mtnvpn.manteghi.sbs Open in urlscan Pro
45.61.128.84 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mtnvpn.manteghi.sbs/
Submission: On July 29 via automatic, source certstream-suspicious (July 29th 2023, 10:42:35 pm UTC) — Scanned from DE

Summary HTTP 230 Redirects Links 94 Behaviour Indicators

Summary

This website contacted 53 IPs in 6 countries across 39 domains to perform 230 HTTP transactions. The main IP is 45.61.128.84, located in Las Vegas, United States and belongs to -Reserved AS-, US. The main domain is mtnvpn.manteghi.sbs.
TLS certificate: Issued by R3 on July 29th 2023. Valid for: 3 months.

This is the only time mtnvpn.manteghi.sbs was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	45.61.128.84 45.61.128.84	14956 (-Reserved...) (-Reserved AS-)
5	104.18.25.47 104.18.25.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
53	104.18.29.163 104.18.29.163	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.236.245.174 54.236.245.174	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700::68... 2606:4700::6812:1892	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223e:b200:5:82fd:2500:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2490:3600:11:b309:9100:21	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:a6e0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a02:26f0:350... 2a02:26f0:3500:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.222.174.20 52.222.174.20	16509 (AMAZON-02) (AMAZON-02)
2	13.225.34.75 13.225.34.75	16509 (AMAZON-02) (AMAZON-02)
1 6	52.30.115.249 52.30.115.249	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
6	2.18.160.23 2.18.160.23	16625 (AKAMAI-AS) (AKAMAI-AS)
3	52.222.208.154 52.222.208.154	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	13.32.99.90 13.32.99.90	16509 (AMAZON-02) (AMAZON-02)
1	104.18.22.143 104.18.22.143	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.154.176.164 54.154.176.164	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1	52.208.156.123 52.208.156.123	16509 (AMAZON-02) (AMAZON-02)
2	63.140.62.160 63.140.62.160	16509 (AMAZON-02) (AMAZON-02)
1	35.186.225.155 35.186.225.155	15169 (GOOGLE) (GOOGLE)
2	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	3.236.169.45 3.236.169.45	14618 (AMAZON-AES) (AMAZON-AES)
1	184.30.211.26 184.30.211.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e4:... 2606:4700:e4::ac40:a60e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	18.203.192.232 18.203.192.232	16509 (AMAZON-02) (AMAZON-02)
4	108.138.9.235 108.138.9.235	16509 (AMAZON-02) (AMAZON-02)
2 2	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	3.90.170.4 3.90.170.4	14618 (AMAZON-AES) (AMAZON-AES)
1 1	46.228.164.13 46.228.164.13	56396 (AMOBEE) (AMOBEE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	34.203.102.88 34.203.102.88	14618 (AMAZON-AES) (AMAZON-AES)
4	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
12	34.107.136.65 34.107.136.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	23.212.88.20 23.212.88.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	216.46.185.182 216.46.185.182	13649 (ASN-VINS) (ASN-VINS)
4	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b140:231f:659f:da19:e372	14618 (AMAZON-AES) (AMAZON-AES)
1	3.211.211.42 3.211.211.42	14618 (AMAZON-AES) (AMAZON-AES)
9	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
3 7	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
230	53

2 45.61.128.84 (Las Vegas, United States)

ASN14956 (-Reserved AS-, US)

mtnvpn.manteghi.sbs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.25.47 (None, )

ASN13335 (CLOUDFLARENET, US)

img.webmd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 104.18.29.163 (None, )

ASN13335 (CLOUDFLARENET, US)

images.medicinenet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.medicinenet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.236.245.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-245-174.compute-1.amazonaws.com

preferences.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:1892 (United States)

ASN13335 (CLOUDFLARENET, US)

img.lb.wbmdstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:b200:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)

dyv1bugovvq1g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:3600:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)

d15kdpgjg3unno.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:a6e0 (United States)

ASN13335 (CLOUDFLARENET, US)

pub.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.174.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-20.cdg50.r.cloudfront.net

privacy-policy.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.34.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-34-75.cdg3.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.30.115.249 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-115-249.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.90 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.22.143 (None, )

ASN13335 (CLOUDFLARENET, US)

bi.medscape.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.176.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-176-164.eu-west-1.compute.amazonaws.com

vtrk.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.156.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-156-123.eu-west-1.compute.amazonaws.com

webmd.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.160 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-160.data.adobedc.net

ssl.o.webmd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.225.155 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 155.225.186.35.bc.googleusercontent.com

tag.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.236.169.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-236-169-45.compute-1.amazonaws.com

sqs.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e4::ac40:a60e (United States)

ASN13335 (CLOUDFLARENET, US)

ibclick.stream	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.192.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-192-232.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.90 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.90.170.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-90-170-4.compute-1.amazonaws.com

thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.203.102.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-102-88.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

hb-pb.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.107.136.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.136.107.34.bc.googleusercontent.com

xch.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.212.88.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com

hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.46.185.182 (Littleton, United States)

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b140:231f:659f:da19:e372 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.211.211.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-211-42.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	medicinenet.com images.medicinenet.com — Cisco Umbrella Rank: 126482 www.medicinenet.com — Cisco Umbrella Rank: 137294	632 KB
42	googlesyndication.com 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	442 KB
28	media.net contextual.media.net — Cisco Umbrella Rank: 639 hbx.media.net — Cisco Umbrella Rank: 1258 hb-pb.media.net — Cisco Umbrella Rank: 30672 xch.media.net — Cisco Umbrella Rank: 20897 hblg.media.net — Cisco Umbrella Rank: 2092	291 KB
17	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 204 cm.g.doubleclick.net — Cisco Umbrella Rank: 239 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	228 KB
7	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 3	1 KB
7	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 354 aax.amazon-adsystem.com — Cisco Umbrella Rank: 444	67 KB
7	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 216 webmd.demdex.net — Cisco Umbrella Rank: 26989	10 KB
7	webmd.com img.webmd.com — Cisco Umbrella Rank: 11959 ssl.o.webmd.com — Cisco Umbrella Rank: 30030	146 KB
5	doubleverify.com pub.doubleverify.com — Cisco Umbrella Rank: 5631 vtrk.doubleverify.com — Cisco Umbrella Rank: 1395	13 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 213	225 KB
4	contextweb.com bh.contextweb.com — Cisco Umbrella Rank: 554	25 KB
4	ibclick.stream ibclick.stream — Cisco Umbrella Rank: 20083	60 KB
4	truste.com privacy-policy.truste.com — Cisco Umbrella Rank: 10776 choices.truste.com — Cisco Umbrella Rank: 826	35 KB
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 837 id5-sync.com — Cisco Umbrella Rank: 423	50 KB
3	gstatic.com fonts.gstatic.com	61 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 79	2 KB
3	liadm.com 1 redirects idx.liadm.com — Cisco Umbrella Rank: 2554 rp.liadm.com — Cisco Umbrella Rank: 1598 rp4.liadm.com — Cisco Umbrella Rank: 6638	1 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1034 bcp.crwdcntrl.net — Cisco Umbrella Rank: 869 id.crwdcntrl.net — Cisco Umbrella Rank: 2811	12 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 154	3 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 428	43 KB
3	wbmdstatic.com img.lb.wbmdstatic.com — Cisco Umbrella Rank: 26802	8 KB
2	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 417	756 B
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 245	1 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1914	311 B
2	cloudfront.net dyv1bugovvq1g.cloudfront.net d15kdpgjg3unno.cloudfront.net	24 KB
2	manteghi.sbs mtnvpn.manteghi.sbs	40 KB
1	ib-ibi.com global.ib-ibi.com — Cisco Umbrella Rank: 2292	72 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 410	98 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1504	402 B
1	thrtle.com thrtle.com — Cisco Umbrella Rank: 1366
1	mathtag.com sync.mathtag.com — Cisco Umbrella Rank: 1028	443 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1380	17 KB
1	amazonaws.com sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 4858	682 B
1	tapad.com tag.tapad.com — Cisco Umbrella Rank: 4495	239 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1100	406 B
1	medscape.com bi.medscape.com — Cisco Umbrella Rank: 125062	383 B
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1041	4 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	80 KB
1	trustarc.com preferences.trustarc.com — Cisco Umbrella Rank: 26676	4 KB
230	39

	Domain	Requested by
51	images.medicinenet.com	mtnvpn.manteghi.sbs www.medicinenet.com
29	tpc.googlesyndication.com	securepubads.g.doubleclick.net mtnvpn.manteghi.sbs 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com tpc.googlesyndication.com
12	xch.media.net	mtnvpn.manteghi.sbs
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	securepubads.g.doubleclick.net	img.webmd.com securepubads.g.doubleclick.net mtnvpn.manteghi.sbs www.googletagservices.com 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
7	www.google.com	3 redirects 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
6	hbx.media.net	img.webmd.com mtnvpn.manteghi.sbs hbx.media.net
6	dpm.demdex.net	1 redirects mtnvpn.manteghi.sbs
5	img.webmd.com	mtnvpn.manteghi.sbs www.medicinenet.com
4	www.googletagservices.com	securepubads.g.doubleclick.net 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
4	193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	hb-pb.media.net	hbx.media.net
4	aax.amazon-adsystem.com	c.amazon-adsystem.com
4	bh.contextweb.com	mtnvpn.manteghi.sbs
4	ibclick.stream	mtnvpn.manteghi.sbs ibclick.stream
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	tpc.googlesyndication.com
3	hblg.media.net	mtnvpn.manteghi.sbs
3	sb.scorecardresearch.com	1 redirects mtnvpn.manteghi.sbs
3	c.amazon-adsystem.com	img.webmd.com c.amazon-adsystem.com
3	assets.adobedtm.com	mtnvpn.manteghi.sbs assets.adobedtm.com
3	contextual.media.net	img.webmd.com hbx.media.net
3	pub.doubleverify.com	img.webmd.com pub.doubleverify.com
3	img.lb.wbmdstatic.com	img.webmd.com assets.adobedtm.com
2	gum.criteo.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	ib.adnxs.com	2 redirects
2	region1.google-analytics.com	www.googletagmanager.com
2	id5-sync.com	cdn.id5-sync.com hbx.media.net
2	ssl.o.webmd.com	assets.adobedtm.com img.webmd.com
2	vtrk.doubleverify.com	pub.doubleverify.com
2	www.medicinenet.com	mtnvpn.manteghi.sbs www.medicinenet.com
2	choices.truste.com	mtnvpn.manteghi.sbs
2	privacy-policy.truste.com	mtnvpn.manteghi.sbs
2	cdn.id5-sync.com	img.webmd.com mtnvpn.manteghi.sbs
2	mtnvpn.manteghi.sbs	img.webmd.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	global.ib-ibi.com	mtnvpn.manteghi.sbs
1	id.crwdcntrl.net	hbx.media.net
1	idx.liadm.com	hbx.media.net
1	idsync.rlcdn.com	mtnvpn.manteghi.sbs
1	d.turn.com	1 redirects
1	thrtle.com	mtnvpn.manteghi.sbs
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	sync.mathtag.com	mtnvpn.manteghi.sbs
1	tags.crwdcntrl.net	mtnvpn.manteghi.sbs
1	secure.cdn.fastclick.net	mtnvpn.manteghi.sbs
1	sqs.us-east-1.amazonaws.com	d15kdpgjg3unno.cloudfront.net
1	tag.tapad.com	img.webmd.com
1	webmd.demdex.net	assets.adobedtm.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	bi.medscape.com	mtnvpn.manteghi.sbs
1	unpkg.com	mtnvpn.manteghi.sbs
1	www.googletagmanager.com	assets.adobedtm.com
1	d15kdpgjg3unno.cloudfront.net	img.webmd.com
1	dyv1bugovvq1g.cloudfront.net	img.webmd.com
1	preferences.trustarc.com	mtnvpn.manteghi.sbs
230	59

This site contains links to these domains. Also see Links.

