ineslebuhan.com Open in urlscan Pro
2606:4700:3034::6815:3070 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ineslebuhan.com/
Effective URL:
https://ineslebuhan.com/
Submission: On October 22 via api (October 22nd 2023, 9:33:16 pm UTC) from US — Scanned from DE

Summary HTTP 60 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 12 domains to perform 60 HTTP transactions. The main IP is 2606:4700:3034::6815:3070, located in United States and belongs to CLOUDFLARENET, US. The main domain is ineslebuhan.com.
TLS certificate: Issued by GTS CA 1P5 on September 22nd 2023. Valid for: 3 months.

This is the only time ineslebuhan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::ac43:96b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2606:4700:303... 2606:4700:3034::6815:3070	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:6ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:407	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:4bab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
60	16

1 2606:4700:3037::ac43:96b4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ineslebuhan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3034::6815:3070 (United States)

ASN13335 (CLOUDFLARENET, US)

ineslebuhan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:6ad (United States)

ASN13335 (CLOUDFLARENET, US)

code.ionicframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:407 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

25b2bca1b4df4981cf1574e9cf193d9b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlesyndication.com 25b2bca1b4df4981cf1574e9cf193d9b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157 pagead2.googlesyndication.com — Cisco Umbrella Rank: 108	255 KB
15	ineslebuhan.com 1 redirects ineslebuhan.com	2 MB
11	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	223 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 379	104 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	121 KB
1	amung.us whos.amung.us — Cisco Umbrella Rank: 14744	184 B
1	waust.at waust.at — Cisco Umbrella Rank: 40224	7 KB
1	ionicframework.com code.ionicframework.com — Cisco Umbrella Rank: 18277	9 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 405	30 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	5 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 925	24 KB
60	12

	Domain	Requested by
15	ineslebuhan.com	1 redirects ineslebuhan.com
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net ineslebuhan.com tpc.googlesyndication.com
10	securepubads.g.doubleclick.net	ineslebuhan.com securepubads.g.doubleclick.net www.googletagservices.com
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	securepubads.g.doubleclick.net
1	googleads.g.doubleclick.net	ineslebuhan.com
1	25b2bca1b4df4981cf1574e9cf193d9b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	whos.amung.us	waust.at
1	waust.at	ineslebuhan.com
1	code.ionicframework.com	ineslebuhan.com
1	ajax.googleapis.com	ineslebuhan.com
1	cdnjs.cloudflare.com	ineslebuhan.com
1	code.jquery.com	ineslebuhan.com
60	15

This site contains links to these domains. Also see Links.

Domain
whos.amung.us

Subject Issuer	Validity	Valid
ineslebuhan.com GTS CA 1P5	`2023-09-22` - `2023-12-21`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
ionicframework.com Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://ineslebuhan.com/
Frame ID: FE6648BD85CE5C4C946F9087B069C960
Requests: 30 HTTP requests in this frame

Frame: https://25b2bca1b4df4981cf1574e9cf193d9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9EAF801ACB1C30C36C6EE0446AF01660
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXLwJxhuJ8oiIYBw1SGhuDiKcalGkXxCuybXOcHCPB4Bl4WGmIhQSWSFNmqfWmgAgAHE-9W1u0K7fVYDM3M2S49SvcLQrE2Kpd0CD2qki16lILARpaYNRrJR9wFqNqiUMuLNkraQXQP2P7uVRoWqwDeGxdZ7Zt51HkxeXsUuXVRF2nxmFwWjl1m7ee9nqKKyPsyYJtQAOylD9rbJtm0ob-Ws7RWyQUC1kDfpc7eSrkUrAkerkI3roapFtVlK_7HXPyaCJP0z8Bf77rPHpzqZES34XkJe9CJwDGTZbpnT-JgKDWR4xgD2ck6Zrh03tDmb2fUU4SuKzQzUPA5aKVjtxx4TdpYzp35-blZTNaCgKxLBYEQtrCOA&sai=AMfl-YRT5ghRnnFQZ8DDxqp0E24pwbZ0H-0v6VcGAdr8GbYtgQRX7sM1aooXZR7G4sua9LqlOqqKik36_jfm42MdGb_VvSGgcfFMRNlE-M8wRf20QZ1gLh-lUW7TPWdIzoXfP_4_bKx9VdGgVcl4G0bK&sig=Cg0ArKJSzLKYn_B95dnPEAE&uach_m=[UACH]&adurl=
Frame ID: D1809690E09D07AA5976BD2406ECD8E3
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310061803000/amp4ads-v0.mjs
Frame ID: B4205BD78E5652C6FD92DFF788449841
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuzDgVe6HyID9SsXq5ZkamxspeZT8bp8bbcZgfDxdK-iLzcMbEnpZwMORrSlm3S2Pj2K9EMVcVwqT2M36cPhl50SUB163EZAM9SAkHgY-F9b02os2eDFkSyvRTfGxu11rbkLT7JR6QXcL48YTrkH7IjdKVR0lfi4kYdMa4UrVqw3C6SjU1ukhEsXGQJmYPjHJIPuoS_ApCiUFpc9F0Q6XtKskFLG4cfKR23oLijYh2QP3tb4UWDffOgl8JDZYM7CB0W0RIYqbi5yez99gdFKzNC8immJq1bg2EBXDtr88RAiRhemurlDzkxCz5f_yK7WgjYJp2brddV2ee6pE3o4fToobtl5riI3zUTs9vHWWj_HyOxesfwQ&sai=AMfl-YSPWvYKlUpQNrw-mwIuEb1j94d_vVrdZ2siRjR00a8okmL4NA6C1LrwkHF2ogDAj7Gswf-UBNmI62Ueb4donaozQ3KZc9s3heREIqmGnrlI5rfCYYQzozeWPM10jevVbA9hppr0LYWAq3yhM_AR&sig=Cg0ArKJSzJ95EeUY5dicEAE&uach_m=[UACH]&adurl=
Frame ID: ECD9E328D75720FD5C2AC60A433199A0
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C49708556BD4D5F97F71EAFD6F841D22
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4F6759782DA832BA30CB51CB9EC09F29
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

INESLEBUHAN – Viagens & Turismo

Page URL History Show full URLs

http://ineslebuhan.com/ HTTP 301
https://ineslebuhan.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

60
Requests

97 %
HTTPS

100 %
IPv6

12
Domains

15
Subdomains

16
IPs

2
Countries

3047 kB
Transfer

4486 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://whos.amung.us/stats/llf1hoh5bf/
Title: 149

