya/l/en_US/jFc7iKGVY01.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e5fba086e2208%26domain%3Dpinoytambayansteleserye.su%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpinoytambayansteleserye.su%252Ff1d9329bcbfe3a%26relation%3Dparent.parent&container_width=90&href=https%3A%2F%2Fpinoytambayansteleserye.su%2Feverybody-sing-september-18-2021-today-hd-episode.html&layout=button_count&locale=en_US&sdk=joey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
520bd1e3854f442442c363f8c99716ce5710375c564cfed92ddf76160e49fa2b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e5fba086e2208%26domain%3Dpinoytambayansteleserye.su%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpinoytambayansteleserye.su%252Ff1d9329bcbfe3a%26relation%3Dparent.parent&container_width=90&href=https%3A%2F%2Fpinoytambayansteleserye.su%2Feverybody-sing-september-18-2021-today-hd-episode.html&layout=button_count&locale=en_US&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:03:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
X9tqjDXOc2tei0FfUi+H3g==
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy
cross-origin
content-length
137713
x-fb-rlafr
0
x-fb-debug
ALP516B/ZvZnyJ1JiMnEI7z0ezB1AJlATGAjBEom5rLjLxYi3N+wlVlyySggzGXfq+HG5yhB7XcBPSAX065AvQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 20 Oct 2022 22:03:58 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1FCF 		143 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com
URL: https://07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUl0gw_GDL24izd3909xPaMB0KgFZvs--QwHk5_TKrA5gvLFFqx8GSVvN_mu0BU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 26 Oct 2021 05:37:39 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2882
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 47CE 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 13:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59938
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 26 Oct 2021 13:46:43 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 47CE 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 13:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59932
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 26 Oct 2021 13:46:49 GMT
264f71611c19fa1d12eb918da03f2ea9.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/ Frame 47CE 		74 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/264f71611c19fa1d12eb918da03f2ea9.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1e23927afe679febc1802413a87c7bab8de0b849ee574854a2e5213c8130e7c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
418267
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19326
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 07:04:00 GMT
server
sffe
date
Thu, 21 Oct 2021 10:14:34 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Oct 2022 10:14:34 GMT
css
fonts.googleapis.com/ Frame 47CE 		5 KB
829 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:700|Roboto:500
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/264f71611c19fa1d12eb918da03f2ea9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5ffd20327d43091403ea389700443cd503f4d27a56f41f005edb054030279303
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 06:25:41 GMT
server
ESF
date
Tue, 26 Oct 2021 06:25:41 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 06:25:41 GMT
a6bbc0bf7adcea5559699818d25507fb.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/media/ Frame 47CE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/media/a6bbc0bf7adcea5559699818d25507fb.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0021fcf6011bbb68d059ae5ebda2cc09c8bee217a8b65868072cd991b8e5e564
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
47671
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1059
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 07:04:00 GMT
server
sffe
date
Mon, 25 Oct 2021 17:11:10 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 25 Oct 2022 17:11:10 GMT
58a7d1f88511448a6855c904fa9cc5e2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/media/ Frame 47CE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/media/58a7d1f88511448a6855c904fa9cc5e2.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ded8d454a831335a232ed91f41d8d143091b63350e3adbef3d5767d9973346ff
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
411468