Domain
www.medicinenet.com
data.webmd.com
privacy.truste.com
www.webmd.com
blogs.webmd.com
www.rxlist.com
www.internetbrands.com

Subject Issuer	Validity	Valid
mtnvpn.manteghi.sbs R3	`2023-07-29` - `2023-10-27`	3 months	crt.sh
img.webmd.com Cloudflare Inc ECC CA-3	`2023-03-14` - `2024-03-13`	a year	crt.sh
medicinenet.com E1	`2023-07-01` - `2023-09-29`	3 months	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2023-04-17` - `2024-05-14`	a year	crt.sh
le.k8s-prod.webmd.com ZeroSSL RSA Domain Secure Site CA	`2023-07-01` - `2023-09-29`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.truste.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
medscape.com Cloudflare Inc ECC CA-3	`2023-03-31` - `2024-03-30`	a year	crt.sh
vtrk.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-12-05` - `2024-01-06`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
ssl.o.webmd.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-23` - `2024-07-23`	a year	crt.sh
*.tapad.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
queue.amazonaws.com Amazon RSA 2048 M01	`2023-03-08` - `2024-03-07`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-02` - `2023-12-02`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
ibclick.stream E1	`2023-07-11` - `2023-10-09`	3 months	crt.sh
*.contextweb.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-10` - `2024-05-09`	a year	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.thrtle.com Go Daddy Secure Certificate Authority - G2	`2023-03-22` - `2024-04-22`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M01	`2023-02-21` - `2023-10-29`	8 months	crt.sh
*.ib-ibi.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-21` - `2024-04-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://mtnvpn.manteghi.sbs/
Frame ID: D0E739600548F5113B0674866C2F88E0
Requests: 143 HTTP requests in this frame

Frame: https://www.medicinenet.com/script/main/newsletter-signuproadblock.asp
Frame ID: B33EB937911BE821F9725B1226DC5D80
Requests: 4 HTTP requests in this frame

Frame: https://webmd.demdex.net/dest5.html?d_nsid=0
Frame ID: C81B7643DE1425DC4027D8B88B50D143
Requests: 9 HTTP requests in this frame

Frame: https://tag.tapad.com/accounts/39/tags/q9MvkfP/events?partner_url=https%3A%2F%2Fimg.webmd.com%2Fpixel%2Faiq.b.1.html%3Ftid%3D%24%7BTA_DEVICE_ID%7D&response_type=pixel
Frame ID: 52A322F3AAA3454E64198F058387CBDA
Requests: 1 HTTP requests in this frame

Frame: https://ibclick.stream/ib.html
Frame ID: 9D7D6DA82B9AF3661D90C434FC12DDB3
Requests: 2 HTTP requests in this frame

Frame: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 75C47D171B473DA8656E6D79D6C5DDAC
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU66J63J&prvid=55%2C77%2C251%2C141%2C175%2C178%2C201%2C246%2C3017%2C147%2C203%2C214%2C237%2C337%2C208&itype=HB&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: AB0DF4523382E4EC84621CD8DE1E49A2
Requests: 1 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?cid=8CU66J63J&cs=1&cv=37&hb=1&prvid=440%2C327%2C29%2C461%2C107%2C345%2C3012%2C23%2C3018%2C459%2C3030%2C3%2C126%2C326%2C374%2C338%2C262%2C226%2C351%2C117%2C296%2C455%2C229%2C344%2C97%2C3054%2C3016%2C339%2C79%2C441%2C3003%2C108%2C2043%2C450%2C96%2C54%2C3053%2C77%2C203%2C201%2C246%2C251%2C214%2C3007%2C3017%2C141%2C175%2C337%2C228%2C178%2C208%2C237%2C55%2C172%2C307%2C147&vsSync=1&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0&ckdel=0&gpp=&gpp_sid=
Frame ID: C593C1555F59DEF2A4AEF52E15C6201C
Requests: 1 HTTP requests in this frame

Frame: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 568470E282C04B169E7B184770E36FA3
Requests: 9 HTTP requests in this frame

Frame: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A5EAAD32824D43C867647342603F0CA4
Requests: 9 HTTP requests in this frame

Frame: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E4F8FF236A6DAC29330C38C728BBF47C
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstG2LXAKzjT7b2A0ks95D8JADAgkq4DE3b_b9e3FjzZn-TLawGTXjnhP7ApeCKNxaYV2yBsj9GiL4UehCwEdrg09Cn5oH6Husb0IQDYTBwv857sggUa-2REFwZVhvBoPGvlb8lnrmZMkqxJaa7WXdQOX2XBcvR0-xy5dIu2U8NNk-sSRfzzuHGVQEyRpaEmlWjJkm5_UM9ZTlKN7HdSQEmP_juMlCR8oRAb7WWIH11IIozgxzWffT38TrXqKRQPUENh5bpKt4fDt4Suzz6UcPreCM-URlaAWYL_TsyPf_7bSCxyFFgz6KTOG47SvRWQqCzOV3admibjEYoqEnrihQeCbwg&sai=AMfl-YSlCVgyufxAqfplVmKbWjSPp64yTOxHVM_in5CW2Y_61Nxn4zePIsV6biDXKez4tfGPIZ8RCFZHBDHkHOP2k8JLay9T3DpkTtSuEdk1c3t2_g3AVYgYXpk5l0odNA&sig=Cg0ArKJSzJzLHmUiY8luEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D9697BEAAAB7F27D42A54AA091507F78
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/index.html
Frame ID: 2C1BDC84AFEA8E23A816379C23B61737
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EF62D1668722B8B037EF2B161E95141D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/index.html
Frame ID: 761D9F0FCF980B2DB6BE3A151167024C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 40B13371BCD5090C9E59430C5938EB6A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/index.html
Frame ID: ABA2459CCAF0D54F052A0E451739454F
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2C93918A865ED63414D2629CC4C954D2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 03A7F918F575882C3022ED00962F49BE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 06E700A95EF18394B9A518EEBA28C412
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MedicineNet - Health and Medical Information Produced by Doctors

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

230
Requests

94 %
HTTPS

37 %
IPv6

39
Domains

59
Subdomains

53
IPs

6
Countries

2528 kB
Transfer

7154 kB
Size

27
Cookies

94 Outgoing links

These are links going to different origins than the main page.

URL: https://www.medicinenet.com/script/main/hp.asp
Title: MedicineNet

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/diseases_and_conditions/article.htm
Title: Health A-Z

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/procedures_and_tests/article.htm
Title: Procedures & Tests

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/medications/article.htm
Title: Drugs & Supplements

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/supplements-vitamins/article.htm
Title: Vitamins & Supplements

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/health_and_living/focus.htm
Title: Health & Living

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/diet_and_weight_management/article.htm
Title: Diet & Weight Management

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/exercise_and_fitness/article.htm
Title: Exercise & Fitness

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/nutrition_and_healthy_living/article.htm
Title: Nutrition and Healthy Living

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/prevention_and_wellness/article.htm
Title: Prevention & Wellness

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/slideshows/article.htm
Title: Slideshows

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/quizzes_a-z_list/article.htm
Title: Quizzes

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/image_collection/article.htm
Title: Images

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/script/main/art.asp?articlekey=12507
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/script/main/art.asp?articlekey=12510
Title: About Us

Search URL Search Domain Scan URL

URL: https://data.webmd.com/sdclive/SdcForm.aspx?FormId=MedNetContact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/script/main/art.asp?articlekey=12596
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/script/main/art.asp?articlekey=10493
Title: Advertising Policy

Search URL Search Domain Scan URL

URL: https://privacy.truste.com/privacy-seal/validation?rid=07326333-3522-463d-81bf-f00fd7171fff

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/script/main/art.asp?articlekey=63261
Title: See additional information

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/syphilis_in_women_overview/article.htm
Title: FEATURED Symptoms of Syphilis Syphilis infection, when untreated, progresses through different clinical stages with characteristic signs and symptoms. The first, or primary, stage of syphilis is characterized by the formation of...

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/bronny_james_released_following_cardiac_arrest/news.htm
Title: Heart Disease Bronny James Released From Hospital Following Cardiac Arrest Friday, July 28

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/half_million_people_have_tick_borne_meat_allergy/news.htm
Title: Allergies Nearly a Half-Million Americans Might Have Tick-Borne Meat Allergy Syndrome Friday, July 28

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/white_house_announces_new_cancer_research/news.htm
Title: Cancer White House Announces New Cancer Research Initiative Friday, July 28

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/swine_flu_strain_passed_between_humans_and_pigs/news.htm
Title: Infection 'Swine Flu' Strain Has Passed Between Humans and Pigs Hundreds of Times Friday, July 28

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/is_venting_good_for_your_health/news.htm
Title: Mental Health Is Venting Good For Your Health? Friday, July 28

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/daily_baby_aspirin_raises_odds_for_brain_bleeds/news.htm
Title: Heart Disease Daily Baby Aspirin Raises Odds for Brain Bleeds, With No Lowering of Stroke Risk Friday, July 28

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/health_medical_news/article.htm
Title: SEE ALL NEWS

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/kidney_disease_quiz/quiz.htm
Title: IMAGE Kidney Disease Quiz

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/image-collection/colon_illustration/picture.htm
Title: IMAGE Illustrations of Colon

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/image-collection/cauliflower_ear_illustration/picture.htm
Title: IMAGE Illustration of Cauliflower Ear

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/psoriasis_symptoms_treatment_pictures_slideshow/article.htm
Title: Psoriasis Psoriasis Slideshow

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/ulcerative_colitis_pictures_slideshow/article.htm
Title: Ulcerative Colitis (UC) Ulcerative Colitis

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/how_late_can_period_be_before_know_youre_pregnant/article.htm
Title: Pregnancy (Being Pregnant) How Late Can a Period Be Before You Know You’re Pregnant?

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/common_medical_abbreviations_and_terms/article.htm
Title: Health Topics Common Medical Abbreviations & Terms

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/heat_rash/article.htm
Title: Skin Problems & Treatments Heat Rash

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/liver_blood_tests/article.htm
Title: Hepatitis C Liver Blood Tests (Normal, Low, and High Levels & Results)

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/can_i_get_pregnant_shortly_after_my_period/article.htm
Title: Pregnancy (Getting Pregnant) How Many Days After Your Period Can You Get Pregnant?

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/is_it_normal_to_have_left_side_pain_in_pregnancy/article.htm
Title: Pregnancy (Being Pregnant) Is It Normal to Have Pain on Your Left Side During Pregnancy? Why and When to Worry

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/stool_color_changes/article.htm
Title: Digestive Problems Stool Color, Changes, Texture and Form

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/how_long_does_an_allergic_reaction_last/article.htm
Title: Allergies How Long Does an Allergic Reaction Last?

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/hemoglobin/article.htm
Title: Anemia Hemoglobin: Normal, High, Low Levels, Age & Gender

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/how_do_you_get_a_degloved_face/article.htm
Title: Trauma (Sensitive Topic) How Do You Get a Degloved Face?

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/prednisone/article.htm
Title: Psoriasis prednisone

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/which_antibiotic_is_best_for_an_ear_infection/article.htm
Title: Ear Disorders (Otitis Media, Infections) Which Antibiotic Is Best for An Ear Infection?

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/corticosteroids-oral/article.htm
Title: Psoriasis Corticosteroids

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/amoxicillin/article.htm
Title: Infection amoxicillin

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/metronidazole/article.htm
Title: Infection metronidazole

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/tramadol/article.htm
Title: Rheumatoid Arthritis tramadol

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/what_fruit_is_good_for_kidneys/article.htm
Title: Kidney Disease What Fruit Is Good for Kidneys?

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/how_long_does_it_take_to_die_if_you_dont_eat/article.htm
Title: Nutrition and Healthy Eating How Long Does It Take to Die If You Don’t Eat?

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/what_are_8_strongest_most_powerful_aphrodisiacs/article.htm
Title: Nutrition and Healthy Eating What Are the 8 Strongest and Most Powerful Aphrodisiacs That Can Help Boost Your Sexual Arousal?

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/what_is_the_fastest_way_to_get_rid_of_gnats/article.htm
Title: Skin Problems & Treatments What Is the Fastest Way to Get Rid of Gnats?

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/what_is_a_good_heart_rate_for_my_age/article.htm
Title: Heart Failure What Is a Good Heart Rate for My Age Chart?

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/how_to_calculate_calorie_deficit_for_weight_loss/article.htm
Title: Diet and Weight Loss How to Calculate Calorie Deficit for Weight Loss

Search URL Search Domain Scan URL

URL: https://www.webmd.com/skin-problems-and-treatments/psoriasis/psa-22/psa-make-treatment-work
Title: What Are the Best PsA Treatments for You?

Search URL Search Domain Scan URL

URL: https://www.webmd.com/rheumatoid-arthritis/video/ra-biologic-drugs
Title: Understanding Biologics

Search URL Search Domain Scan URL

URL: https://blogs.webmd.com/depression/20220131/what-i-wish-people-knew-about-depression
Title: 10 Things People With Depression Wish You Knew

Search URL Search Domain Scan URL

URL: https://www.webmd.com/multiple-sclerosis/ms-mind-19/treatment-for-relapsing-MS
Title: Shot-Free MS Treatment

Search URL Search Domain Scan URL

URL: https://www.webmd.com/children/children-doctor-covid-20/pediatric-pandemic
Title: Your Child and COVID-19

Search URL Search Domain Scan URL

URL: https://www.rxlist.com/pill-identification-tool/article.htm
Title: Quick and easy pill identification

Search URL Search Domain Scan URL

URL: https://www.rxlist.com/pharmacy/local_locations_pharmacies.htm
Title: Includes 24 hour locations!

Search URL Search Domain Scan URL

URL: https://www.rxlist.com/drug-interaction-checker.htm
Title: See potential drug interactions

Search URL Search Domain Scan URL

URL: https://www.webmd.com/peyronies-treatment-option/treatment-option
Title: Penis Curved When Erect

Search URL Search Domain Scan URL

URL: https://www.webmd.com/dna/the-turning-point/cad-pad
Title: Could I have CAD?

Search URL Search Domain Scan URL

URL: https://www.webmd.com/dupuytrens/treatment
Title: Treat Bent Fingers

Search URL Search Domain Scan URL

URL: https://www.webmd.com/dna/metastatic-bc-resource-center
Title: Treat HR+, HER2- MBC

Search URL Search Domain Scan URL

URL: https://www.webmd.com/dna/dandruff-just-the-facts
Title: Tired of Dandruff?