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ineslebuhan.com/ HTTP 301
https://ineslebuhan.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

60 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ineslebuhan.com/
Redirect Chain

http://ineslebuhan.com/
https://ineslebuhan.com/

57 KB
13 KB

921ms
834ms

Document
text/html

2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69c36fcd6926bf8d78bef205cb295de82d2d0927bad8532f5dc2569455c40d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 81a4db654a169189-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 22 Oct 2023 21:33:10 GMT
link: <https://ineslebuhan.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvZq2NSNZ%2Fx3tUazIyeGuDD4PBzRGoK4ADfmnNLhbamcwOj0P%2BmeIgiaJUp66v%2BPFActg2JVWYOo%2BZXenOa%2Bk0rIH9zO6qmY6DyMHJN1IOpSm9XIBNEE3KEBJWUMnf1EUQpMrxbjZpQ9vYPFLv0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
version: MS23102101
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 81a4db646e031cc3-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 22 Oct 2023 21:33:09 GMT
Expires: Sun, 22 Oct 2023 22:33:09 GMT
Location: https://ineslebuhan.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EaYTdzbnaujCGpPClcz7pr5%2FQod4k7v6mWuuMJ8WU%2F%2Bx3RV9dLtBKNUQWM6Pt%2F3887wjLbKmTxpmAPh0uFHQ0BiAYk6msxAGRlNlqSEy1xgfXacqjCgVJR4PMIXByanz6qrp4A7kVSnnb6Be7fw%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 138ms
40ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: ineslebuhan.com
URL: https://ineslebuhan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Referer: https://ineslebuhan.com/
Origin: https://ineslebuhan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:10 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3209789
x-cache: HIT, HIT
content-length: 24038
x-served-by: cache-lga21982-LGA, cache-fra-eddf8230096-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1698010390.264996,VS0,VE0
etag: W/"28feccc0-1111d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 116, 196057

GET
H2 200 aes.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/ 13 KB
5 KB 137ms
48ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1115180
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4256
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-3430"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGNzlYtlTlxAimjt3YoiltaePD06WwdZBecoLVn%2FU6P4ae15fUX7v9VWp3ec41Ph%2F%2B%2B5%2BJOOfAZsFG5QJYwFm6s5pil8p9y5CCIqBMMp1ub%2BH8HfgrJt9YH%2FHibW2j3rSg8bloQubA3Ler9aCImOmZCf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81a4db6b18cc1e1c-FRA
expires: Fri, 11 Oct 2024 21:33:10 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 23:02:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 23:02:05 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 147ms
60ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

253b6dc0b58ef8d55e8a526cf6f9fa14bd50f58d05bcdcfdd5386900b9df2818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29145
x-xss-protection: 0
server: cafe
etag: 220 / 19652 / 31078968 / config-hash: 4808689989001815818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 21:33:10 GMT

GET
H2 200 style.min.css
ineslebuhan.com/wp-includes/css/dist/block-library/ 102 KB
14 KB 56ms
53ms Stylesheet
text/css 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ineslebuhan.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:10 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 777511
x-dns-prefetch-control: on
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 08 Aug 2023 23:34:33 GMT
server: cloudflare
etag: W/"64d2d109-19824"
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iphecaj0JYrv%2FHSKRTXRmXQDu5tmXQaZK55XeENFF1ICYBSw1u2OKGbuytFZt9Hj4mRl4ZQusRE%2BQdjzSw6JgCVdFutImIyA1CwJlrFP06LbKsyicOzFQu5Fv4VOU9gmL3J9t9P%2B4s%2BGIPV19PY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 81a4db6a8fda9189-FRA
version: MS23100602

GET
H2 200 main.min.css
ineslebuhan.com/wp-content/themes/TEMA-BLOGGER/assets/css/ 19 KB
5 KB 55ms
52ms Stylesheet
text/css 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ineslebuhan.com/wp-content/themes/TEMA-BLOGGER/assets/css/main.min.css?ver=3.0.3

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baa8d3bd604f2a4a1ac557a89e045db73777eeb824c3e30d6fd1447415ab7a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:10 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85188
x-dns-prefetch-control: on
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 16 Sep 2022 21:20:58 GMT
server: cloudflare
etag: W/"6324e8ba-4b7f"
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pw4%2BSlwVRGFyMEs%2F1R5ZxHuqM3cPSz8cDYC0y3VKy43%2F8w7trvddqkL5s%2FIMVGYPDSyOxVcYw37TcDow0tjmGfJHsKovoSTl%2FzduALPytQ2vwN%2Fk7OdPH%2Bg41i0umKy3nY7JAFvaIOz26HSdZ%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 81a4db6a8fdb9189-FRA
version: MS23101401

GET
H2 200 jquery.min.js Show response
ineslebuhan.com/wp-includes/js/jquery/ 85 KB
31 KB 57ms
54ms Script
application/javascript 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ineslebuhan.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:10 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1147388
x-dns-prefetch-control: on
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 08 Aug 2023 23:34:36 GMT
server: cloudflare
etag: W/"64d2d10c-155ba"
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4vu9CdQZz8s5E6LUOlqDXJROr%2FTvW8uwn4%2Fuce1%2BO0Av%2F%2BFZ%2BOMPGQa1o0IknGrS2NZOr22bNGm37xYYe2AUYStj82LKgdjb%2FIdMXrZaSeSJTlzEx6fLZND6mpHKEqwcNWpqAqEK7kHXNpMtFU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 81a4db6a8fdc9189-FRA
version: MS23100501

GET
H2 200 jquery-migrate.min.js Show response
ineslebuhan.com/wp-includes/js/jquery/ 13 KB
5 KB 52ms
50ms Script
application/javascript 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ineslebuhan.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:10 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85188
x-dns-prefetch-control: on
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 08 Aug 2023 23:34:36 GMT
server: cloudflare
etag: W/"64d2d10c-3509"
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJifMTqwkeM1LvVzoBHvjyoQh8O%2B9LsyYipZYeLDUfHeX0Q10u9QFS99UedYqDfRDcIPalWRq4jJ3beN52hSs1SB5a1S7ChxZDg%2BU4Tjfor7Rb3aZ6gesERHr1j162Kk%2Bfb%2FFrkLVEi2V9LkAb4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 81a4db6a8fde9189-FRA
version: MS23101401