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1811
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 07:04:00 GMT
server
sffe
date
Thu, 21 Oct 2021 12:07:53 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Oct 2022 12:07:53 GMT
1a8ce3ad5f5590f5c315deb8fcd5cf2c.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/media/ Frame 47CE 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/media/1a8ce3ad5f5590f5c315deb8fcd5cf2c.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdde577e33b1f14c9f13ebf03b34afe74bdc671447ef647e7745aca5a92c035a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
398695
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10863
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 07:04:00 GMT
server
sffe
date
Thu, 21 Oct 2021 15:40:46 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Oct 2022 15:40:46 GMT
7a7fb2353d4552848c1887b37cfb8643.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/media/ Frame 47CE 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/media/7a7fb2353d4552848c1887b37cfb8643.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37f3f7bae9ecd4aaa95a3557e917a38bf47ac6d4a1669af3c636ccb8979b1d3b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
547236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9056
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 07:04:00 GMT
server
sffe
date
Tue, 19 Oct 2021 22:25:05 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 19 Oct 2022 22:25:05 GMT
b2d5070f5c54e0841d78559a034a6f87.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/media/ Frame 47CE 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/media/b2d5070f5c54e0841d78559a034a6f87.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cb2c63a2f5df8ec653c5402d99687199578db6db0e9e350ead740dd39ac282c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
373210
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30336
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 07:04:00 GMT
server
sffe
date
Thu, 21 Oct 2021 22:45:31 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Oct 2022 22:45:31 GMT
4aa43b41f0b472e9508b2935bb33c424.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/media/ Frame 47CE 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/media/4aa43b41f0b472e9508b2935bb33c424.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4861155f5a5ad18cd0a7b79f41fd0c12281122ab673186e8671ad055ab74d56
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
321867
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18385
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 07:04:00 GMT
server
sffe
date
Fri, 22 Oct 2021 13:01:14 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 22 Oct 2022 13:01:14 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7514 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211020&jk=86037222474715&bg=!_f6l_rrNAAbUs_yW1LM7ACkAdvg8Wv4BdQAxev1SKh4lZiQdGwEV2lXoZjfnenk2xEY5vKHipf8ZzAIAAACLUgAAADNoAQcKAA4pogks4X7WOr7S3NfQUJkDCmC-oI9NmLnJ2fK9KpJxQa6F4hcCS9WxAFznmeJuSTTZIPEChd7Ci6XT-ds487SxJTvhov3mn93oDjdeaWNO-qp46xXTWl65AVD3m6dXRYFGXpyJOo0Vh9Dx2WUm2-W6ax0iXz_wxSy1rc6zegORXSJ7Jm4Jle19zA-KOOhbRiktUWVNMp7Pg9s7qR2C9Mui7ezrfB10nekDbrZGC5rBCk2gFI6w8AUL6M3JSkm0m4nusEbXbGT37E9JKHeWQdRx9h8Up-kk-2Frp4Qn3Oc2mi7DuCYEVTmUF-Tnske2FnH4TXOi2Z-nlw28tuwlk7ScurERhneUkWxSwtyxss57M1SVpo4sUKF3JplhPOIpnC6BlMyG3Xao2T1G6mES1tU00VHJ7l3KBtNg2AxXInQoMJlzu1Azkh_Sm51hlmAbF40TOiOJZgvE_3ABGqb9I5Pl-a4WJAc4YGuDHm5YglWvg_tM2RWfgLaVX1wHPRMjx7GblYH7jevAjWgbAM0lFiZ1bVAPbe39kqx3LmG9nphXOogkxIMzIMuSOqsM4H3lB-vZB1S3oYaIh6MrQkTAKDnBNGwlab17XW2-sU-_rVmPb2cXCa0v3hkypwP8lVmCdfz-x57Mgn0qeFmToE7G47_q3UGoXOd9uAYbVNcRuiVZe57_b-8q6snChZT0eFbgOs-e74Q-y94Zs8cb_QZ7fJUm71ex6Jy8t3Be7KnL5l2MfoetwFHRLeWMe-na_4tS04PSLrtUIL-SFuuPUq4PBGIlGCwzTfUFDDr6TmHHdvU6hPezsjIQTe6ISHSf0AUwjqO5wTorbGz68cd7kM7N3oKGQDUU2sqHqBleTqqgEaOXOIABvru__xVzrYGh0F1_IBkPgJvxkzEkU7gtz6Tl4VAAfuLGq1_gn8Bv13ZNzOwpQ6kZRvN2P0tQzOfaxlKyadiON7NnxI0FSzqr-sBjbvbV47uiNGf_fnaGaMNA1pz7pNUsLDqWQucTV4yf_xUq1HsUFKO27mDTkwXrXmKaItO6xrU0frIAlWjnsv8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:25:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1FCF
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
169 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com