Search URL Search Domain Scan URL

URL: https://www.webmd.com/bladder-cancer-questions
Title: Life with Cancer

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/allergies/focus.htm
Title: Allergies

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/arthritis/focus.htm
Title: Arthritis

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/high_blood_pressure/focus.htm
Title: Blood Pressure

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/cancer/focus.htm
Title: Cancer

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/chronic_pain/focus.htm
Title: Chronic Pain

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/cold_and_flu/focus.htm
Title: Cold & Flu

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/depression/focus.htm
Title: Depression

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/diabetes/focus.htm
Title: Diabetes

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/digestion/focus.htm
Title: Digestion

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/healthy_kids/focus.htm
Title: Healthy Kids

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/hearing/focus.htm
Title: Hearing & Ear

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/heart/focus.htm
Title: Heart

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/hiv/focus.htm
Title: HIV/AIDS

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/infectious_disease/focus.htm
Title: Infectious Disease

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/mens_health/focus.htm
Title: Men's Health

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/mental_health/focus.htm
Title: Mental Health

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/neurology/focus.htm
Title: Neurology

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/pregnancy/focus.htm
Title: Pregnancy

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/sexual_health/focus.htm
Title: Sexual Health

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/skin/focus.htm
Title: Skin

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/thyroid/focus.htm
Title: Thyroid

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/womens_health/focus.htm
Title: Women's Health

Search URL Search Domain Scan URL

URL: https://www.medicinenet.com/contact_us/article.htm
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.webmd.com/about-webmd-policies/about-ccpa-do-not-sell
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

URL: https://www.internetbrands.com/
Title: Internet Brands

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=16AD4362526701720A490D45%40AdobeOrg&d_nsid=0&ts=1690670547701 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=16AD4362526701720A490D45%40AdobeOrg&d_nsid=0&ts=1690670547701

Request Chain 71

https://sb.scorecardresearch.com/cs/6035829/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 110

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=3719324157027877170

Request Chain 115

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3659833090276633865

Request Chain 119

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTAwNzQyMjQ4OTcwMTA3Njg3MDM3NTEyMTM1NDkxODIwNTYwNTA= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTAwNzQyMjQ4OTcwMTA3Njg3MDM3NTEyMTM1NDkxODIwNTYwNTA=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBts5VQ42MEueiqjPaYGels&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 135

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=jrg8A8cSM6Nn9CRarj5zT1OnbT7vJnO7&gdpr=0&gdpr_consent=

Request Chain 153

https://rp.liadm.com/j?dtstmp=1690670549217&se=e30&pu=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&gdpr=1&n3pc=1&n3pct=1&nb=1 HTTP 302
https://rp4.liadm.com/j?dtstmp=1690670549217&se=e30&pu=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&gdpr=1&n3pc=1&n3pct=1&nb=1&i6=MmEwMTo0YTA6NWE6OjEx

Request Chain 190

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 191

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 194

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

230 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mtnvpn.manteghi.sbs/ 184 KB
40 KB 632ms
330ms Document
text/html 45.61.128.84
-Reserved AS-

General

Check archive.org

Show headers Download Go to

Full URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.128.84 Las Vegas, United States, ASN14956 (-Reserved AS-, US),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 6399b80ebb1d2f827cc55aa7862d581b88d8bbd2f4486144d502d9b6ca67f8f6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14380
cache-control: private
cf-cache-status: HIT
cf-ray: 7ee8e007abcc7ecb-LAX
cf-wrk: lrt_o&o_v3.5_isEU:false_isUSCA:true_isCalifornia:false
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 29 Jul 2023 22:42:27 GMT
last-modified: Sat, 29 Jul 2023 18:22:43 GMT
server: nginx/1.24.0
vary: , Accept-Encoding
x-aspnet-version: 4.0.30319
x-server-id: www06-web.mdc.la1.webmd.com

GET
H2 200 ccm_oo.min.js Show response
img.webmd.com/dtmcms/live/webmd/consumer_assets/site_images/webmd-ccm/ 15 KB
5 KB 62ms
24ms Script
application/javascript 104.18.25.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.webmd.com/dtmcms/live/webmd/consumer_assets/site_images/webmd-ccm/ccm_oo.min.js
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.25.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 554a520840f39c114b5eadc53a2652d612362511245bbd2eaf6a264eaf8bdd7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 14372458
content-length: 5186
last-modified: Wed, 14 Dec 2022 19:27:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-server-id: img03-web.con.ma1.webmd.com
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ee8e0096fac2c7d-FRA
expires: Sun, 28 Jul 2024 22:42:27 GMT

GET
H2 200 raleway-v19-latin-regular.woff2
images.medicinenet.com/fonts/raleway-v19-latin/ 21 KB
21 KB 376ms
342ms Font
application/font-woff2 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images.medicinenet.com/fonts/raleway-v19-latin/raleway-v19-latin-regular.woff2
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394

Request headers

Referer: https://mtnvpn.manteghi.sbs/
Origin: https://mtnvpn.manteghi.sbs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: MISS
last-modified: Wed, 16 Jun 2021 21:22:11 GMT
server: cloudflare
etag: "eb72beabf562d71:0"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
x-server-id: www03-web.mdc.ma1.webmd.com
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7ee8e0096d5c5c20-FRA
content-length: 21028
expires: Tue, 29 Aug 2023 22:42:27 GMT

GET
H2 200 raleway-v19-latin-600.woff2
images.medicinenet.com/fonts/raleway-v19-latin/ 21 KB
21 KB 191ms
157ms Font
application/font-woff2 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images.medicinenet.com/fonts/raleway-v19-latin/raleway-v19-latin-600.woff2
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4012fdcbe9804fb76be489414b5d7fa6fc0a492ac676d9105b41e1dc73208395

Request headers

Referer: https://mtnvpn.manteghi.sbs/
Origin: https://mtnvpn.manteghi.sbs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: MISS
last-modified: Wed, 16 Jun 2021 21:22:11 GMT
server: cloudflare
etag: "eb72beabf562d71:0"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
x-server-id: www03-web.mdc.ma1.webmd.com
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7ee8e0096d5e5c20-FRA
content-length: 21364
expires: Tue, 29 Aug 2023 22:42:27 GMT

GET
H2 200 all.min.js Show response
images.medicinenet.com/medicinenet/js/ 130 KB
34 KB 57ms
24ms Script
application/javascript 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images.medicinenet.com/medicinenet/js/all.min.js
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f19690d8f07e5b092b941176f8cae992dfa2a82c6dba5d3e659048f67bc863f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Feb 2022 19:41:07 GMT
server: cloudflare
age: 3851
etag: W/"c337cdd26c18d81:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-server-id: www04-web.mdc.ma1.webmd.com
cache-control: public, max-age=2678400
cf-ray: 7ee8e0096d3e915e-FRA
expires: Tue, 29 Aug 2023 22:42:27 GMT

GET
H2 200 legacy.js Show response
images.medicinenet.com/oocommon/js/20190620/ 496 KB
145 KB 60ms
27ms Script
application/javascript 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images.medicinenet.com/oocommon/js/20190620/legacy.js
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4f411b248326b4c6e63f1cdac354583074082818d8c87c78b10e9a8f6b13e21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 May 2023 22:27:02 GMT
server: cloudflare
age: 4955
etag: W/"78c1c05f94d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-server-id: www09-web.mdc.ma1.webmd.com
cache-control: public, max-age=2678400
cf-ray: 7ee8e0096d3f915e-FRA
expires: Tue, 29 Aug 2023 22:42:27 GMT

GET
H2 200 oo_shim_head.min.js Show response
img.webmd.com/dtmcms/live/webmd/PageBuilder_Assets/JS_static/api/ 154 KB
55 KB 54ms
18ms Script
application/javascript 104.18.25.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.webmd.com/dtmcms/live/webmd/PageBuilder_Assets/JS_static/api/oo_shim_head.min.js
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.25.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0df681aa7908b78db3c17ed6fe6eca2c7c5c55a6069b7451f6878ad1cfe34b9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 14 Jun 2023 13:42:30 GMT
server: cloudflare
age: 3919707
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-server-id: img01-web.con.ma1.webmd.com
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 7ee8e0096fa72c7d-FRA
expires: Sun, 28 Jul 2024 22:42:27 GMT

GET
H2 200 oo_shim_body.min.js Show response
img.webmd.com/dtmcms/live/webmd/PageBuilder_Assets/JS_static/api/ 77 KB
24 KB 61ms
24ms Script
application/javascript 104.18.25.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.webmd.com/dtmcms/live/webmd/PageBuilder_Assets/JS_static/api/oo_shim_body.min.js
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.25.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 434f1ae7ade44ef059eced73987eb4da78c761e47209f3e2ed6da342dd624ace

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3919707
content-length: 24336
last-modified: Wed, 14 Jun 2023 13:48:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-server-id: img04-web.con.ma1.webmd.com
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ee8e0096fa92c7d-FRA
expires: Sun, 28 Jul 2024 22:42:27 GMT

GET
H2 200 bi_oocommon.js Show response
img.webmd.com/bi_common/ 90 KB
29 KB 52ms
15ms Script
application/javascript 104.18.25.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.webmd.com/bi_common/bi_oocommon.js?d=07/29/2023
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.25.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e8310e062dcb148ae0cbae2f1ae8692347635c885ef9bf4c0aa6396be2b0f1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 67251
content-length: 29842
last-modified: Fri, 04 Feb 2022 14:58:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-server-id: img02-web.con.ma1.webmd.com
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ee8e0096fab2c7d-FRA
expires: Sun, 28 Jul 2024 22:42:27 GMT

GET
H2 200 js Show response
preferences.trustarc.com/webservices/ 8 KB
4 KB 297ms
93ms Script
text/javascript 54.236.245.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://preferences.trustarc.com/webservices/js?domain=webmd&type=webmd_popnew&js=responsive

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.236.245.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-245-174.compute-1.amazonaws.com

Software

Apache /

Resource Hash

33a0f5570d9038817c265104501ce5b24c514fae1f15a531e30d63a876ef0b57

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: cross-origin
content-length: 2784
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: Apache
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 optiCommon.js Show response
img.lb.wbmdstatic.com/webmd_static_vue/file-explorer/webmd/js/media/ 8 KB
3 KB 171ms
123ms Script
text/plain 2606:4700::6812:1892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lb.wbmdstatic.com/webmd_static_vue/file-explorer/webmd/js/media/optiCommon.js
Requested by: Host: img.webmd.com
URL: https://img.webmd.com/dtmcms/live/webmd/PageBuilder_Assets/JS_static/api/oo_shim_head.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1892 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ee0ad088e66c6164da0785d410f7d271653bf07fb832c9a5f71e488805b3183e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
content-encoding: gzip
x-redis: redis_server_1
x-skipcache-by-query: 0
cf-cache-status: DYNAMIC
x-cache-key: img.wbmdstatic.com/webmd_static_vue/file-explorer/webmd/js/media/opticommon.js
x-cache-2: BYPASS
x-powered-by: Express
x-cache: HIT
file-cache-time: 7/27/2023, 4:04:33 PM
server: cloudflare
x-served-by-system: Platform-Nginx-Caching
x-datacenter: MA1
vary: Accept-Encoding
access-control-allow-methods: GET,POST,DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cf-ray: 7ee8e00bc9da9944-FRA
access-control-allow-headers: authorization, content-type, user, name
x-skipcache: 0

GET
H2 403 .js
dyv1bugovvq1g.cloudfront.net/25/mtnvpn.manteghi.sbs/ 0
0 432ms
387ms Script
application/xml 2600:9000:223e:b200:5:82fd:2500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyv1bugovvq1g.cloudfront.net/25/mtnvpn.manteghi.sbs/.js
Requested by: Host: img.webmd.com
URL: https://img.webmd.com/dtmcms/live/webmd/PageBuilder_Assets/JS_static/api/oo_shim_head.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:b200:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H2 200 oPS.js Show response
d15kdpgjg3unno.cloudfront.net/ 112 KB
24 KB 53ms
9ms Script
text/javascript 2600:9000:2490:3600:11:b309:9100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=25
Requested by: Host: img.webmd.com
URL: https://img.webmd.com/dtmcms/live/webmd/PageBuilder_Assets/JS_static/api/oo_shim_head.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3600:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6895702472607ca89d62cb271ae7aecbbe99b25364c8e43c61ecf19c87a0a69e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: hvoF3wJjMHrhM7IqlOWrzUKDYB0HxlzS
content-encoding: gzip
via: 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
date: Sat, 29 Jul 2023 11:32:23 GMT
last-modified: Wed, 26 Jul 2023 13:02:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 40205
x-amz-server-side-encryption: AES256
etag: W/"ef482ad92cd12b6605b48eecb86fea43"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=84600
x-amz-cf-id: 0ZBT2aoukAN-S_7QCmM0q7ADzV19DCViQU3E71v49Ww1fNgCCOhyqg==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 101 KB
25 KB 54ms
24ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: img.webmd.com
URL: https://img.webmd.com/dtmcms/live/webmd/PageBuilder_Assets/JS_static/api/oo_shim_head.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: CKA0ZCF0A097N9V7
age: 286
etag: W/"bb626f116ff54963039a9ea05c53620b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7ee8e00bac8f929f-FRA
x-amz-id-2: 8OWh/gfEttrL8VeqgXYaL/1RvxrjkBwg9Yv/+rx1t+fWUU1tyHMwT4SgRYkMrsqazilVzzKNUMoWV5KFP7gy8Q==

GET
H2 200 pub.js Show response
pub.doubleverify.com/signals/ 34 KB
12 KB 85ms
23ms Script
text/javascript 2606:4700::6812:a6e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/signals/pub.js

Requested by

Host: img.webmd.com
URL: https://img.webmd.com/dtmcms/live/webmd/PageBuilder_Assets/JS_static/api/oo_shim_head.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