GET
H2 200 ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 50 KB
9 KB 145ms
50ms Stylesheet
text/css 2606:4700:20::681a:6ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by: Host: ineslebuhan.com
URL: https://ineslebuhan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-fastly-request-id: e06914f21f8adf6128769b98324c5e00312596b7
date: Sun, 22 Oct 2023 21:33:10 GMT
via: 1.1 varnish
content-encoding: br
expires: Fri, 20 Oct 2023 11:55:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73044
x-cache: HIT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230115-FRA
last-modified: Thu, 13 Apr 2023 16:20:19 GMT
server: cloudflare
x-github-request-id: 4BC0:C19B:5EFCD:5FF86:6532684B
x-timer: S1697937347.583749,VS0,VE1
etag: W/"64382bc3-c854"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euvD1gOhAw2eLQXV4SoFk6YYZ5pNgcNBsGdXRC2%2FNvn9wzRWg0PTZriTyj4lYxHV3IX9kW9HkxnMk25%2B1ITt06Yhomto1TNB3mH9ootwlixQKT3gUXsk3QFLQgvw%2B2jBaZxDjdQfLUsKfRiBtP0RR7rOMrnI"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 81a4db6b2e639226-FRA
x-cache-hits: 1

GET
H2 200 fc-main.js Show response
ineslebuhan.com/wp-content/plugins/forca-clique-jp/ 2 KB
1 KB 53ms
51ms Script
application/javascript 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ineslebuhan.com/wp-content/plugins/forca-clique-jp/fc-main.js

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b511a24b50ccc7516e02e7fa88f4de0c60e9bd0d861662d407dbbf49187fd15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:10 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85188
x-dns-prefetch-control: on
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 14:49:16 GMT
server: cloudflare
etag: W/"63f8ce6c-9be"
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPNskbR4fXKfIhwWXiRoZtCjdeAnGNOWx%2F%2Bks7Ubg%2BjnaGbZSLChL%2Fl8yMBhJvfN4peXQ2ABfJFIHee7T2W8I0RVP15Or9Y9t1mSW4hBzvJvq7%2BNagY9PUEcxhXEJrwl1Qnl6xoBVd9hhxuJCkQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 81a4db6a8fe19189-FRA
version: MS23101401

GET
H2 200 Ilha-fiscal-rio-de-janeiro3-2048x1536.jpeg
ineslebuhan.com/wp-content/uploads/2023/10/ 660 KB
662 KB 1112ms
1110ms Image
image/jpeg 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ineslebuhan.com/wp-content/uploads/2023/10/Ilha-fiscal-rio-de-janeiro3-2048x1536.jpeg

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f445a1be00351623681bceaa91e4a7d9203e1568dc43e1400464e7c3ffbd805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:11 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400
content-length: 676306
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 22 Oct 2023 04:47:53 GMT
server: cloudflare
etag: "6534a979-a51d2"
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHV1S8DwbXWVHRpwLPSivpGLyv9PhxbRG75MumGzR8q0IBI833XQp3Hq54h8v%2BtzypqJK4c52podvY05nNTR8R%2FYaUb2IXm2tvTRNnfPnIvhTU8lMCkqu99GA%2FftiSowIK5R2%2FBv%2BBpBnDfPF5c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81a4db6a8fe29189-FRA
version: MS23102101

GET
H2 200 onde-ver-tango-buenos-aires5.jpeg
ineslebuhan.com/wp-content/uploads/2023/10/ 177 KB
178 KB 1094ms
1093ms Image
image/jpeg 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ineslebuhan.com/wp-content/uploads/2023/10/onde-ver-tango-buenos-aires5.jpeg

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21d8d18132f79733f0c760740670fda2d7abb8206c5ae65b78cef70275c5d353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:11 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400
content-length: 181282
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 22 Oct 2023 06:19:49 GMT
server: cloudflare
etag: "6534bf05-2c422"
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FegTci8rg%2FZAKjmHHjesjzo11AdOhNrKfympJWJS2hIc07ZxTGVVyn2UFR7i8pb1qNOsvcCWXL%2BRIU3Bk6QEmAlxn%2F20%2BO%2FRZkzy8eDO5XQ5ps8OiTmxgEvtlxOoYpz1Yfo%2B4ZFY1bu2X%2Floq4s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81a4db6a8fe39189-FRA
version: MS23102101

GET
H2 200 rio-quente.jpeg
ineslebuhan.com/wp-content/uploads/2023/10/ 397 KB
398 KB 1134ms
1132ms Image
image/jpeg 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ineslebuhan.com/wp-content/uploads/2023/10/rio-quente.jpeg

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1b1e080802ed2215c54a32ea73c2255a11b89ca49526ac5d4f70936cd187f53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:11 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400
content-length: 406724
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 22 Oct 2023 07:51:56 GMT
server: cloudflare
etag: "6534d49c-634c4"
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMBgW3eu%2B3Tt6yY%2FEXD5hnz3tZ3JpITrJuGPSckOYnyCJIEUho%2FmSqRtZwHIojsluJeWPJBpuxbIO7Nm0NjXU4O5awaOoUoRcbaMjdFcKXMjsMjGAfv7107E82d%2FrxHLY%2FuS3A6%2F36DUs3iug5U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81a4db6a8fe49189-FRA
version: MS23102101

GET
H2 200 d.js Show response
waust.at/ 14 KB
7 KB 141ms
48ms Script
application/x-javascript 2606:4700:20::681a:407
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/d.js
Requested by: Host: ineslebuhan.com
URL: https://ineslebuhan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 17:19:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2721
etag: W/"63c04119-3972"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxPHoHFjdZmCG%2BuANCbJRJsPD%2FNcXtDhcF6gKABpoX5igm4jGLWbwke%2BGA85DdvH2%2FbZ22hQAFbw%2BhAwGLo%2FpbCn0J97NFTmMEHoCxHDX%2BBF5DTA6j57LmgopPXAtfhHtPuXJot3"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 81a4db6c5b2a37d4-FRA
expires: Mon, 23 Oct 2023 20:47:49 GMT

GET
H3 200 close.png
ineslebuhan.com/wp-content/plugins/floating-ads-bottom/images/ 718 B
1 KB 638ms
637ms Image
image/png 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ineslebuhan.com/wp-content/plugins/floating-ads-bottom/images/close.png

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d50a82cbf1b41068353ddf2589695da59293e5e0d0081e432acc5a83df3428b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:10 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400
content-length: 718
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 01 Oct 2022 17:07:06 GMT
server: cloudflare
etag: "633873ba-2ce"
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZaSF2YD%2FRveovfVuLXhkyKgPQdlRWyVjSEXZM55ZPZF30wB%2ByfVbD81YExuqUjse3oUJCUxG9%2FwIa8moVzFfy41JgO%2BJxf29s3Ft9jmYylpKQ4TXJEDCt1qoXhr40VITHBGHeFc2baRo61CniQk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81a4db6bba414d8f-FRA
version: MS23102101