URL: https://07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUl0gw_GDL24izd3909xPaMB0KgFZvs--QwHk5_TKrA5gvLFFqx8GSVvN_mu0BU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 26 Oct 2021 06:25:41 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 26-Oct-2021 07:25:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Tue, 26 Oct 2021 06:25:41 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 26 Oct 2021 06:25:41 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
integrator.js
adservice.google.de/adsid/ Frame 7514 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:25:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7514 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:25:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 7514 		42 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=86037222474715&correlator=549027895092692&output=ldjh&impl=fif&eid=21065724%2C31062525&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=421469808%2Csorrelma.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=1&eri=1&cust_params=GS%3DYes%26OS%3DOther%26FC%3D1&cdm=sorrelma.com&bc=31&abxe=1&lmt=1635229542&dt=1635229542015&dlt=1635229540692&idt=275&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=2026580777&ucis=2aiakbsi4gw1&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fsorrelma.com%2Fgeometric-tattoos%2F%3Futm_source%3Dtwitter%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&top=https%3A%2F%2Ftvking.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=1784717487.1635229541&ga_sid=1635229541&ga_hid=44164379&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
9ac132bb1724349c4b183eda32356c3f63f02125af205b0ea3b35bc4080a0166
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:25:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10605
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sorrelma.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame CDAD 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:25:42 GMT
X-Proxy-Origin
136.243.198.81; 136.243.198.81; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
769350bd-072e-45cd-b84f-afdda15575f7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4BCC 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:25:42 GMT
X-Proxy-Origin
136.243.198.81; 136.243.198.81; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
997fbd0b-a843-4bf6-ba0b-92ea9f6dbb8c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 65AB 		0
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012110042008000/ Frame 7514 		190 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
479792
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
55667
x-xss-protection
0
server
sffe
date
Wed, 20 Oct 2021 17:09:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11904075b70ba1a0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 20 Oct 2022 17:09:10 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 7514 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
355584
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4996
x-xss-protection
0
server
sffe
date
Fri, 22 Oct 2021 03:39:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"01e91d40c144b6bf"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 22 Oct 2022 03:39:18 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 7514 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
456150
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28494
x-xss-protection
0
server
sffe
date
Wed, 20 Oct 2021 23:43:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a5e24beaf7c9a504"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 20 Oct 2022 23:43:12 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 7514 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
479792
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1635
x-xss-protection
0
server
sffe
date
Wed, 20 Oct 2021 17:09:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"dff2522b082c9ee5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 20 Oct 2022 17:09:10 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 7514 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
376508
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
12816
x-xss-protection
0
server
sffe
date
Thu, 21 Oct 2021 21:50:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6a05f1a8ea5ea134"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 21 Oct 2022 21:50:34 GMT
4289890546673058551