687231f280d2be782d06e177132b6ffa0eae823d3d8a28d02fdbdec2462b79f3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors 'self'
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Server-Timing, Cf-Ray
cache-control: private, max-age=14400, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 7ee8e00bda14997b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 119 KB
45 KB 144ms
100ms Script
text/javascript 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CUU54RQD&infsc=1&https=1

Requested by

Host: img.webmd.com
URL: https://img.webmd.com/dtmcms/live/webmd/PageBuilder_Assets/JS_static/api/oo_shim_head.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

143aa6b7ce549df7f19fdc554f9102e7a050d91fbb5da46a64c242564145ce1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-mnt-h: 21-3rb1
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 29 Jul 2023 22:42:27 GMT
server: Apache
etag: "b7a7c0a39d044ca525331b8dd42c421a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-vx5n
timing-allow-origin: *
expires: Sat, 29 Jul 2023 22:47:27 GMT

GET
H2 200 launch-a2e2197ecad5.min.js Show response
assets.adobedtm.com/2c8c1e17b98c/bd8b7ed95b8d/ 130 KB
41 KB 59ms
7ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2c8c1e17b98c/bd8b7ed95b8d/launch-a2e2197ecad5.min.js
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 06446a8d69b393418762bca400c3b3ccfbcb9457fd14a80c001df6898fb6b29f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
content-encoding: gzip
last-modified: Mon, 03 Jul 2023 14:59:59 GMT
server: AkamaiNetStorage
etag: "523a37b2ee2f0554383bc3606cf01c35:1688396399.072795"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 42171
expires: Sat, 29 Jul 2023 23:42:27 GMT

GET
H2 200 jquery.lazyload.min.js Show response
images.medicinenet.com/javascript/medicinenet/redesign/vendor/ 3 KB
1 KB 127ms
127ms Script
application/javascript 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images.medicinenet.com/javascript/medicinenet/redesign/vendor/jquery.lazyload.min.js
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 511b6b281e846aa9ddb481bc88592b025b999d11a448f4f4c1d57c5743482d29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 29 Sep 2017 22:40:22 GMT
server: cloudflare
etag: W/"deb3a9ef7339d31:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-server-id: www09-web.mdc.ma1.webmd.com
cache-control: public, max-age=2678400
cf-ray: 7ee8e00aae75915e-FRA
expires: Tue, 29 Aug 2023 22:42:27 GMT

GET
H2 200 300x400-conditions-a-z.jpg
images.medicinenet.com/images/ 7 KB
7 KB 35ms
22ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/300x400-conditions-a-z.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2b231bb9936cb870040854c4d03f385f5e09d4e955ac5ec5a530d312d2489383

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6223689
x-powered-by: Express
content-length: 6980
last-modified: Wed, 08 Mar 2023 17:41:15 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"1b44-186c2501b5c"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b8f75915e-FRA

GET
H2 200 300x195-procedures-a-z.jpg
images.medicinenet.com/images/ 6 KB
6 KB 37ms
24ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/300x195-procedures-a-z.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 46328715308aa1b948f5cd958386386cbb1e232408a6058b014a8748b20f0272

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6223690
x-powered-by: Express
content-length: 5690
last-modified: Wed, 08 Mar 2023 17:41:15 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"163a-186c2501cff"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b8f76915e-FRA

GET
H2 200 300x400-rx-drugs-medication.jpg
images.medicinenet.com/images/ 16 KB
16 KB 35ms
23ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/300x400-rx-drugs-medication.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 52a4b5d01535c85b3476dec31ef7c8c9e09b56a1491e85e42fd297822057a757

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6223689
x-powered-by: Express
content-length: 16000
last-modified: Wed, 08 Mar 2023 17:41:15 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"3e80-186c2501d0e"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b8f78915e-FRA

GET
H2 200 300x400-supplements.jpg
images.medicinenet.com/images/ 12 KB
12 KB 59ms
47ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/300x400-supplements.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e6a7f564b38c90705e57ebafb88e1a399fcec76f6e193a72b9b27024bdd88f71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6223689
x-powered-by: Express
content-length: 12162
last-modified: Wed, 08 Mar 2023 17:41:15 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"2f82-186c2501bce"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b8f79915e-FRA

GET
H2 200 300x195-diet.jpg
images.medicinenet.com/images/ 5 KB
5 KB 38ms
26ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/300x195-diet.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: da6e070330c6a22168e30d49baf8e469dcc8a534a49f73bfd352ac98c4d8ff71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6223690
x-powered-by: Express
content-length: 4650
last-modified: Wed, 08 Mar 2023 17:41:15 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"122a-186c2501c49"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b8f7a915e-FRA

GET
H2 200 300x195-exercise-and-fitness.jpg
images.medicinenet.com/images/ 4 KB
4 KB 38ms
26ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/300x195-exercise-and-fitness.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4946de81ac04f51f918c1fa10b61702758a1c468b8eec4b1620f8b23ee927de9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6223689
x-powered-by: Express
content-length: 3882
last-modified: Wed, 08 Mar 2023 17:41:15 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"f2a-186c2501cb2"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b8f7c915e-FRA

GET
H2 200 300x195-nutrition-food-and-recipes.jpg
images.medicinenet.com/images/ 5 KB
5 KB 35ms
23ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/300x195-nutrition-food-and-recipes.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5c829ca2f307512df70d12a3959e6235e9e807e7be94cc7c014839c5ce89724a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 182041
x-powered-by: Express
content-length: 5322
last-modified: Wed, 08 Mar 2023 17:41:15 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"14ca-186c2501ca2"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b8f7f915e-FRA

GET
H2 200 300x195-prevention-and-wellness.jpg
images.medicinenet.com/images/ 3 KB
3 KB 35ms
23ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/300x195-prevention-and-wellness.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a5e9fab5977a7435b8e12be49dfd8fc8138b893ec391c5fcdca3337b2312d62b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6223689
x-powered-by: Express
content-length: 2818
last-modified: Wed, 08 Mar 2023 17:41:15 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"b02-186c2501c9f"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b8f80915e-FRA

GET
H2 200 300x400-slideshows.jpg
images.medicinenet.com/images/ 15 KB
15 KB 36ms
24ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/300x400-slideshows.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 382057985793df57911aa24af72f312c8ab2fb0156f8876b8c7582f1e2a8be2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6223690
x-powered-by: Express
content-length: 15228
last-modified: Wed, 08 Mar 2023 17:41:15 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"3b7c-186c2501c28"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b8f83915e-FRA

GET
H2 200 300x195-quizzes.jpg
images.medicinenet.com/images/ 4 KB
4 KB 37ms
25ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/300x195-quizzes.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4b5364c8d9064ed57dac93f6a75547b1039ba7f1a00a61bbf8a16d6445acdcbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6223689
x-powered-by: Express
content-length: 3776
last-modified: Wed, 08 Mar 2023 17:41:15 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"ec0-186c2501c7a"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b8f84915e-FRA

GET
H2 200 300x195-images.jpg
images.medicinenet.com/images/ 7 KB
7 KB 37ms
26ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/300x195-images.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1cde23cecb5090e7630d8651ff2319f441ab1e17b30bae85dbf581be9359d963

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6223690
x-powered-by: Express
content-length: 6798
last-modified: Wed, 08 Mar 2023 17:41:15 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"1a8e-186c2501cfd"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9f8a915e-FRA

GET
H2 200 rgb_tag_registered.png
images.medicinenet.com/images/footer/badges/ 2 KB
2 KB 44ms
33ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/footer/badges/rgb_tag_registered.png
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d3a635b296f84799cec206de15131424144bbd21ae9257ec0d72c7670c201079

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6224901
x-powered-by: Express
content-length: 1946
last-modified: Wed, 08 Mar 2023 17:41:13 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"79a-186c2501321"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9f8b915e-FRA

GET
H/1.1 200
OK seal
privacy-policy.truste.com/privacy-seal/ 14 KB
16 KB 94ms
18ms Image
image/svg+xml 52.222.174.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://privacy-policy.truste.com/privacy-seal/seal?rid=07326333-3522-463d-81bf-f00fd7171fff

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.174.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-174-20.cdg50.r.cloudfront.net

Software

TXS /

Resource Hash

4b8271a7147141530b4450016f74d728419e6cea808360acdf2c25ce1ab6cf96

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; frame-ancestors https://.trustarc.com https://.truste.com ; upgrade-insecure-requests; block-all-mixed-content;, default-src 'self' 'unsafe-eval' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net; font-src 'self' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net; style-src 'self' 'unsafe-inline' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net; img-src 'self' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net https://trustarc.com; frame-src 'self' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net; connect-src 'self' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains; preload
Content-Security-Policy: object-src 'none'; frame-ancestors https://*.trustarc.com https://*.truste.com ; upgrade-insecure-requests; block-all-mixed-content;, default-src 'self' 'unsafe-eval' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; font-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; style-src 'self' 'unsafe-inline' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; img-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net https://trustarc.com; frame-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; connect-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; upgrade-insecure-requests; block-all-mixed-content;
x-content-type-options: nosniff, nosniff, nosniff
Date: Sat, 29 Jul 2023 02:26:17 GMT
Via: 1.1 d5ee2aa873a3cb23609433e0272dd41c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P2
Cross-Origin-Embedder-Policy: unsafe-none, unsafe-none
Age: 73029
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin, cross-origin
Connection: keep-alive
Content-Length: 14237
X-Xss-Protection: 1; mode=block, 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
Server: TXS
Cross-Origin-Opener-Policy: cross-origin, cross-origin
ETag: W/"14237-1594834154000"
Expect-CT: enforce, max-age=60, enforce, max-age=60
X-Frame-Options: SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Content-Type: image/svg+xml
Cache-Control: no-cache, must-revalidate, no-cache, no-store
Access-Control-Allow-Credentials: true
Permissions-Policy: autoplay=(self), document-domain=(self), encrypted-media=(self), autoplay=(self), document-domain=(self), encrypted-media=(self)
Accept-Ranges: bytes
X-Amz-Cf-Id: _toQ74jH_uOte83GRJv8QaGTM7QxYDHVoy5TeJ9yaR4PZbEKP8mMCw==

GET
H2 200 get
choices.truste.com/ 901 B
1 KB 77ms
16ms Image
image/png 13.225.34.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.truste.com/get?name=admarker2.png
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.34.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-34-75.cdg3.r.cloudfront.net
Software: nginx /
Resource Hash: a10ea5e3f0a6324532c6ae655b245a5ddecfb09a8950bac9d3504a7cbc6c616e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: public
date: Fri, 07 Jul 2023 21:44:28 GMT
via: 1.1 d62d0235c86cff9cbc14eb8c55f7a9fa.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: CDG3-C2
age: 1904279
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 901
x-amz-cf-id: FnDRAgnMhyQkDczgKxucU2K4UDpUQCPSkcrpJvjMAwV-s4NrDIPUdA==
expires: Sun, 06 Aug 2023 21:44:28 GMT

GET
H2 200 syphilis-virus-bacteria.jpg
images.medicinenet.com/images/mobile/hp_promo/ 39 KB
40 KB 52ms
42ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/mobile/hp_promo/syphilis-virus-bacteria.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7bbd9f93baf0cff22e3237136723fac85798b62626f0a85f5f1f11becab43387

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 454545
x-powered-by: Express
content-length: 40368
last-modified: Thu, 09 Mar 2023 17:09:03 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"9db0-186c758fca7"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9f8e915e-FRA

GET
H2 200 skin-psoriasis-disease-slideshow.jpg
images.medicinenet.com/images/mobile/hp_promo/ 19 KB
19 KB 39ms
29ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/mobile/hp_promo/skin-psoriasis-disease-slideshow.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: cf03674a093c48b9f0e737be741f9cda1b286a22efeb97d56521cd4996c8ac39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6223690
x-powered-by: Express
content-length: 19674
last-modified: Wed, 08 Mar 2023 17:41:20 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"4cda-186c2502f15"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9f8f915e-FRA

GET
H2 200 ulcerative-colitis-5.jpg
images.medicinenet.com/images/mobile/hp_promo/ 21 KB
21 KB 37ms
27ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/mobile/hp_promo/ulcerative-colitis-5.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 536b9452a4231f59ddd75c8112631ab37278926aaf6283c3f2124cf5598e3364

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6224421
x-powered-by: Express
content-length: 21478
last-modified: Wed, 08 Mar 2023 17:41:20 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"53e6-186c2502f6c"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9f90915e-FRA

GET
H2 200 kidney-disease-quiz.jpg
images.medicinenet.com/images/mobile/hp_promo/ 17 KB
17 KB 59ms
48ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/mobile/hp_promo/kidney-disease-quiz.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 040c18c351dd90463882fc9bd555c07cc7927e009cda2f0ee1ee5449fc8bc431

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6223690
x-powered-by: Express
content-length: 17734
last-modified: Wed, 08 Mar 2023 17:41:28 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"4546-186c2504f11"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9f91915e-FRA

GET
H2 200 illustrations-of-colon.jpg
images.medicinenet.com/images/mobile/hp_promo/ 13 KB
13 KB 49ms
39ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/mobile/hp_promo/illustrations-of-colon.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e75c5652ee5ee83f993b17d4ad990aa37a50575d0ba260a40ccf8e34b5bb31ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6223690
x-powered-by: Express
content-length: 13480
last-modified: Wed, 08 Mar 2023 17:41:20 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"34a8-186c2503011"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9f92915e-FRA