GET
H3 200 main.min.js Show response
ineslebuhan.com/wp-content/themes/TEMA-BLOGGER/assets/js/ 7 KB
2 KB 50ms
49ms Script
application/javascript 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ineslebuhan.com/wp-content/themes/TEMA-BLOGGER/assets/js/main.min.js?ver=3.0.3

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:10 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1297770
x-dns-prefetch-control: on
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 16 Sep 2022 21:20:58 GMT
server: cloudflare
etag: W/"6324e8ba-1c98"
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJIYm1WjHlEsw3ufLm6i2PtqkiA906z4RgzMDu%2BmBpu9GkHyOyMvOmz9vOEDwIs7EcFvJP1toBxa5CB3o3EwlHIxrh8ph2v6uGea4VpqOyMk7Jr1Myp6kd5i07LspySZLAq4ORx0jLfRS6yFmb0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 81a4db6bca424d8f-FRA
version: MS23100501

GET
BLOB 200
OK e70660f6-1c2b-4de1-94b5-f0181ba20861
https://ineslebuhan.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ineslebuhan.com/e70660f6-1c2b-4de1-94b5-f0181ba20861
Requested by: Host: ineslebuhan.com
URL: https://ineslebuhan.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 melhor-epoca-para-visitar-nordeste.jpeg
ineslebuhan.com/wp-content/uploads/2023/10/ 196 KB
197 KB 1132ms
1132ms Image
image/jpeg 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ineslebuhan.com/wp-content/uploads/2023/10/melhor-epoca-para-visitar-nordeste.jpeg

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7555f0de6b01d56161e7318d0ed36d74b65149da6c93245c539183d3fb362a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:11 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400
content-length: 200944
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 21 Oct 2023 06:32:48 GMT
server: cloudflare
etag: "65337090-310f0"
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuQ%2Fw%2Bk%2FB3U9DRFcbZ7B%2BvoNGYb0e8yC3hlp8xxP%2B7mvRK1E%2BzXRlJ2dv4j%2FQwF5IOSbg4rPdrD9GhuvTqAHoI%2F4Rkr0hThycVV2a4ioktyt0z7%2FtskUL%2BCBWX9kyX4yvxGf7P9KMuLGxoRFOCQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81a4db6bda5f4d8f-FRA
version: MS23102101

GET
H3 200 cidades-alentejo-portugal8-2048x1371.jpeg
ineslebuhan.com/wp-content/uploads/2023/10/ 756 KB
757 KB 1093ms
1093ms Image
image/jpeg 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ineslebuhan.com/wp-content/uploads/2023/10/cidades-alentejo-portugal8-2048x1371.jpeg

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da57d3bdfc72c268f1662528ac7f9367e8cedeb4a7dbacebdb0541648f10e36c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:11 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400
content-length: 773929
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 20 Oct 2023 09:05:10 GMT
server: cloudflare
etag: "653242c6-bcf29"
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Er5%2Fz%2B0WkpxKxXfpRWWUozJVqLrrWZSJyWt3nP8d3egvtzwHM%2BHfYDUr2zJ5W%2BRT3kEUf82QydqglDsXd7aMnjx5JJTIW8ai80e33xy8wJ1A7i9vCnuPBU9DelmrgAp0QJkf78LlMjn2oodbHDk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81a4db6bda604d8f-FRA
version: MS23102101

GET
H3 200 wp-emoji-release.min.js Show response
ineslebuhan.com/wp-includes/js/ 18 KB
5 KB 56ms
56ms Script
application/javascript 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ineslebuhan.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:10 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 823732
x-dns-prefetch-control: on
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 29 Mar 2023 23:34:22 GMT
server: cloudflare
etag: W/"6424cafe-4904"
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M90M8yKO%2FswaV2M8Ksrk7kMR5LhFsvQVPbeKXMQ1%2F0iLjECRdePOc%2FqcgtAXaSOSbZZwtz5zYd5GR5d008INHduxOX4gTCzJ5PrXRutQGkWe9B9k8BPgoUVjsk1K%2BlPp1QX6ZJ0JU5G%2BHSRdIP0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 81a4db6c1a904d8f-FRA
version: MS23100602

GET
H2 200 / Show response
whos.amung.us/pingjs/ 30 B
184 B 247ms
146ms Script
text/javascript 2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=llf1hoh5bf&t=INESLEBUHAN%20%E2%80%93%20Viagens%20%26%20Turismo&c=d&x=https%3A%2F%2Fineslebuhan.com%2F&y=&a=0&v=27&r=1158
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6790b4fdfd371b09981543512e432924d5243c2fd47df83038acd3cc8b7ea111

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:10 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81a4db6d5f9c2bd5-FRA
content-type: text/javascript;charset=UTF-8