tpc.googlesyndication.com/simgad/ Frame 7514 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4289890546673058551?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlKqODo2HGsrTfUUL8lTzkgjdvoQg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7330013b1c3e8d861e1f7dffb9f3f24f4451f2f73cae381f62a46e0f6b58115
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 10:04:42 GMT
x-content-type-options
nosniff
age
332460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
60132
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 13:27:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 22 Oct 2022 10:04:42 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7514 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Oct 2021 13:18:13 GMT
x-content-type-options
nosniff
server
cafe
age
61649
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Tue, 26 Oct 2021 13:18:13 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7514 		295 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Oct 2021 23:42:59 GMT
x-content-type-options
nosniff
server
cafe
age
24163
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 26 Oct 2021 23:42:59 GMT
l
www.google.com/ads/measurement/ Frame 7514 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBe68vs0S0FzVH94StLRb126TDPcLKfuZ3QM3_RBehwzj4m1GayCg4V7TZbJ2Y8r7IbERrL6BWZvuLSSUxEBOvx8_mUw
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 7514 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C3-1nZp93YZb8A8vi7_UP1IaUwASxtKX4ZcqYzNb8DrrVqpW1JRABIJHi5B9glYKAgLAHoAHxyeXwAsgBAqkCWIcGi6qwhD7gAgCoAwHIAwiqBOsBT9Dy1P0f50tZEaqp-N3roi9yQtTmbVmTXn7mCIgMrhNejo-yoRz9ec9NplrHW2bbur5BhOK7sohzPLR9fJueCmUazGIVrQhJeRq1FDq7i0q5M5ZEwsoeVjn6B4LhRAxD5zNuZZoontly3J1hnksWX3TZw-z0YIis8VlDdnxGHQfIhbi0v8ERyDSR7UJ7XkxneiFl2wts4ITt2QVgOOfC6aM9Ep9yq0f2UOuiWFpTbvw6yQKeUSx4D7efrhXZnbpaaQ6cOe1TWhat3uxZHUKPa7vgioqAeRjcUO_NNGwHEx9mVULuaTJWJ5GB_sAEkJ_R_-gD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB_e1mo8BqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEELDwH9IICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OIAKA8gLAdgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi0zMjgyNTQ3MTE0ODAwMzQ3GJD9Eg&sigh=pyWYBgYUQGM&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQc56VhL2UGy4MFMuLhu6hF3oKZAHaWNxViQFQIx_gEIv4Eb5w8dHllrczbdw7PrbGwXvnIWesMuRVjRLBvOmAFaoX9ogzn-0CMxxFxsSGDfShdJJK9Q&sai=AMfl-YRb5vGyaT0SiT0H5vOZt4htrkr6AvpOOtwsd9xrfYv2hRQkSwjcKN-hGvopFA4gGZozRSsYwqTsS4GIQtCmFSChe-hpnyFZ7bU&sig=Cg0ArKJSzItA_uRYfHukEAE&cid=CAASF-RoKEAtLYiN-NU9ehBdgtHTaOB6W2ku&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=2&adk=2026580777&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1635229541268&rpt=128&ec=0&met=mue&wmsd=0

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect boolean| originAgentCluster object| _wpemojiSettings undefined| $ function| jQuery object| viewsCacheL10n object| addComment object| mts_customscript object| wp object| twemoji object| FB number| PIN_18926 object| __twttrll object| twttr object| __twttr object| PIN_1635229539846 string| value object| key object| PinUtils object| gapi object| ___jsl object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow

4 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=dYqdljSumWLlmVUo_flo0xRQe9JzwDliSN9U0rQoQnIKaENXxlr6A76viE9QgzeKYwF_H1Lom-UCdS-0kzHQNQBKvqNYRfDWaR6sfeKPOjWyQTk7lqR-7oR3BREwOspRNpcLUgdrg0tEubmg2Pn8sGn_ckEQy5LogxYx89lEaxs
.adnxs.com/ Name: uuid2
Value: 3167352038448388391
.doubleclick.net/ Name: IDE
Value: AHWqTUl0gw_GDL24izd3909xPaMB0KgFZvs--QwHk5_TKrA5gvLFFqx8GSVvN_mu0BU
.doubleclick.net/ Name: DSID
Value: NO_DATA

3 Console Messages

Source Level URL
Text
network error URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fpinoytambayansteleserye.su&url=https%3A%2F%2Fpinoytambayansteleserye.su%2Feverybody-sing-september-18-2021-today-hd-episode.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1635229539862&_gfid=I0_1635229539862&parent=https%3A%2F%2Fpinoytambayansteleserye.su&pfname=&rpctoken=22517554
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3(Line 12)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/1073233227793505334/cw32_logitech_worf-from-home-300x250px/index.html".
other warning URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

07641450d84e86509b29e9f9d9f4e5cb.safeframe.googlesyndication.com