GET
H2 200 cauliflower-ear-illustration.jpg
images.medicinenet.com/images/mobile/hp_promo/ 18 KB
18 KB 54ms
44ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/mobile/hp_promo/cauliflower-ear-illustration.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f4899baa0741b74ef6b0fd1e19fa100bc7fb49289accf6ddd866a791d635b43a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6223689
x-powered-by: Express
content-length: 18498
last-modified: Wed, 08 Mar 2023 17:41:20 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"4842-186c2503048"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9f93915e-FRA

GET
H2 200 featured-what-is-the-normal-cycle-for-menstruation.jpg
images.medicinenet.com/images/forum/ 2 KB
2 KB 38ms
28ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/forum/featured-what-is-the-normal-cycle-for-menstruation.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0efe9841dac8a9864773d65f66b597f22a55ef389cca35d7427e6186abacd17c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6223689
x-powered-by: Express
content-length: 1976
last-modified: Wed, 08 Mar 2023 17:41:24 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"7b8-186c2504177"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9f95915e-FRA

GET
H2 200 featured-medical-abbreviations.jpg
images.medicinenet.com/images/forum/ 2 KB
2 KB 39ms
30ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/forum/featured-medical-abbreviations.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 30eff3eabb5d4516b8618df09600e3e50eb80f63d85ea99ee4e0264cc35c70e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6224419
x-powered-by: Express
content-length: 2020
last-modified: Wed, 08 Mar 2023 17:41:32 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"7e4-186c2505e32"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9f96915e-FRA

GET
H2 200 thumb-heat-rash.jpg
images.medicinenet.com/images/forum/ 2 KB
2 KB 37ms
27ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/forum/thumb-heat-rash.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 582b621e5e5f364cb5f47882ee5d6b41e109b2f58aaadbd0ff377d1f2a75c1f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 3284012
x-powered-by: Express
content-length: 1660
last-modified: Wed, 08 Mar 2023 17:42:58 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"67c-186c251ae85"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9f97915e-FRA

GET
H2 200 featured-liver-blood-tests.jpg
images.medicinenet.com/images/forum/ 1 KB
1 KB 43ms
33ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/forum/featured-liver-blood-tests.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 005971eef42ed18ced28da5f6927c8ad54afff2db0b7f466f60967ba5b7c7b7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6223690
x-powered-by: Express
content-length: 1396
last-modified: Wed, 08 Mar 2023 17:41:28 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"574-186c25050e6"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9f98915e-FRA

GET
H2 200 featured-painful-ovulation.jpg
images.medicinenet.com/images/forum/ 2 KB
2 KB 47ms
38ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/forum/featured-painful-ovulation.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 55d6f6c68f6364e3777349d5b9ba0b4f6a402121b5e9e5cc95c6b498cece57d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6223690
x-powered-by: Express
content-length: 1696
last-modified: Wed, 08 Mar 2023 17:41:32 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"6a0-186c2505e0d"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9f99915e-FRA

GET
H2 200 featured-pregnancy-round-ligament-pain.jpg
images.medicinenet.com/images/forum/ 2 KB
2 KB 47ms
38ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/forum/featured-pregnancy-round-ligament-pain.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 25ba951aee774d9eb8a743eed9f6f49e8d53c4d3e535730834c3e4488c3adeeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6224421
x-powered-by: Express
content-length: 1650
last-modified: Wed, 08 Mar 2023 17:41:32 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"672-186c2505e4c"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9f9c915e-FRA

GET
H2 200 featured-stool-color-changes.jpg
images.medicinenet.com/images/forum/ 2 KB
2 KB 39ms
30ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/forum/featured-stool-color-changes.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8c4f0f13dbcfc18b510da50f898782fa7c51c319c8a730efc62f23933dc47c39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6174062
x-powered-by: Express
content-length: 2194
last-modified: Wed, 08 Mar 2023 17:41:24 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"892-186c2503dc0"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9f9e915e-FRA

GET
H2 200 featured-how-long-does-an-allergic-reaction-last.jpg
images.medicinenet.com/images/forum/ 2 KB
2 KB 46ms
37ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/forum/featured-how-long-does-an-allergic-reaction-last.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b6fcf1185bec4759bd8ba9d65640e7959419a313689609647a56c57fdc6dda2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 2522312
x-powered-by: Express
content-length: 1720
last-modified: Wed, 08 Mar 2023 17:42:25 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"6b8-186c2512bed"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9f9f915e-FRA

GET
H2 200 featured-hemoglobin.jpg
images.medicinenet.com/images/forum/ 2 KB
2 KB 40ms
31ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/forum/featured-hemoglobin.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1e35a35135b7da45668f65e5c07d7a0a2ad304de273108620a6734666a10954b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 2461254
x-powered-by: Express
content-length: 2234
last-modified: Wed, 08 Mar 2023 17:41:32 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"8ba-186c2505e1c"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9fa2915e-FRA

GET
H2 200 featured-nasal-reconstruction-surgery-nose-patient-surgeon-operation.jpg
images.medicinenet.com/images/forum/ 2 KB
2 KB 41ms
34ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/forum/featured-nasal-reconstruction-surgery-nose-patient-surgeon-operation.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 46feb8c74326b4a196a1bfd7275019266f432cbf74bdd87218ecb2c7a860b41d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 10219
x-powered-by: Express
content-length: 2306
last-modified: Wed, 08 Mar 2023 18:21:41 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"902-186c2752282"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9fa3915e-FRA

GET
H2 200 nl-promo-be-healthy-2.jpg
images.medicinenet.com/images/mobile/hp_promo/ 10 KB
10 KB 44ms
37ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/mobile/hp_promo/nl-promo-be-healthy-2.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4b2e3b178f96530a451d784d5fb7176397fdef2dcc424815268bbd42cb394a34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6223689
x-powered-by: Express
content-length: 10122
last-modified: Wed, 08 Mar 2023 17:41:32 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"278a-186c2505e10"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9fa5915e-FRA

GET
H2 200 featured-why-are-whole-grains-better.jpg
images.medicinenet.com/images/forum/ 3 KB
3 KB 39ms
32ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/forum/featured-why-are-whole-grains-better.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7cfe45b2a3110bafb254c16ad4b79aa39bd74a1a024f6d4e8352419d1190ea66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 224490
x-powered-by: Express
content-length: 3106
last-modified: Wed, 08 Mar 2023 17:41:25 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"c22-186c2504227"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9fa6915e-FRA

GET
H2 200 featured-how-long-does-it-take-to-die-if-you-dont-eat.jpg
images.medicinenet.com/images/forum/ 1 KB
1 KB 40ms
32ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/forum/featured-how-long-does-it-take-to-die-if-you-dont-eat.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ccc39d220a4815928117c745db1499b2d9ab191bc39e03356c7c4ed472f5e151

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6223689
x-powered-by: Express
content-length: 1030
last-modified: Wed, 08 Mar 2023 17:41:32 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"406-186c2505e22"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9fa7915e-FRA

GET
H2 200 featured-are-pistachios-good-for-you.jpg
images.medicinenet.com/images/forum/ 2 KB
2 KB 46ms
39ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/forum/featured-are-pistachios-good-for-you.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c2278c66d4501d2970da61dbe466d04f7c627dcd2e94e56ca1ec866e2edad0a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6223690
x-powered-by: Express
content-length: 1676
last-modified: Sat, 11 Mar 2023 14:55:23 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"68c-186d12b566f"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9fa8915e-FRA

GET
H2 200 featured-what-causes-gnats-to-be-in-your-house.jpg
images.medicinenet.com/images/forum/ 848 B
1 KB 39ms
32ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/forum/featured-what-causes-gnats-to-be-in-your-house.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1fbf6fa3fff96218a1a50d01ccc888baa775359cae22ffe4f0550215f2368a49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 4134349
x-powered-by: Express
content-length: 848
last-modified: Wed, 08 Mar 2023 17:50:08 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"350-186c2583d11"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9faa915e-FRA

GET
H2 200 featured-what-is-a-good-heart-rate-for-my-age.jpg
images.medicinenet.com/images/forum/ 1 KB
2 KB 43ms
36ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/forum/featured-what-is-a-good-heart-rate-for-my-age.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b0c8c93588f3261264dda9471d418f14f77de20d7f0a0adc7465916e56481317

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 1131777
x-powered-by: Express
content-length: 1428
last-modified: Wed, 08 Mar 2023 20:07:44 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"594-186c2d6374a"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9fab915e-FRA

GET
H2 200 featured-fruit-scale-weight-loss-eating-healthy-diet.jpg
images.medicinenet.com/images/forum/ 2 KB
2 KB 44ms
37ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/forum/featured-fruit-scale-weight-loss-eating-healthy-diet.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4c4b3335fec06249cb897dfc4f94356e75cc67cb700b3520b06c8964147172ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 3378276
x-powered-by: Express
content-length: 1738
last-modified: Thu, 09 Mar 2023 16:51:28 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"6ca-186c748e300"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9fac915e-FRA

GET
H2 200 logo_webmd.gif
images.medicinenet.com/images/promo/ 660 B
821 B 48ms
41ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/promo/logo_webmd.gif
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b1fe7c6577bff6d5383b75cf97f955f55abfb1010e199cc162fdf910142f2932

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6224581
cf-polished: origFmt=gif, origSize=1778
x-powered-by: Express
content-disposition: inline; filename="logo_webmd.webp"
content-length: 660
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Mar 2023 17:41:12 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"6f2-186c2501253"
vary: Accept
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9fad915e-FRA

GET
H2 200 logo_rxlist.gif
images.medicinenet.com/images/promo/ 856 B
989 B 51ms
45ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/promo/logo_rxlist.gif
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 811cc1d369041d0ee6972afba4dd7cad4235d94e77df5c0f6adb5a3418ebbfe0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6223689
cf-polished: origFmt=gif, origSize=2135
x-powered-by: Express
content-disposition: inline; filename="logo_rxlist.webp"
content-length: 856
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Mar 2023 17:41:32 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"857-186c2505e37"
vary: Accept
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9faf915e-FRA

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=16AD4362526701720A490D45%40AdobeOrg&d_nsid=0&ts=1690670547701
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=16AD4362526701720A490D45%40AdobeOrg&d_nsid=0&ts=1690670547701

2 KB
2 KB

33ms
33ms

XHR
application/json

52.30.115.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=16AD4362526701720A490D45%40AdobeOrg&d_nsid=0&ts=1690670547701

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

HTTP/1.1

Server

52.30.115.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-115-249.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d55691c63c3babafb37b6eefc591ee84a146c0b0000d73d1b6b6c47eff62f4e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-0430d195e.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: XGYlDd9PS38=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://mtnvpn.manteghi.sbs
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 797
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v050-08a0e97dd.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 2hLYsw12RFc=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://mtnvpn.manteghi.sbs
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=16AD4362526701720A490D45%40AdobeOrg&d_nsid=0&ts=1690670547701
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 webmd-dynamic-links.min.js Show response
img.lb.wbmdstatic.com/webmd_static_vue/file-explorer/webmd/js/ 8 KB
4 KB 158ms
118ms Script
text/plain 2606:4700::6812:1892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lb.wbmdstatic.com/webmd_static_vue/file-explorer/webmd/js/webmd-dynamic-links.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2c8c1e17b98c/bd8b7ed95b8d/launch-a2e2197ecad5.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1892 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7888cbddb95b3cf089fcfb259c7403ec662ecaad6aed2f72f9c803f6181f079a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
content-encoding: gzip
x-redis: redis_server_1
x-skipcache-by-query: 0
cf-cache-status: DYNAMIC
x-cache-key: img.wbmdstatic.com/webmd_static_vue/file-explorer/webmd/js/webmd-dynamic-links.min.js
x-cache-2: BYPASS
x-powered-by: Express
x-cache: HIT
file-cache-time: 7/24/2023, 11:29:38 AM
server: cloudflare
x-served-by-system: Platform-Nginx-Caching
x-datacenter: MA1
vary: Accept-Encoding
access-control-allow-methods: GET,POST,DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cf-ray: 7ee8e00bc9db9944-FRA
access-control-allow-headers: authorization, content-type, user, name
x-skipcache: 0

GET
H2 200 mmtrack.js Show response
img.lb.wbmdstatic.com/webmd_static_vue/file-explorer/webmd/js/ 2 KB
1 KB 157ms
117ms Script
text/plain 2606:4700::6812:1892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lb.wbmdstatic.com/webmd_static_vue/file-explorer/webmd/js/mmtrack.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2c8c1e17b98c/bd8b7ed95b8d/launch-a2e2197ecad5.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1892 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f6a16c707fbb94cb34911a5c5d4d40218b6dcf3f01961015807c8badd955b2cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
content-encoding: gzip
x-redis: redis_server_1
x-skipcache-by-query: 0
cf-cache-status: DYNAMIC
x-cache-key: img.wbmdstatic.com/webmd_static_vue/file-explorer/webmd/js/mmtrack.js
x-cache-2: BYPASS
x-powered-by: Express
x-cache: HIT
file-cache-time: 7/24/2023, 11:29:38 AM
content-length: 759
server: cloudflare
x-served-by-system: Platform-Nginx-Caching
x-datacenter: MA1
vary: Accept-Encoding
access-control-allow-methods: GET,POST,DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cf-ray: 7ee8e00bc9de9944-FRA
access-control-allow-headers: authorization, content-type, user, name
x-skipcache: 0

GET
H2 200 newsletter-signuproadblock.asp Show response
www.medicinenet.com/script/main/ Frame B33E 6 KB
2 KB 420ms
405ms Document
text/html 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicinenet.com/script/main/newsletter-signuproadblock.asp
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61bf9e19a328424ee2d5a2124881867766fae13cdc2822336d87525822ec9349