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/ 421 KB
132 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f1999dd213ea15813d6e27249169c4d54cfec7150e81ed1e1aad85d7b20202f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 10:37:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39342
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135205
x-xss-protection: 0
server: cafe
etag: 9147680799068891735
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 21 Oct 2024 10:37:28 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
12 KB 551ms
551ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=974617027280487&correlator=4003926627485031&eid=31078968%2C31078931%2C31078660&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fifs&iu_parts=339263271%3A22646364107%2Cadex_ineslebuhan.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=400x333%7C451x375%7C360x390%7C412x318%7C280x250%7C300x250%7C324x250%7C412x446%7C320x266%7C375x280%7C320x250%7C360x280%7C393x425%7C432x360%7C393x327%7C360x300%7C424x280%7C377x280%7C360x504%7C377x314%7C412x280%7C414x345%7C393x280%7C375x312%7C335x250%7C320x346%7C412x343%7C361x300%7C424x353%7C424x459&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1698010390695&lmt=1698003190&adxs=200&adys=120&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fineslebuhan.com%2F&vis=1&psz=820x250&msz=820x250&fws=0&ohw=0&ga_vid=1562025209.1698010391&ga_sid=1698010391&ga_hid=1854969598&ga_fc=false&dlt=1698010390147&idt=520&adks=1687144826&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a000e0249261d208f6a1d39d3a7aba0799295c4c623d32b2a983353527c22b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12353
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ineslebuhan.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
24 KB 268ms
267ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=974617027280487&correlator=4003926627485031&eid=31078968%2C31078931%2C31078660&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fifs&iu_parts=339263271%3A22646364107%2Cadex_ineslebuhan.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x600%7C300x700%7C160x600%7C300x1050%7C120x240%7C300x600&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1698010390704&lmt=1698003190&adxs=1080&adys=368&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fineslebuhan.com%2F&vis=1&psz=280x240&msz=280x240&fws=0&ohw=0&ga_vid=1562025209.1698010391&ga_sid=1698010391&ga_hid=1854969598&ga_fc=false&dlt=1698010390147&idt=520&adks=2788227243&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57ff085b6fda349a3b9bb0c51458dd8e53a8ce86ddcf84717960124e153ff41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25023
x-xss-protection: 0
google-lineitem-id: 6282713890
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138430328069
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ineslebuhan.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
25 KB 975ms
975ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=974617027280487&correlator=4003926627485031&eid=31078968%2C31078931%2C31078660&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fifs&iu_parts=339263271%3A22646364107%2Cadex_ineslebuhan.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x100&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1698010390708&lmt=1698003190&adxs=640&adys=1092&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fineslebuhan.com%2F&vis=1&psz=320x-1&msz=320x-1&fws=512&ohw=0&ga_vid=1562025209.1698010391&ga_sid=1698010391&ga_hid=1854969598&ga_fc=false&dlt=1698010390147&idt=520&adks=128119015&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2252fc67207a90f09d013183af678a8a03e861d418876d24344b3e6038336cf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25437
x-xss-protection: 0
google-lineitem-id: 6282713890
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138431529765
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ineslebuhan.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
25b2bca1b4df4981cf1574e9cf193d9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9EAF 6 KB
3 KB 155ms
48ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://25b2bca1b4df4981cf1574e9cf193d9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ineslebuhan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 22 Oct 2023 21:33:10 GMT
expires: Mon, 21 Oct 2024 21:33:10 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D180 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXLwJxhuJ8oiIYBw1SGhuDiKcalGkXxCuybXOcHCPB4Bl4WGmIhQSWSFNmqfWmgAgAHE-9W1u0K7fVYDM3M2S49SvcLQrE2Kpd0CD2qki16lILARpaYNRrJR9wFqNqiUMuLNkraQXQP2P7uVRoWqwDeGxdZ7Zt51HkxeXsUuXVRF2nxmFwWjl1m7ee9nqKKyPsyYJtQAOylD9rbJtm0ob-Ws7RWyQUC1kDfpc7eSrkUrAkerkI3roapFtVlK_7HXPyaCJP0z8Bf77rPHpzqZES34XkJe9CJwDGTZbpnT-JgKDWR4xgD2ck6Zrh03tDmb2fUU4SuKzQzUPA5aKVjtxx4TdpYzp35-blZTNaCgKxLBYEQtrCOA&sai=AMfl-YRT5ghRnnFQZ8DDxqp0E24pwbZ0H-0v6VcGAdr8GbYtgQRX7sM1aooXZR7G4sua9LqlOqqKik36_jfm42MdGb_VvSGgcfFMRNlE-M8wRf20QZ1gLh-lUW7TPWdIzoXfP_4_bKx9VdGgVcl4G0bK&sig=Cg0ArKJSzLKYn_B95dnPEAE&uach_m=[UACH]&adurl=

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 22 Oct 2023 21:33:11 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame D180 23 KB
9 KB 130ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77437
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 00:02:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame D180 3 KB
1 KB 136ms
45ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 18:09:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 18:09:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D180 187 KB
59 KB 145ms
54ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Oct 2023 21:33:11 GMT

GET
H2 200 3806367709832810825
tpc.googlesyndication.com/simgad/ Frame D180 143 KB
144 KB 135ms
46ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3806367709832810825

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21cc19ebfbfa5aa7eea33b08c4bc84780166b72245aa254f8ea59173050d1a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:21:54 GMT
x-content-type-options: nosniff
age: 443477
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146647
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 19:56:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Oct 2024 18:21:54 GMT

GET
DATA 200
OK truncated
/ Frame D180 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38229cfa0e7127d34e941ae66c3fa9048d2f7782d305865d96ce44f1d475b903

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D180 0
0 160ms
76ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvX5CDHUpGS2Hs6wOPWYgsXOgGT1XNE9QVHdKo3hcCH9ZDzJNKduOr4exvumW0jqv0DhP-F4mfTPMeWhVwgIrRHojGcs_ajOVSoClHgj4IUEMPEs3EowOBnFf8krGf_snNjy41fPgJ4XN4TAq8PsfRObaOsLIDEXi9IP2HTIKAY0B6QPfTiV6Yrgo1HCXudOrbNg8Z6f7HXVbutaTTezFyHAAOvA7BYjpgDG4UsmtVuWBPN6CVhbjE3dihT873YuBp23H3nyqcrCwdem0uO76cxhxs9IfK4KZ3ogk2JlQy22-PmNidzMDhKqZkCvGXBCGDbPGiQPK649TBwFoGZcWxmpWPAws93pL-IhPR4qhSA75n-BDCrZVD5&sai=AMfl-YRY_CrBlbr5RWfD7jIne_r5Jf-J4HdKFl7vvWqTFVK8Nyzd8954gt_Qx_48W0JOTQu6vYyhmDMlmSYJVynH7PqyNOxQAc7k3SQhFQjO_faJWDfCP-7ZulPvHWxKCNou43990BqR5cO-p_ukzmpP&sig=Cg0ArKJSzOjaz-SCm9cVEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 22 Oct 2023 21:33:11 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310061803000/ Frame B420 196 KB
56 KB 128ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e34104800b8b7644a2d64c2816157a532e0be6adf06925aa572afdeab8992fe2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 18 Oct 2023 17:06:52 GMT
age: 361579
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56106
x-xss-protection: 0
server: sffe
etag: "6471d1057e0de0bf"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Oct 2024 17:06:52 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310061803000/v0/ Frame B420 15 KB
5 KB 199ms
111ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a7eeeb8d2863980375bd8e690639e5d3826305376ac7aa3988c65778b860852

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 18 Oct 2023 17:06:52 GMT
age: 361579
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5216
x-xss-protection: 0
server: sffe
etag: "c5e6042816070d0a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Oct 2024 17:06:52 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310061803000/v0/ Frame B420 95 KB
28 KB 213ms
125ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d21ceb851783799cb96a8875271866118c846e43e44567a2aee4d8a8b3a5ae68