accounts.google.com
acdn.adnxs.com
adservice.google.com
adservice.google.de
api.adinplay.com
apis.google.com
asianembed.com
assets.pinterest.com
cdn.ampproject.org
cdn.jsdelivr.net
connect.facebook.net
embed.dramacool.so
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i9.ytimg.com
ib.adnxs.com
log.pinterest.com
pagead2.googlesyndication.com
pinoytambayansteleserye.su
platform.twitter.com
securepubads.g.doubleclick.net
sorrelma.com
ssl.gstatic.com
ssl.p.jwpcdn.com
syndication.twitter.com
tpc.googlesyndication.com
tvking.net
widgets.pinterest.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
pagead2.googlesyndication.com
104.244.42.136
151.101.128.84
151.101.65.108
172.217.23.98
185.33.220.145
195.154.207.225
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:9de
2606:4700:3034::6815:a3
2606:4700:3037::6815:13d5
2606:4700:3108::ac42:28be
2606:4700::6810:5714
2a00:1450:4001:801::2001
2a00:1450:4001:803::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200d
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:811::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a02:26f0:1700:792::1931
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::626
0021fcf6011bbb68d059ae5ebda2cc09c8bee217a8b65868072cd991b8e5e564
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
031627e2b1467583d62e5923230cc5629a9380f899092a40deccda4298fafb88
03a0bcf0c8d6652fb92e35a7c6ca34aee4575e94f84113f821be27746de8b0ce
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
09f58582c4ce1789a058697d2149b4ebb0523197184ec67ff5c48340f32fa776
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
116adf28abdb115d993292c9ce4761c202a7207c76e8acc0c3cfd99213bb581a
136f336d0c5e8c08d6c03a973b2e8d16cf7459b71a0fb60d57aa30b7f2918d6d
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
15360e8612ebbbaeb3c406a19976e422d12f618b71562febd5ae3a2d83c6ea49
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712
16dc5edfec3c800b3cfb11b9deba2b8eb4fcda05324ae8426da3ade93b209fcf
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
186ef01aca1c73789f73c2f4388a26387e38e5fd8a05f4f1c3785709cec25f66
19581e27de7ced00ff1ce50b2047e7a567c76b1cbaebabe5ef03f7c3017bb5b7
1967198fe7b3eed0aba97965e8aa9c889a0c8b59fe2f5b95dd6f61286c0e0942
1efe86e6074b7b39fb12b9215d0ef280839cb3b5be8b5a1786d85b00e120b9bf
2225afd62ab21bba128c4f5ab05706d90d1ad070ca23a4c967025fab62d97293
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
26e18f9b0e4b60adcb16c2414fc48a26a72b888de86dc68eea1ddf5d21e8e796
2ba33a162b731dfb36f6d3cb1b21d8e0a2fd14ac225d697409014cb201c804df
2dd6c611063f361d919506269d52fa7e293d55b520baf2fe34ce009502056e21
315124a1c80ef3c682f34e36aca57e118ce2309c5734ef0b383e9e72691991ee
31d818b5346157e981b93a9411f50fd414075813109cf1c20f1688fad0dd1f6d
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37f3f7bae9ecd4aaa95a3557e917a38bf47ac6d4a1669af3c636ccb8979b1d3b
38737755f536264abdbc06bb33b0d29f9b6bb491f6091574d4029004b333900e
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
3b54a2d91eb20dffe721af23f5378d01b404a936ea58cff2ddd2bd7d42eed41d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e061854c5a7141f3b8671a32e22513584b04ecbc185fe1bdc642fa9c3a891a9
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
47c2a064595a04eef284052f1c0e2a6eb32c61f04a5238d09ebca7ad16a7c617
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
492294eb78fb67898f1202f544c863c64aa5c79639792740af38afb59474a20d
49289269c2ed99ce2de6cba490ee76a6f1cf03921400d73b255cfc462b3de5c3
4ea2e619c99231908d6923f542c82afde953ae0680a61af7b4cfc27d93232b6a
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
51fbc43a986a30d22ab621f23d0d95e51dd574f1f1b677af3bc77c226cf957cf
520bd1e3854f442442c363f8c99716ce5710375c564cfed92ddf76160e49fa2b
5257f9ca13e924a41ca83bdec64768c6b1eaaa16fbb0e9a0fe22873f0c6efa7c
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
555ea69e8c5a2d3fd25a763fc5b3f6974665339036c81f71a45b0e42a66a4e8e
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d21f6e59514e46c054dc772250efd9d5f32d2f52029e8ed0899526636aa8692
5ffd20327d43091403ea389700443cd503f4d27a56f41f005edb054030279303
601498fc6d5ac29556ef63d805c90b3aa1fccf2c23abb93883f88a6d7c08b625
63cc53f922756833d0ef84cd106362b7039e6fc5dcdb93cd9d885d74ee254157
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8
6a73feb1de68a3d732df0c6c86267a846d989a2f32f91434127ba4cd1a7ff8b4