Request headers

Referer: https://mtnvpn.manteghi.sbs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7ee8e00b9fb5915e-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 29 Jul 2023 22:42:28 GMT
server: cloudflare
vary
x-aspnet-version: 4.0.30319
x-server-id: www03-web.mdc.ma1.webmd.com

GET
H2 200 rgb_tag_registered.png
images.medicinenet.com/images/footer/badges/ 2 KB
2 KB 38ms
33ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/footer/badges/rgb_tag_registered.png
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d3a635b296f84799cec206de15131424144bbd21ae9257ec0d72c7670c201079

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 6224901
x-powered-by: Express
content-length: 1946
last-modified: Wed, 08 Mar 2023 17:41:13 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"79a-186c2501321"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9fb1915e-FRA

GET
H/1.1 200
OK seal
privacy-policy.truste.com/privacy-seal/ 14 KB
16 KB 53ms
18ms Image
image/svg+xml 52.222.174.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://privacy-policy.truste.com/privacy-seal/seal?rid=07326333-3522-463d-81bf-f00fd7171fff

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.174.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-174-20.cdg50.r.cloudfront.net

Software

TXS /

Resource Hash

4b8271a7147141530b4450016f74d728419e6cea808360acdf2c25ce1ab6cf96

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; frame-ancestors https://.trustarc.com https://.truste.com ; upgrade-insecure-requests; block-all-mixed-content;, default-src 'self' 'unsafe-eval' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net; font-src 'self' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net; style-src 'self' 'unsafe-inline' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net; img-src 'self' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net https://trustarc.com; frame-src 'self' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net; connect-src 'self' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains; preload
Content-Security-Policy: object-src 'none'; frame-ancestors https://*.trustarc.com https://*.truste.com ; upgrade-insecure-requests; block-all-mixed-content;, default-src 'self' 'unsafe-eval' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; font-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; style-src 'self' 'unsafe-inline' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; img-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net https://trustarc.com; frame-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; connect-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; upgrade-insecure-requests; block-all-mixed-content;
x-content-type-options: nosniff, nosniff, nosniff
Date: Sat, 29 Jul 2023 02:26:17 GMT
Via: 1.1 ee4db0d243ceb0d1993e5f46ad6c0f00.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P2
Cross-Origin-Embedder-Policy: unsafe-none, unsafe-none
Age: 73029
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin, cross-origin
Connection: keep-alive
Content-Length: 14237
X-Xss-Protection: 1; mode=block, 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
Server: TXS
Cross-Origin-Opener-Policy: cross-origin, cross-origin
ETag: W/"14237-1594834154000"
Expect-CT: enforce, max-age=60, enforce, max-age=60
X-Frame-Options: SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Content-Type: image/svg+xml
Cache-Control: no-cache, must-revalidate, no-cache, no-store
Access-Control-Allow-Credentials: true
Permissions-Policy: autoplay=(self), document-domain=(self), encrypted-media=(self), autoplay=(self), document-domain=(self), encrypted-media=(self)
Accept-Ranges: bytes
X-Amz-Cf-Id: tKpq1R-7wSp-3p1JJ7b7UjNvg4sgF3J7bywhg94XftRR6ucUaGz2zw==

GET
H2 200 get
choices.truste.com/ 901 B
1 KB 24ms
17ms Image
image/png 13.225.34.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.truste.com/get?name=admarker2.png
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.34.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-34-75.cdg3.r.cloudfront.net
Software: nginx /
Resource Hash: a10ea5e3f0a6324532c6ae655b245a5ddecfb09a8950bac9d3504a7cbc6c616e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: public
date: Fri, 07 Jul 2023 21:44:28 GMT
via: 1.1 d62d0235c86cff9cbc14eb8c55f7a9fa.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: CDG3-C2
age: 1904279
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 901
x-amz-cf-id: TGbLI250AHtED89zXYLkuM6pUcpky3JzaNUB0pnfIBSKks0oRU0dQA==
expires: Sun, 06 Aug 2023 21:44:28 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 144ms
85ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: img.webmd.com
URL: https://img.webmd.com/dtmcms/live/webmd/PageBuilder_Assets/JS_static/api/oo_shim_body.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b34ad8dba5186a072afd2e7e2c898cf4e01ca24c40331943d9fcbb23e7d4310f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27630
x-xss-protection: 0
server: cafe
etag: 560 / 19567 / m202307250102 / config-hash: 5693953215715342715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 22:42:27 GMT

GET
H2 200 bidexchange.js Show response
hbx.media.net/ 700 KB
194 KB 804ms
760ms Script
text/javascript 2.18.160.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=mtnvpn.manteghi.sbs

Requested by

Host: img.webmd.com
URL: https://img.webmd.com/dtmcms/live/webmd/PageBuilder_Assets/JS_static/api/oo_shim_body.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.160.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-160-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ebd7057ce1f9b819fdbaee265dd4c57ce07631bbb8ad033a1ef7addbe0eb2751

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
content-encoding: gzip
date: Sat, 29 Jul 2023 22:42:28 GMT
server: Apache
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
timing-allow-origin: *
link: <https://hb-pb.media.net>;rel=preconnect,<https://hbx.media.net/__media__/js/ucreative.js?cv=1>;rel=prefetch;as=script
expires: Sat, 29 Jul 2023 23:12:28 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 246 KB
60 KB 33ms
9ms Script
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: img.webmd.com
URL: https://img.webmd.com/dtmcms/live/webmd/PageBuilder_Assets/JS_static/api/oo_shim_body.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:12:04 GMT
content-encoding: gzip
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront), 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 19:49:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1, FRA56-P3
age: 1824
x-amz-server-side-encryption: AES256
etag: W/"a7247ead77dd201b1e56acf0e565194b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: z_VqN2TAFjiOOXdm6BFdxbR52fJRrXmI4CCpc6LiAZUx7bZdgt1r-A==

GET
H2 200 1atopbannerside.gif
images.medicinenet.com/images/ads/ 104 B
313 B 35ms
35ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/ads/1atopbannerside.gif
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e15a157a9f76839353d5f68431ff2ade849e9a2fd2d937af0365aa2ab17dcac7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 1270634
cf-polished: origFmt=gif, origSize=137
x-powered-by: Express
content-disposition: inline; filename="1atopbannerside.webp"
content-length: 104
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Mar 2023 17:41:15 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"89-186c2501d6f"
vary: Accept
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9fb2915e-FRA

GET
H2 200 rightad_toptransparent.gif
images.medicinenet.com/images/ads/ 112 B
263 B 36ms
36ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/ads/rightad_toptransparent.gif
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3886be348a4dcaf2d46fedd1d8deca9586443b7d8ed374fc83bdbccc0e4e7f0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: HIT
age: 1906037
cf-polished: origFmt=gif, origSize=142
x-powered-by: Express
content-disposition: inline; filename="rightad_toptransparent.webp"
content-length: 112
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Mar 2023 17:41:13 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"8e-186c25015c7"
vary: Accept
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00b9fb4915e-FRA

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5a7f29693c6cca8733ff471a1ef2ffccb2e8529ffbf29b208f1512a77c4658a

Request headers

Referer
Origin: https://mtnvpn.manteghi.sbs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
80 KB 54ms
25ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4ZNGPR9ZQ0&l=dataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2c8c1e17b98c/bd8b7ed95b8d/launch-a2e2197ecad5.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

48436ef8e276651889c3bb1e25e6b28e8810c97ca36a922d5421c4d5e8a12336

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81883
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 29 Jul 2023 22:42:27 GMT

GET
H2 200 web-vitals.attribution.iife.js Show response
unpkg.com/web-vitals@3.0.0/dist/ 10 KB
4 KB 54ms
23ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.0.0/dist/web-vitals.attribution.iife.js

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9344b6a4db3db16dee581361244125a03a353c2ed0f5f701d83dc2be552d07c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 18885740
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GMZ27D9T7YKEJCMYPVBFF0XR-fra
server: cloudflare
etag: W/"2647-N1l5oKJqaDLvxL3cO+UxlArzaXc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ee8e00c68712bd2-FRA

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/6035829/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

10ms
10ms

Script
application/javascript

13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 01:27:03 GMT
content-encoding: gzip
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:00:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 76525
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 3PQAAoKjQhxn713dHvC5vR5zPwNEKJNC3CBb10ovzbPO-EnEhWBibQ==

Redirect headers

date: Sat, 29 Jul 2023 22:42:27 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: VmFFZD0L3atSTlUfI5mQibNtsJ1qdrjCEud6P8XA2lY18JCBGqKl3A==

GET
H2 200 mednet-1x1.gif
bi.medscape.com/pi/global/ 43 B
383 B 70ms
28ms Image
image/gif 104.18.22.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bi.medscape.com/pi/global/mednet-1x1.gif?1690670547869
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.22.143 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 872ffa9dc91dfe681b9be82cbb41cbcdc0985e77ab27e1583e38d84e1543cb74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 03 Dec 2007 05:24:17 GMT
server: cloudflare
content-type: image/gif
x-server-id: img02-web.prf.ma1.medscape.com
cache-control: max-age=354
accept-ranges: bytes
x-robots-tag: noindex
timing-allow-origin: *
content-length: 43
cf-ray: 7ee8e00cac082c36-FRA
expires: Sat, 29 Jul 2023 22:48:21 GMT

POST
H2 204 /
vtrk.doubleverify.com/ 0
186 B 127ms
30ms Ping
text/plain 54.154.176.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vtrk.doubleverify.com/?t=event&ec=page&ea=load-pq&v=1&ctx=17778638&cmp=DV587414&cid=cf3f7c05-3b9f-43cb-9804-53a827568a29&z=343862839758&cd105=mode&cd160=2d76d2a7-8eec-445b-a700-37c6fe2bdcbe&cd161=https%3A%2F%2Fmtnvpn.manteghi.sbs&cd50=upt&cd51=f93b7a7&cd180=network&cm180=218&cm181=30&cm182=9&cm183=14&cm184=23&cm185=1&cm186=317
Requested by: Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.176.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-176-164.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: https://mtnvpn.manteghi.sbs
date: Sat, 29 Jul 2023 22:42:28 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
406 B 41ms
9ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

2ef2ece21f475de6f5c37d46d65f0728c72178eb9077103cd6b390c462c70d7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://mtnvpn.manteghi.sbs/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mtnvpn.manteghi.sbs
date: Sat, 29 Jul 2023 22:42:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
2 KB 106ms
106ms XHR
application/json 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3100&u=https%3A%2F%2Fmtnvpn.manteghi.sbs
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: Server /
Resource Hash: becccc232a2bd5a36e1022f333de7fc8465316f8c9134642798d6b158454c376

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:27 GMT
via: 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1693
x-amz-cf-id: CBmir_dEkMMx8zGDMJVO8EkezoOLNVmGEvaARO7rDUq0fnVjzUwSAw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 423ms
404ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:29 GMT
x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: sqIYF9tioos4B2JU2slJ69ByLWGz5sAnf3MPTke2BwfPaSDeAggBMg==

GET
H/1.1 200
OK dest5.html Show response
webmd.demdex.net/ Frame C81B 7 KB
3 KB 143ms
33ms Document
text/html 52.208.156.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://webmd.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2c8c1e17b98c/bd8b7ed95b8d/launch-a2e2197ecad5.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.156.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-156-123.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mtnvpn.manteghi.sbs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v050-0885b218e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: pgDIqc8VSf0=
content-encoding: gzip
date: Sat, 29 Jul 2023 22:42:28 GMT
last-modified: Wed, 28 Jun 2023 13:20:51 GMT
vary: accept-encoding

GET
H2 200 id Show response
ssl.o.webmd.com/ 48 B
460 B 93ms
22ms XHR
application/x-javascript 63.140.62.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.o.webmd.com/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=16AD4362526701720A490D45%40AdobeOrg&mid=09869703143843397293767126905032297189&ts=1690670547995

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2c8c1e17b98c/bd8b7ed95b8d/launch-a2e2197ecad5.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.160 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-160.data.adobedc.net

Software

jag /

Resource Hash

fd21f396e11106e7b61c60b9447f0d121e25fbb9c4dbf8a432ddd38d1e0f00ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mtnvpn.manteghi.sbs/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 29 Jul 2023 22:42:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://mtnvpn.manteghi.sbs
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2 200 RC32b09426c6964fb59d19af517106cbf5-source.min.js Show response
assets.adobedtm.com/2c8c1e17b98c/bd8b7ed95b8d/ec6a8d352e72/ 1 KB
937 B 8ms
7ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2c8c1e17b98c/bd8b7ed95b8d/ec6a8d352e72/RC32b09426c6964fb59d19af517106cbf5-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2c8c1e17b98c/bd8b7ed95b8d/launch-a2e2197ecad5.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 779d40dc27c6bca2c1a47e7f6f840c833826c5c5ee068353e0243848c800dcea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: gzip
last-modified: Mon, 03 Jul 2023 15:00:00 GMT
server: AkamaiNetStorage
etag: "13a4d9182c0ea4302a533cbf8071ea18:1688396400.517926"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 678
expires: Sat, 29 Jul 2023 23:42:28 GMT