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 18 Oct 2023 17:06:52 GMT
age: 361579
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29020
x-xss-protection: 0
server: sffe
etag: "9aef0fcfd5306f20"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Oct 2024 17:06:52 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310061803000/v0/ Frame B420 5 KB
2 KB 212ms
124ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c8432058aae2047bf8e033cf675c25cbc7f476af9d719b0ff19962237b523f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 18 Oct 2023 17:06:52 GMT
age: 361579
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1918
x-xss-protection: 0
server: sffe
etag: "d9a3fbf21fc2b678"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Oct 2024 17:06:52 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310061803000/v0/ Frame B420 40 KB
13 KB 203ms
115ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c60c296b3472130b7ace33547b38bc4f2107658891ad3fa6d39b181eab916cc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 18 Oct 2023 17:06:52 GMT
age: 361579
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "16aa7f89b2c84c04"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Oct 2024 17:06:52 GMT

GET
DATA 200
OK truncated
/ Frame B420 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee8f4f263082de8b4c61fece40315915d6caaaca089d45718fb6aa05567ea642

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 2808732614718946386
tpc.googlesyndication.com/simgad/ Frame B420 16 KB
16 KB 43ms
42ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2808732614718946386?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmy91wYC9JHghydi3EqFUsXFEdWAg

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cc39bd4cdf3e7bf85b8f58ba4b56b5b8c8d1c8c49992211b4db0e6500eb7093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 22:18:39 GMT
x-content-type-options: nosniff
age: 256472
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15981
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 13:30:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 18 Oct 2024 22:18:39 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B420 3 KB
3 KB 41ms
41ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 20:41:22 GMT
x-content-type-options: nosniff
server: cafe
age: 3109
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Mon, 23 Oct 2023 20:41:22 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B420 344 B
449 B 45ms
44ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 06:58:21 GMT
x-content-type-options: nosniff
server: cafe
age: 52490
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Mon, 23 Oct 2023 06:58:21 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame B420
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

138ms
50ms

Image
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: ineslebuhan.com
URL: https://ineslebuhan.com/
Protocol: H2
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Redirect headers

date: Sun, 22 Oct 2023 21:33:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B420 0
0 86ms
86ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CnZ3zFpU1Zby7Oayb9u8PtZSYsAnsvZnVc5-4g-_6EeCIhZ4LEAEg_77uLGCVwv6BlAegAZiqjrUByAECqQLQj0BKPMaxPuACAKgDAcgDCKoErwJP0JSYXa-3S6E2sZVWL4NnhaiqvyYUrzoZvhvvO_F8-Jpj4GJEiPSRVXZ0sezWzdjW2cAJkSSfigKJzpB2-wabeal9Sq2bapJBJlWR2sJiEOR_7OFLWYo61zkZ21zLQzEFuwr_Vu2dpGtgXTpW3dN7WBKUOjgoL5dz6wksQgYUIOp6uZxkL25ZnvKD1nsuz8oyteWOQew56HkkbNP09pl1oMAmLHE-e0Ix6ds7NDCHxT63XJq4mGLSiBiXxNEJNEBjQxwrW3m0BnfGH4SJBeOgP4egaeE_SXEBxkoUlIJfoWCfeRO3PBY5TNWCWFs7pF2SkVn2pgeVjwRz2sBaeoxqV0WN8H4LC5QQCF_-k4ActlMcrkLCyX159_oaZnnmVm_5nLc5k_o0jtBtOsdOxYXABOaesPizBOAEAYgF0viR30ySBQQIBBgBkgUECAUYBKAGAoAHxLfO8gOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCl72XSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi04MDg2MzY5MDgzMjcyMDEwmgkwaHR0cHM6Ly93d3cuZ3JhdmlzLmRlL3NlcnZpY2VzL2Rlci1tYWMtbWFjaHQtZGFzgAoDyAsB4g0TCPaPqdHNioIDFayN_QcdNQoGltgTCtAVAYAXAbIXHgocCAASFHB1Yi0xOTQ2Mzc3Njk1MzY3MDM3GP_5HQ&sigh=qiuOUIUy6zM&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSSwDICaaN-TplR0wHfyYlCHhSxe5OBiMMR-N3JqaxWZ2zMtegTt38Zi1Lb_sVMQLJ3LUv0d9mipGNM8fKP4X85Ucozopc__vwcH1NxBgB&cbvp=2
Requested by: Host: ineslebuhan.com
URL: https://ineslebuhan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ECD9 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuzDgVe6HyID9SsXq5ZkamxspeZT8bp8bbcZgfDxdK-iLzcMbEnpZwMORrSlm3S2Pj2K9EMVcVwqT2M36cPhl50SUB163EZAM9SAkHgY-F9b02os2eDFkSyvRTfGxu11rbkLT7JR6QXcL48YTrkH7IjdKVR0lfi4kYdMa4UrVqw3C6SjU1ukhEsXGQJmYPjHJIPuoS_ApCiUFpc9F0Q6XtKskFLG4cfKR23oLijYh2QP3tb4UWDffOgl8JDZYM7CB0W0RIYqbi5yez99gdFKzNC8immJq1bg2EBXDtr88RAiRhemurlDzkxCz5f_yK7WgjYJp2brddV2ee6pE3o4fToobtl5riI3zUTs9vHWWj_HyOxesfwQ&sai=AMfl-YSPWvYKlUpQNrw-mwIuEb1j94d_vVrdZ2siRjR00a8okmL4NA6C1LrwkHF2ogDAj7Gswf-UBNmI62Ueb4donaozQ3KZc9s3heREIqmGnrlI5rfCYYQzozeWPM10jevVbA9hppr0LYWAq3yhM_AR&sig=Cg0ArKJSzJ95EeUY5dicEAE&uach_m=[UACH]&adurl=

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame ECD9 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77437
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 00:02:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame ECD9 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 18:09:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 18:09:01 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame ECD9 195 KB
61 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84e6bd8c14717d5a1461b156f532045f1131ae5c98849ade2e45d6193c6dbb69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62757
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Oct 2023 21:33:11 GMT

GET
H3 200 14722042483834943060
tpc.googlesyndication.com/simgad/ Frame ECD9 30 KB
30 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14722042483834943060

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a118c78b864ac9c1b1aa44672b9962cf0ce9129496a1d065fc3d8707b3d933ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 02:14:47 GMT
x-content-type-options: nosniff
age: 415104
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30595
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:52:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Oct 2024 02:14:47 GMT