6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f
7072c25798bd9320d7fc373f555a8b0a231edea5d7ea7e816245468ec5e005f8
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
75ad585dd9aeca2614593614f6fd317e98b267e6595ffc18e9675e1c744b7a03
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
795534a47cda8149a867c710d77cc20ac76f4554468e632afa23a2faa7f7489e
7d9be1f28c0118f357041bbb920f6b3a02e28ea4bdb0771bfa4dbffaf4443d72
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7f3bc7b4be6099584627703c3a0054021b3045faca29c270dde716ed62be9537
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80979b94ac7b493bd5c78d559b196de8142463ddb0b87c1ea7c0db97fb2618b8
82daca67f98ff065aa7278d8e15dbab73f3af089d8fa6418fa3af7d87963c1c9
83f5396ca97cb352df30a8eb8c28b07e7b445bc60f101de0c0baaf8607ec45c3
859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96
86b5fdfdd9a5b4fa54fcd051762b3fc1ff8df181c9ce547a8c401ae2fb85d129
870ce6aa3324c5b0340fc0ccb5a76f663edf36487c8fe55c791aec7764e049b0
897211354bbbae29c006fc3a2eada1ce96279b4b0f50c87eca72764f3276c9ff
8f0814404fd437b1558f0e577e5404e3d2636551a8914c0f18bb6743152b5609
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9251ad8e436d54be0398fe433c665125f99d4f8e28e56d27aae11c5c4c95b04e
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0
9660bc3fc184263500f63203061e633f1b3048b50650f4580e5cdcc68605f7b9
9ac132bb1724349c4b183eda32356c3f63f02125af205b0ea3b35bc4080a0166
9cb2c63a2f5df8ec653c5402d99687199578db6db0e9e350ead740dd39ac282c
9e773633689e3114bce010648744f723a65228e2da4a18be83b2ee1a684a8a99
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
a1e23927afe679febc1802413a87c7bab8de0b849ee574854a2e5213c8130e7c
a2d03a54eaab2a50ce9ad558bab3f88d8fe3e5e5137ce58524f08e36957a882d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7c034e2349f215c78ce851d157812aee42ab2352d973dc7226f9713929d9938
aa48dec78a0c69ebc4867e474e9e68d379ffdb8500710f6e13246453db63c864
aa8ab2153beec5132d9268e321035fbee7f935ddcf90294ceb3424f7fe3e5405
ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad8b12962ae8e7b1e5a90d30d5daf381777909bcc20b06faa9d148b888f6cc8b
b10f796cd4fd81dbb1a7d9c96e7e661dcc52019930b64f4e4da9c7e22646b823
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
b57c56b3cce79b87247db023162b2906cef6b417ffc15abbc23a8f085ce3f258
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
b927edf1265f2093056926ed02d2dc129ea192dc8c01419165f41ccbcf9f9024
bd34bb6ab60052bec78b792a0645cef8212b7e9a1dcdaa5fd402d8cfa3376e70
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdcc2d96d84b3d2481ab11b76a9509c927c8fc601bcd9d191e3192901fba2231
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c1145a9e3667d54d370fabb8f645db84c7ed63ebb0af2cdf239e580315b36cbe
c1a8c2849ea1aec5e992a9f3a0e6982cdadf30416d5c260e1ba9682a7e582654
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c9671c66e5ece29de88b9499080ccafa75f547ea2c34edb347d1d239f68b05b4
cdde577e33b1f14c9f13ebf03b34afe74bdc671447ef647e7745aca5a92c035a
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d4f7712ca2d31ecf8056bfde29f31bc69ed86ff1388c5c14e134c211ec7a66bd
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7330013b1c3e8d861e1f7dffb9f3f24f4451f2f73cae381f62a46e0f6b58115
d94cce9ec0cffd5417657d26aa1741a7e3b2b0a5f4232a80d789c1a254c4e2ef
da0a763cb88419837ee68bec4fde133a4646df0b7ef8de75b953ee09f39c4f76
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
ded8d454a831335a232ed91f41d8d143091b63350e3adbef3d5767d9973346ff
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e09e03517424a8ee433640b77d9b2b891919d0a2cf4a01a5d3847b535777a104
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55db8c8216170be34f4055ae640d88e27ece72c5483453bcfe05cc31dccc6d5
e85af27feceea9b0d42d59458b326b55a15841af68b54b44bedda943bf658563
e9b053f3bb9b6de77e5c4b1782068ca9040ef490aff316414468e917db2afa8e
eb72de3f054ecfe84350d5022993fcb749f73e81d6c3a5ba250e925f600b659b
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eff3e2ec84a71f86b585b475e98b745bf36c9d2cd1b048fe448c21843ffc1bda
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
f44ac5619379731a4dd9a546101768c537a472dcbe049735c3740661a9f582d7
f4861155f5a5ad18cd0a7b79f41fd0c12281122ab673186e8671ad055ab74d56
f5711e4959eb0f311e3005e867f10b2fdb68f9052d0f7534512805495efdb18d
f5dcf1e0cd6147516641a0977a3de1e3015eb40dd8f53630fa84aafd035c4aab
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c