GET
H2 200 RCdf593dce79f64e0c99d329b6fa51d8bb-source.min.js Show response
assets.adobedtm.com/2c8c1e17b98c/bd8b7ed95b8d/ec6a8d352e72/ 2 KB
1 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2c8c1e17b98c/bd8b7ed95b8d/ec6a8d352e72/RCdf593dce79f64e0c99d329b6fa51d8bb-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2c8c1e17b98c/bd8b7ed95b8d/launch-a2e2197ecad5.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bda5fa0768264ad5e05a326ebbffc8fb23e9ea9848ae089b5910eeecf50e95ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: gzip
last-modified: Mon, 03 Jul 2023 15:00:00 GMT
server: AkamaiNetStorage
etag: "13a4d9182c0ea4302a533cbf8071ea18:1688396400.517926"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 893
expires: Sat, 29 Jul 2023 23:42:28 GMT

GET
H2 200 isvisitoreu Show response
mtnvpn.manteghi.sbs/api/visitorcountry/visitorcountry.svc/ 5 B
250 B 295ms
294ms XHR
application/json 45.61.128.84
-Reserved AS-

General

Check archive.org

Show headers Download Go to

Full URL: https://mtnvpn.manteghi.sbs/api/visitorcountry/visitorcountry.svc/isvisitoreu
Requested by: Host: img.webmd.com
URL: https://img.webmd.com/dtmcms/live/webmd/PageBuilder_Assets/JS_static/api/oo_shim_head.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.128.84 Las Vegas, United States, ASN14956 (-Reserved AS-, US),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Accept: */*
Referer: https://mtnvpn.manteghi.sbs/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
cf-cache-status: DYNAMIC
server: nginx/1.24.0
vary
content-type: application/json; charset=utf-8
x-server-id: apic03-web.con.ma1.webmd.com
cache-control: max-age=0, no-cache
cf-ray: 7ee8e00daa4ca6eb-PHX
content-length: 5
cdn-name: Akamai
expires: Sat, 29 Jul 2023 22:42:28 GMT

GET
H2 200 skin-psoriasis-disease-slideshow.jpg
images.medicinenet.com/images/mobile/hp_promo/ 19 KB
19 KB 22ms
21ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/mobile/hp_promo/skin-psoriasis-disease-slideshow.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: cf03674a093c48b9f0e737be741f9cda1b286a22efeb97d56521cd4996c8ac39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:28 GMT
cf-cache-status: HIT
age: 6223691
x-powered-by: Express
content-length: 19674
last-modified: Wed, 08 Mar 2023 17:41:20 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"4cda-186c2502f15"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00d4949915e-FRA

GET
H2 200 ulcerative-colitis-5.jpg
images.medicinenet.com/images/mobile/hp_promo/ 21 KB
21 KB 20ms
20ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/mobile/hp_promo/ulcerative-colitis-5.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 536b9452a4231f59ddd75c8112631ab37278926aaf6283c3f2124cf5598e3364

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:28 GMT
cf-cache-status: HIT
age: 6224422
x-powered-by: Express
content-length: 21478
last-modified: Wed, 08 Mar 2023 17:41:20 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"53e6-186c2502f6c"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00d494b915e-FRA

GET
H2 200 kidney-disease-quiz.jpg
images.medicinenet.com/images/mobile/hp_promo/ 17 KB
17 KB 21ms
21ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/mobile/hp_promo/kidney-disease-quiz.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 040c18c351dd90463882fc9bd555c07cc7927e009cda2f0ee1ee5449fc8bc431

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:28 GMT
cf-cache-status: HIT
age: 6223691
x-powered-by: Express
content-length: 17734
last-modified: Wed, 08 Mar 2023 17:41:28 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"4546-186c2504f11"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00d494c915e-FRA

GET
H2 200 illustrations-of-colon.jpg
images.medicinenet.com/images/mobile/hp_promo/ 13 KB
13 KB 24ms
24ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/mobile/hp_promo/illustrations-of-colon.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e75c5652ee5ee83f993b17d4ad990aa37a50575d0ba260a40ccf8e34b5bb31ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:28 GMT
cf-cache-status: HIT
age: 6223691
x-powered-by: Express
content-length: 13480
last-modified: Wed, 08 Mar 2023 17:41:20 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"34a8-186c2503011"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00d494d915e-FRA

GET
H2 200 cauliflower-ear-illustration.jpg
images.medicinenet.com/images/mobile/hp_promo/ 18 KB
18 KB 25ms
25ms Image
image/webp 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.medicinenet.com/images/mobile/hp_promo/cauliflower-ear-illustration.jpg
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f4899baa0741b74ef6b0fd1e19fa100bc7fb49289accf6ddd866a791d635b43a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:28 GMT
cf-cache-status: HIT
age: 6223690
x-powered-by: Express
content-length: 18498
last-modified: Wed, 08 Mar 2023 17:41:20 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"4842-186c2503048"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=0
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7ee8e00d494e915e-FRA

GET
H2 200 events Show response
tag.tapad.com/accounts/39/tags/q9MvkfP/ Frame 52A3 95 B
239 B 63ms
18ms Document
image/png 35.186.225.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.tapad.com/accounts/39/tags/q9MvkfP/events?partner_url=https%3A%2F%2Fimg.webmd.com%2Fpixel%2Faiq.b.1.html%3Ftid%3D%24%7BTA_DEVICE_ID%7D&response_type=pixel

Requested by

Host: img.webmd.com
URL: https://img.webmd.com/dtmcms/live/webmd/PageBuilder_Assets/JS_static/api/oo_shim_head.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.225.155 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

155.225.186.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://mtnvpn.manteghi.sbs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-length: 95
content-type: image/png
date: Sat, 29 Jul 2023 22:42:28 GMT
strict-transport-security: max-age=31536000
via: 1.1 google

POST
H/1.1 200 787.json Show response
id5-sync.com/g/v2/ 241 B
654 B 49ms
18ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/787.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

1524b0cce77260957bf738c24ca7f7936fb3e4e79e61cf12555a5166c693931f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://mtnvpn.manteghi.sbs/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mtnvpn.manteghi.sbs
date: Sat, 29 Jul 2023 22:42:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H/1.1 200
OK Test_oPS_Script_Loads Show response
sqs.us-east-1.amazonaws.com/397719490216/ 378 B
682 B 334ms
101ms XHR
text/xml 3.236.169.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D25%26bt%3Dnull
Requested by: Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=25
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.236.169.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-236-169-45.compute-1.amazonaws.com
Software: /
Resource Hash: 9e4aaa6453e6afc534f8302beaa6bb6ded43e779df73794cd9524ef2b86141b1

Request headers

Referer: https://mtnvpn.manteghi.sbs/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date: Sat, 29 Jul 2023 22:42:28 GMT
connection: keep-alive
x-amzn-RequestId: 33e969ff-069c-5a93-aedf-34c09e884daf
Content-Length: 378
Content-Type: text/xml

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 65ms
9ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Sat, 29 Jul 2023 22:57:28 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 38 KB
12 KB 36ms
8ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 02:25:57 GMT
content-encoding: gzip
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 72992
x-amz-server-side-encryption: AES256
etag: W/"560498a44e7d42477433425cdafd6a16"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 6qlAQCekNXKpEhrgypEPYohiL4izxuqBx99OHijexuzZSkrbO1V7Vg==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 101 KB
24 KB 22ms
22ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: CKA0ZCF0A097N9V7
age: 287
etag: W/"bb626f116ff54963039a9ea05c53620b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7ee8e00dadf1929f-FRA
x-amz-id-2: 8OWh/gfEttrL8VeqgXYaL/1RvxrjkBwg9Yv/+rx1t+fWUU1tyHMwT4SgRYkMrsqazilVzzKNUMoWV5KFP7gy8Q==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 43ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4ZNGPR9ZQ0&gtm=45je37q0&_p=1811736487&cid=17985928.1690670548&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&uid=&sid=1690670548&sct=1&seg=0&dl=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&dt=MedicineNet%20-%20Health%20and%20Medical%20Information%20Produced%20by%20Doctors&en=FCP&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=&ep.anonymize_ip=false&ep.channel_health=medicinenet&ep.effective_connection_type=4g&ep.page_type=nav%20-%20home%20page&epn.value=1112.5&ep.metric_id=v3-1690670548080-5512790268125&epn.metric_value=1112.5&epn.metric_delta=1112.5&ep.metric_rating=good&ep.debug_target=&ep.debug_event=&ep.debug_timing=loading&ep.event_time=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4ZNGPR9ZQ0&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s34737433998861 Show response
ssl.o.webmd.com/b/ss/webmdp1global/10/JS-2.15.0/ 2 KB
3 KB 44ms
43ms Script
application/x-javascript 63.140.62.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.o.webmd.com/b/ss/webmdp1global/10/JS-2.15.0/s34737433998861?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=29%2F6%2F2023%2022%3A42%3A28%206%200&d.&nsid=0&jsonv=1&.d&mid=09869703143843397293767126905032297189&aamlh=6&ce=ISO-8859-1&ns=webmd&cdp=2&pageName=medicinenet.com%2F&g=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&c.&wb.&vapi=visitorapi%20present&plt=1&metakywrd=medical%20information%2C%20symptoms%20and%20signs%2C%20disease%2C%20medical%20dictionary%2C%20drug%20information%2C%20prescription%20medications%20and%20drug%20side%20effects%2C%20food%20and%20drug%20interactions%2C%20diseases%20and%20conditions%2C%20procedures%20and%20tests%2C%20health%20information%2C%20medical%20definitions%20and%20terms%2C%20womens%20health%2C%20mens%20health%2C%20senior%20health&titletag=medicinenet%20-%20health%20and%20medical%20information%20produced%20by%20doctors&gdprauth=yes&.wb&.c&cc=USD&server=mnla6-net%7Coocommon%7C20220204&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c3=medicinenet&c4=1728&c6=nav%20-%20home%20page&c7=default&c9=1&c24=169067054763588869&c35=nav%20-%20home%20page&c36=mhome&c38=medicinenet&c48=mbl-no&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=16AD4362526701720A490D45%40AdobeOrg&AQE=1

Requested by

Host: img.webmd.com
URL: https://img.webmd.com/bi_common/bi_oocommon.js?d=07/29/2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.160 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-160.data.adobedc.net

Software

jag /

Resource Hash

ac6c61aa3ae3267a74098dadccaa07708549547d62b0cffafcd996a56b8d0234

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-aam-tid: YyDXAQnDSSM=
date: Sat, 29 Jul 2023 22:42:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 2465
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-2-v050-09ffa1c7c.edge-irl1.demdex.com 4 ms
pragma: no-cache
last-modified: Sun, 30 Jul 2023 22:42:28 GMT
server: jag
etag: 3630687356363603968-4619742876258184204
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Fri, 28 Jul 2023 22:42:28 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 11ms
10ms Image
text/plain 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035829&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1690670548134&ns_c=UTF-8&c7=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&c8=MedicineNet%20-%20Health%20and%20Medical%20Information%20Produced%20by%20Doctors&c9=
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:28 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: HACjXAcpmLX3NNsQ-Q07TDjlkUNzy2bytDQ16-DKGlt4r7XbRJhVZw==
x-cache: Miss from cloudfront

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/ 386 KB
123 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2110
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125535
x-xss-protection: 0
server: cafe
etag: 10403599952857238940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 28 Jul 2024 22:07:18 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 41 B
68 B 59ms
41ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mtnvpn.manteghi.sbs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2edebe379a16a0a46f38b1eeb32b586a1815e8c84dd5b5a62406f6f9491f472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44
x-xss-protection: 0
expires: Sat, 29 Jul 2023 22:42:28 GMT

GET
H2 200 tracker.min.js Show response
ibclick.stream/assets/js/track/dist/js/v1/ 88 KB
29 KB 317ms
182ms Script
application/javascript 2606:4700:e4::ac40:a60e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ibclick.stream/assets/js/track/dist/js/v1/tracker.min.js
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a60e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c43985be26e000897fe43ffcfea945dfa23d744be4bae8e25c7fb8886b7c80f

Request headers

Referer: https://mtnvpn.manteghi.sbs/
Origin: https://mtnvpn.manteghi.sbs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="This site does not have a p3p policy."
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Wed, 06 Jan 2021 04:59:32 GMT
server: cloudflare
etag: W/"161f4-5b83430515500"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUteFxXm9iwVtv3ez5wu4ss1oDJPjYDWqc4af2v31dIFSyLnLGykQIWlghdXVDwV91IEUpM8HK6yFDnJMYNMftCN6NMnR%2Fb94f%2FrtXgl6AQkr8jZRhTdrm%2Bv7CVbsX3%2BT5kB2gS7a%2BEgLsVNmw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600, must-revalidate
cf-ray: 7ee8e00ee8e23600-FRA

GET
H2 200 cp Show response
bh.contextweb.com/ 23 KB
24 KB 149ms
16ms Script
text/plain 208.93.169.131
WEBMD-IDC1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bh.contextweb.com/cp?p=5509&pageurl=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&did=09869703143843397293767126905032297189&auth_channel=null&epid=null&topicid=undefined&he2=null&Referrer=

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

0d1ddb3debd31758b3e28d6189217bd3b486dec94c91226a5efc3c8d29cc20f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
etag: d9fc195fa8be3e309b6914bcd900a70d
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: de-DE
cache-control: max-age=3600, public, must-revalidate, private
cw-server: bh-deployment-848647674d-6hj5d
content-length: 23717