GET
DATA 200
OK truncated
/ Frame ECD9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 689362b776ba62c5908344cc51846107892320fdad21bebe99268ae4d9fbb94f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ECD9 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuiyeTDAUKJngkbru-XZFX_0gBW4kJQYx3ICWCsAPM2CLFmjHeWitntkK9Q-8Pit8c1XaMq7bx69K8pSwcj-HevnmwFeeOyhHM9tTQYQc8nYPmMqEUtS9tuIA5NHAqz33-NXqjnNQQu4ijwdb3JusBj6F0uXRo9g3jCgJ707LQcYbv5ByBT59VLsYlW3xhrswYs5Rpx5Xltz3nlyJjTQNeEHSC2I2S6Z30bN0c5LvASLthwF9EmQaiTQWaIqs_OF1RiFHWwjXsr1iNidoYZi2bSwDoanHN4cJxlRu8pCcME1CWgcEDCR2tsyt_sukJvVNSaxbXT3ka68qIAPU-blgApAFD7OYnrwsojktaH8rx0954Dnx4Dwz9e&sai=AMfl-YTz9yvIR6MyqmiYoP8v4fDN2qO9Yq506MR_vwwmk0XvtlnW2_PRtUEaIXNqiwLmook0HFZ-aNCKjjtlzEDskrgozDFgvEsMlDpJW5im-voIuwTCvcuVmZoYbaoKGrrM80VmzUCjH-dcpBrqeLlm&sig=Cg0ArKJSzJTbB4KsISHoEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 22 Oct 2023 21:33:11 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 203ms
116ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a493308f5b19b24b4d485c5afc1bb9218b9411e97a708a9bed9e737b37493c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12107
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D180 42 B
174 B 76ms
75ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHXQcMxZnN6SPmrAHCpYNLVfLND2p_DpmMNVS-JzyXPDzd1jZOERO3EdLUIVk_3smJWDsUj-wVrvkfLTNssSXyOJfphhQJ1WfV_NMxiY_0LChC7XmFEgYwF_Urkps6GbBVB9En_xlmnQ&sig=Cg0ArKJSzON2jaFxDTa8EAE&id=lidar2&mcvt=1000&p=367,1080,967,1380&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231018&bin=7&avms=nio&bs=1600,1200&mc=0.93&vu=1&app=0&itpl=3&adk=2788227243&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698010391001&rpt=258&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Oct 2023 21:33:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 Oct 2023 21:33:12 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C497 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ineslebuhan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 11877
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 22 Oct 2023 18:15:15 GMT
expires: Mon, 21 Oct 2024 18:15:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4F67 829 B
998 B 53ms
52ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

096bab91e029f7cf086d6c9f39f49c0189d2b73cdf8004ed49067384cdec4a0f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pnyz0VrRZ3USk_7A_AptKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ineslebuhan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-pnyz0VrRZ3USk_7A_AptKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 22 Oct 2023 21:33:12 GMT
expires: Sun, 22 Oct 2023 21:33:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js Show response
pagead2.googlesyndication.com/bg/ Frame C497 37 KB
14 KB 120ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 18:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14703
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 21 Oct 2024 18:10:31 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4F67 0
0 142ms
73ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310170101&jk=974617027280487&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B420 42 B
64 B 77ms
76ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubJQwGD2LsxWh6rZ55LL6Hk0mz6y1gZ0iOeq66fMsh7RYoC1v6HB26XmcGo6E2AUaJp_YBRRcgU3it6gSgnzmZo297xAwgOOPgSZthpVsTWvwdXJq3uCt6orRauqeSQzU4iDMs8d5vG-iB&sai=AMfl-YQ6wszf-xt_UPC6P0hwTWxCpSGiQGr-T-vO_UL3J4tNELbOKj3if4FpvOB7sk09LuWWvSgz3ZlWFcmVJrOb0VTCH1IZTOqDeu_olVjnuDZptOo6FbTAMfckjmad_LIkibWyhPh8VZmifMlZ&sig=Cg0ArKJSzJLI7KOzhUeyEAE&cid=CAQSSwDICaaN-TplR0wHfyYlCHhSxe5OBiMMR-N3JqaxWZ2zMtegTt38Zi1Lb_sVMQLJ3LUv0d9mipGNM8fKP4X85Ucozopc__vwcH1NxBgB&id=ampim&o=403,120&d=414,345&ss=1600,1200&bs=1600,1200&mcvt=1011&mtos=0,0,1011,1011,1011&tos=0,0,1011,0,0&tfs=296&tls=1307&g=100&h=100&tt=1307&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Oct 2023 21:33:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C497 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uPMm6Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 21:33:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ECD9 42 B
108 B 76ms
75ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfFnkL0-kcG0cW0GtCwZT9S0wj18dAUy6l7EaBpyyjQnlu8BlMMnAeW7rdAQq3AonWGE6xaVJrZdH-n0amCR_pm0uEi_UEXRZrPMAFaQVqd5PgkfpUrG7fzOiQIvew&sig=Cg0ArKJSzEkyZE0OFqn-EAE&id=lidar2&mcvt=1000&p=1098,640,1198,960&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231018&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=128119015&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698010391704&rpt=121&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Oct 2023 21:33:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310170101&jk=974617027280487&bg=!HB-lH1DNAAbDUgby41I7ADQBe5WfOIKRP9bEQ081YYsENwYg9oVztFEFKgTeuGQUB2xU8n8HF21JOU5axlDIElgUgFk3AgAAAEJSAAAAAmgBB5kCxATwG0-MdqvvCquFfJvlXlke0bOeE-GFAG7ibOcvuegehGuczVmPrvTmXsU8APp_Zin8xvSrR_KuYzvJW-oOdG4Hz550pQy0gZoB9gS8sBatLiZB5BKHEu7CeX1HkZeGLCFGjlqSGB5tllTQ4yomKmtMKH-aZUSj9duHQUr4DptQwMC9oj8DfhxHmaRVsWHgLiQtLTa3HynNVMTtNhtBcmAK06d2uekpemZ7tzbz998kjpJsi5t_1trnfXKYQe4d6NmELs6NcfScW3z12jpjtUFu1kslQfkRL9gDlMtxacCEKa0rm7XKdGu3L8oQmEiwE9qztNNnOPCq3D-0I8qvEpK3TEv-1vhgSmy3SRapf54oNm5YNL9jCb8YkLOPxFyFK3iFqsG2Mp4MwtES2mGokoU7ClxgFHw2-vzQEM4Ihn4NNi_OKdQLfY9qeCDBs-uIppEeQRr4Qzc94zh9RgUqriYGdb5WeAno8fPmHRn4kaxJGVRJF2SSfoG_ZeN0MhTslzPCsd2BpvH9G27SsrcCM2PDljZNOgNe5u4ydfiIdmyqGiFFYDg_A7Hyj-wc94Jf4EVtvLWqllsknat_qj_hVmovHBEh31QxFumeGiC9e3gf4In0fMyhmc2wsGcjFkeE35gDYeoTXtEXHe9XVkFhsc6CK_MeC_iFvFyjErpewRmle6LkuodIYSeT06Bz2lrC1Gtf1cBAmk6ZF7hTIlLROraHBGt0WFd-GQ2sIuAkHlc0yBMX8f5v8qhUCc6rUbiVwrWcXApMeFR92PWoDLzZZ-OlqLk8TcqvLVRyYbyrEbMJN3bdb_pnLSh2vUShozKv1zn7ZUYtlkWS_2at7jn6O8nMWQu-DMXJm8Kfv6TUq7aUt0yCvGRLgwgPxrtHH6rZkh1S1OnQgW3gBQxhtd-NCbCN7c-AdTvHCiOywAYnPke4UgGgnA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ineslebuhan.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: hntmrpirn0n0pacvh7hptb9ksk
.doubleclick.net/	1970-01-21 01:01:46	Name: IDE Value: AHWqTUkJkd0h8ryPie5eFwAwJOU3nMr-2SUNMJS8yqTBb_A5nBz1J324GzkGM34E_LI
.doubleclick.net/	1970-01-20 15:40:11	Name: test_cookie Value: CheckForPermission
.ineslebuhan.com/	1970-01-21 01:01:46	Name: __gads Value: ID=f3852d3db67700db:T=1698010390:RT=1698010390:S=ALNI_MaQFuWXm2RWwLb7psL3ALR37R4TRA
.ineslebuhan.com/	1970-01-21 01:01:46	Name: __gpi Value: UID=00000ca028a320a6:T=1698010390:RT=1698010390:S=ALNI_MZNyXrVbK32o2NmW_nnDSvsr_rz4w
.doubleclick.net/	1970-01-20 15:40:13	Name: DSID Value: NO_DATA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

25b2bca1b4df4981cf1574e9cf193d9b.safeframe.googlesyndication.com
ajax.googleapis.com
cdn.ampproject.org
cdnjs.cloudflare.com
code.ionicframework.com
code.jquery.com
googleads.g.doubleclick.net
ineslebuhan.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
waust.at
whos.amung.us
www.google.com
www.googletagservices.com
2606:4700:10::6816:4bab
2606:4700:20::681a:407
2606:4700:20::681a:6ad
2606:4700:3034::6815:3070
2606:4700:3037::ac43:96b4
2606:4700::6811:180e
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:827::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a04:4e42:600::649
06c8432058aae2047bf8e033cf675c25cbc7f476af9d719b0ff19962237b523f
096bab91e029f7cf086d6c9f39f49c0189d2b73cdf8004ed49067384cdec4a0f
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
21cc19ebfbfa5aa7eea33b08c4bc84780166b72245aa254f8ea59173050d1a89
21d8d18132f79733f0c760740670fda2d7abb8206c5ae65b78cef70275c5d353
2252fc67207a90f09d013183af678a8a03e861d418876d24344b3e6038336cf8
253b6dc0b58ef8d55e8a526cf6f9fa14bd50f58d05bcdcfdd5386900b9df2818
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38229cfa0e7127d34e941ae66c3fa9048d2f7782d305865d96ce44f1d475b903
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b511a24b50ccc7516e02e7fa88f4de0c60e9bd0d861662d407dbbf49187fd15
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ff085b6fda349a3b9bb0c51458dd8e53a8ce86ddcf84717960124e153ff41b
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6790b4fdfd371b09981543512e432924d5243c2fd47df83038acd3cc8b7ea111
689362b776ba62c5908344cc51846107892320fdad21bebe99268ae4d9fbb94f
69c36fcd6926bf8d78bef205cb295de82d2d0927bad8532f5dc2569455c40d48
6c60c296b3472130b7ace33547b38bc4f2107658891ad3fa6d39b181eab916cc
6f445a1be00351623681bceaa91e4a7d9203e1568dc43e1400464e7c3ffbd805
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
7555f0de6b01d56161e7318d0ed36d74b65149da6c93245c539183d3fb362a2b
7cc39bd4cdf3e7bf85b8f58ba4b56b5b8c8d1c8c49992211b4db0e6500eb7093
7f1999dd213ea15813d6e27249169c4d54cfec7150e81ed1e1aad85d7b20202f
84e6bd8c14717d5a1461b156f532045f1131ae5c98849ade2e45d6193c6dbb69
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c
9a7eeeb8d2863980375bd8e690639e5d3826305376ac7aa3988c65778b860852
a000e0249261d208f6a1d39d3a7aba0799295c4c623d32b2a983353527c22b73
a118c78b864ac9c1b1aa44672b9962cf0ce9129496a1d065fc3d8707b3d933ff
a1b1e080802ed2215c54a32ea73c2255a11b89ca49526ac5d4f70936cd187f53
a493308f5b19b24b4d485c5afc1bb9218b9411e97a708a9bed9e737b37493c5e
baa8d3bd604f2a4a1ac557a89e045db73777eeb824c3e30d6fd1447415ab7a69
c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456
d21ceb851783799cb96a8875271866118c846e43e44567a2aee4d8a8b3a5ae68
d50a82cbf1b41068353ddf2589695da59293e5e0d0081e432acc5a83df3428b9
da57d3bdfc72c268f1662528ac7f9367e8cedeb4a7dbacebdb0541648f10e36c
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e34104800b8b7644a2d64c2816157a532e0be6adf06925aa572afdeab8992fe2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee8f4f263082de8b4c61fece40315915d6caaaca089d45718fb6aa05567ea642
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a

ineslebuhan.com Open in urlscan Pro 2606:4700:3034::6815:3070 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

97 %HTTPS

100 %IPv6

12 Domains

15 Subdomains

16 IPs

2 Countries

3047 kBTransfer

4486 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ineslebuhan.com Open in urlscan Pro
2606:4700:3034::6815:3070 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

97 %
HTTPS

100 %
IPv6

12
Domains

15
Subdomains

16
IPs

2
Countries

3047 kB
Transfer

4486 kB
Size

6
Cookies

60 HTTP transactions
4 data transactions