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame C81B 43 B
443 B 127ms
14ms Image
image/gif 185.29.134.248
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=10074224897010768703751213549182056050&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d10074224897010768703751213549182056050
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master cdg cdg-pixel-x15 config_version:"1438" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webmd.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Sat, 29 Jul 2023 22:42:28 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x15 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Sat, 29 Jul 2023 22:42:27 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
338 B 124ms
29ms XHR
application/json 18.203.192.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.192.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-192-232.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 24f12a1fc86725ff1aac601658a713f59b5a7974ac55e2cfc4d1ba886688d158

Request headers

Referer: https://mtnvpn.manteghi.sbs/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: no-cache
x-server: 10.45.16.133
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223100%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
416 B 97ms
44ms Fetch
image/gif 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223100%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fmtnvpn.manteghi.sbs%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: JJNSX8V0VFF1DXH0M18C
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: LO88mJeN_MrM9vWH5SuFOcw4rwoSFnnq0Thw39FtLRXzGzAt-z3IWQ==

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223100%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
415 B 94ms
44ms Fetch
image/gif 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: BVZKAWWSNMW0CHP2FQXH
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: 71DqkjeefIu9ckSbMCw0DcSuuPFfgDSitAFhYiWbO4PlmGgpoOqg_w==

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 0AH6NQ9JGK62Q2SKG535
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: MJr6jVSzB-SPpuDVzZKcDyNnjzZrOPw3pVyyIHWIy5_heI8lj22ndw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
507 B 654ms
613ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3100&u=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&pid=gf0ro2IfVX6g6&cb=0&ws=1600x1200&v=23.725.1446&t=800&slots=%5B%7B%22sd%22%3A%22ads2-pos-101%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F4312434%2Fconsumer%2Fmednet%2Fhp-conmnet%2Fads2-pos-101%22%7D%2C%7B%22sd%22%3A%22ads2-pos-121%22%2C%22s%22%3A%5B%22300x250%22%2C%221x15%22%2C%22300x251%22%5D%2C%22sn%22%3A%22%2F4312434%2Fconsumer%2Fmednet%2Fhp-conmnet%2Fads2-pos-121%22%7D%2C%7B%22sd%22%3A%22ads2-pos-121-1%22%2C%22s%22%3A%5B%22300x250%22%2C%221x15%22%2C%22300x251%22%5D%2C%22sn%22%3A%22%2F4312434%2Fconsumer%2Fmednet%2Fhp-conmnet%2Fads2-pos-121-1%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A400%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:28 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 92AQPR3P7F3AV703SBMK
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://mtnvpn.manteghi.sbs
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: QzNgS6mPHli2bZF_oDNDWaDozRZa7TtpRkPM_85S4uC0ZLaOGCqJQA==

GET
H3 200 pub.json Show response
pub.doubleverify.com/dvtag/signals/ids/ 13 B
282 B 65ms
32ms Fetch
application/json 2606:4700::6812:a6e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/dvtag/signals/ids/pub.json?ctx=17778638&cmp=DV587414&url=https%3A%2F%2Fmtnvpn.manteghi.sbs&ids=1

Requested by

Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2a9c1dec1a24dd650f7b3b74a5c8ab1f6b68b653deef124accbde1c8a24abf0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self'
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://mtnvpn.manteghi.sbs
access-control-expose-headers: Server-Timing, Cf-Ray
cache-control: private, max-age=900
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 7ee8e00ee92f1c3e-FRA
content-length: 13
alt-svc: h3=":443"; ma=86400

GET
H3 200 pub.json Show response
pub.doubleverify.com/dvtag/signals/bsc/ 31 B
263 B 80ms
47ms Fetch
application/json 2606:4700::6812:a6e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/dvtag/signals/bsc/pub.json?ctx=17778638&cmp=DV587414&url=https%3A%2F%2Fmtnvpn.manteghi.sbs&bsc=1

Requested by

Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68212fce0695654392fc9432c16a15344f45f5c619a224589abe1a4447f32260

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self'
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://mtnvpn.manteghi.sbs
access-control-expose-headers: Server-Timing, Cf-Ray
cache-control: public, max-age=900
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 7ee8e00ee92d1c3e-FRA
content-length: 31
alt-svc: h3=":443"; ma=86400

GET
H2 200 desktop.css
www.medicinenet.com/css/mni/ Frame B33E 146 KB
29 KB 158ms
154ms Stylesheet
text/css 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicinenet.com/css/mni/desktop.css
Requested by: Host: www.medicinenet.com
URL: https://www.medicinenet.com/script/main/newsletter-signuproadblock.asp
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95f582f0fd0f939640936985e453a62d34b90c3a43f249deb67e274425cad7ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicinenet.com/script/main/newsletter-signuproadblock.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Thu, 15 Jun 2023 15:46:57 GMT
server: cloudflare
etag: W/"97798c9da09fd91:0"
vary: , Accept-Encoding
cf-wrk: lrt_o&o_v3.5_isEU:true_isUSCA:false_isCalifornia:false
content-type: text/css
x-server-id: www10-web.mdc.ma1.webmd.com
cf-ray: 7ee8e00eeb08915e-FRA

GET
H2 200 jquery.min.js Show response
images.medicinenet.com/javascript/jquery/1.7.1/ Frame B33E 92 KB
33 KB 26ms
22ms Script
application/javascript 104.18.29.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images.medicinenet.com/javascript/jquery/1.7.1/jquery.min.js
Requested by: Host: www.medicinenet.com
URL: https://www.medicinenet.com/script/main/newsletter-signuproadblock.asp
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.29.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicinenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 29 Sep 2017 22:37:39 GMT
server: cloudflare
age: 2899
etag: W/"6a31358e7339d31:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-server-id: www10-web.mdc.ma1.webmd.com
cache-control: public, max-age=2678400
cf-ray: 7ee8e00eeb0a915e-FRA
expires: Tue, 29 Aug 2023 22:42:28 GMT

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=3719324157027877170
dpm.demdex.net/ Frame C81B
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=3719324157027877170

42 B
942 B

32ms
32ms

Image
image/gif

52.30.115.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=3719324157027877170

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

HTTP/1.1

Server

52.30.115.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-115-249.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webmd.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-0d4b97179.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 4p6hveGTRno=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
an-x-request-uuid: a7f7756f-78ef-4685-8881-6fc5d25d14fa
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=3719324157027877170
x-proxy-origin: 80.255.10.202; 80.255.10.202; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 403 insync
thrtle.com/ 0
0 293ms
91ms Image
text/html 3.90.170.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/insync?vxii_pid=10015&vxii_pdid=
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.90.170.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-90-170-4.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H2 200 rtset
bh.contextweb.com/bh/ 49 B
486 B 22ms
15ms Image
image/gif 208.93.169.131
WEBMD-IDC1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?pid=562507&ev=$$ev_id$$&us_privacy=&gdpr_consent=$$gdpr_consent$$

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-DE
content-type: image/gif;charset=iso-8859-1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-848647674d-6hj5d
expires: -1

GET
H2 200 sr
bh.contextweb.com/bh/ 49 B
486 B 21ms
14ms Image
image/gif 208.93.169.131
WEBMD-IDC1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/sr?action=add&token=R5ZBOGEKGYPR&ch=1&url=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&rr=$$referrer$$&us_privacy=&param1=$$event$$&epid=null&did=09869703143843397293767126905032297189&pf=$$pf$$&usp=$$usp$$&auth_channel=null&ev_id=$$ev_id$$&gdpr_consent=$$gdpr_consent$$

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-DE
content-type: image/gif;charset=iso-8859-1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-848647674d-6hj5d
expires: -1

POST
H2 204 /
vtrk.doubleverify.com/ 0
185 B 29ms
29ms Ping
text/plain 54.154.176.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vtrk.doubleverify.com/?t=event&ec=page&ea=load-signals&v=1&ctx=17778638&cmp=DV587414&cid=cf3f7c05-3b9f-43cb-9804-53a827568a29&z=621855657928&cd105=mode&cd160=21e236d9-e198-4cb0-a07a-018ba0d6a418&cd161=https%3A%2F%2Fmtnvpn.manteghi.sbs&cd50=upt&cd51=f93b7a7&cd180=network&cd52=loadSignals&cm56=1&cm57=1&cm58=1&cm59=1&cm60=1&cm187=66&cm180=81&cm181=0&cm182=0&cm183=25&cm184=47&cm185=0&cm186=80&cd191=7ee8e00ee92d1c3e&cm188=81&cd68=1&cm170=1&cm61=1&cd171=84010000%2C80000000&cm62=2&cd53=1&cm54=123
Requested by: Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.176.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-176-164.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: https://mtnvpn.manteghi.sbs
date: Sat, 29 Jul 2023 22:42:28 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=3659833090276633865
dpm.demdex.net/ Frame C81B
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3659833090276633865

42 B
942 B

32ms
32ms

Image
image/gif

52.30.115.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=3659833090276633865

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

HTTP/1.1

Server

52.30.115.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-115-249.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webmd.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-01c7d5f9c.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: oSPl7Y8HQ/4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=3659833090276633865
pragma: no-cache
date: Sat, 29 Jul 2023 22:42:27 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 bi_oocommon.js Show response
img.webmd.com/bi_common/ Frame B33E 90 KB
29 KB 21ms
21ms Script
application/javascript 104.18.25.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.webmd.com/bi_common/bi_oocommon.js?d=20230729
Requested by: Host: www.medicinenet.com
URL: https://www.medicinenet.com/script/main/newsletter-signuproadblock.asp
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.25.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e8310e062dcb148ae0cbae2f1ae8692347635c885ef9bf4c0aa6396be2b0f1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicinenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 86928
content-length: 29842
last-modified: Fri, 04 Feb 2022 14:58:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-server-id: img01-web.con.ma1.webmd.com
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ee8e00ffe702c7d-FRA
expires: Sun, 28 Jul 2024 22:42:28 GMT

GET
H3 200 ib.html Show response
ibclick.stream/ Frame 9D7D 191 B
696 B 185ms
166ms Document
text/html 2606:4700:e4::ac40:a60e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ibclick.stream/ib.html
Requested by: Host: ibclick.stream
URL: https://ibclick.stream/assets/js/track/dist/js/v1/tracker.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a60e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 619dc4f4ff3223e7507884f55e258b12a2c78a71b53b626cf03b4a1d56b93753

Request headers

Referer: https://mtnvpn.manteghi.sbs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7ee8e0104c5418e2-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 29 Jul 2023 22:42:28 GMT
last-modified: Wed, 06 Jan 2021 04:56:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="This site does not have a p3p policy."
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2H09hJE1tD05NOjR73hcicqh2%2B8dc53%2BYOaE9wJC6B%2Byt00gz7mfHDNshG7cUto3khrNdIfUkmMi8HBu2GFBZ6Tua2I8zgZv9UGYXJT3baypa%2FeyCFmKlCuobBAfQwoTaPhfzgNEnWDc%2BHjSDg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 451 365868.gif
idsync.rlcdn.com/ Frame C81B 0
98 B 46ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/365868.gif?partner_uid=10074224897010768703751213549182056050
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webmd.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:28 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEBts5VQ42MEueiqjPaYGels&google_cver=1
dpm.demdex.net/ Frame C81B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTAwNzQyMjQ4OTcwMTA3Njg3MDM3NTEyMTM1NDkxODIwNTYwNTA=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTAwNzQyMjQ4OTcwMTA3Njg3MDM3NTEyMTM1NDkxODIwNTYwNTA=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBts5VQ42MEueiqjPaYGels&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

33ms
32ms

Image
image/gif

52.30.115.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBts5VQ42MEueiqjPaYGels&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

HTTP/1.1

Server

52.30.115.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-115-249.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webmd.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-0b40121e0.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: sPRRD+TVR0I=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBts5VQ42MEueiqjPaYGels&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ucreative.js
hbx.media.net/__media__/js/ 0
2 KB 14ms
13ms Other
application/javascript 2.18.160.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/__media__/js/ucreative.js?cv=1

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.160.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-160-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
content-encoding: gzip
date: Sat, 29 Jul 2023 22:42:28 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1187735
content-length: 1585
expires: Sat, 12 Aug 2023 16:38:03 GMT

POST
H/1.1 200 787.json Show response
id5-sync.com/g/v2/ 241 B
654 B 8ms
8ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/787.json

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=mtnvpn.manteghi.sbs

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

949c02893cb5bf4abd453594780de07965ef445ecd3f75c32fc4884d37c3c793

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://mtnvpn.manteghi.sbs/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mtnvpn.manteghi.sbs
date: Sat, 29 Jul 2023 22:42:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 204 25712 Show response
idx.liadm.com/idex/unknown/ 0
197 B 306ms
103ms XHR
text/plain 34.203.102.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/unknown/25712?gdpr=1&n3pc=1&resolve=nonId

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=mtnvpn.manteghi.sbs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.203.102.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-102-88.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mtnvpn.manteghi.sbs/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mtnvpn.manteghi.sbs
date: Sat, 29 Jul 2023 22:42:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
trace-id: ccdfa940b4543e09
vary: Origin
request-time: 9

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
319 B 38ms
29ms XHR
application/json 18.203.192.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?gdpr_applies=true
Requested by: Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=mtnvpn.manteghi.sbs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.192.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-192-232.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://mtnvpn.manteghi.sbs/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: no-cache
x-server: 10.45.16.20
access-control-allow-credentials: true
content-length: 43
expires: 0

POST
H2 200 hb Show response
hb-pb.media.net/rtb/ 820 B
837 B 176ms
109ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-pb.media.net/rtb/hb?cid=8CU66J63J
Requested by: Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=mtnvpn.manteghi.sbs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: bcd09f17192ada82dfaffc0a43b96bc8610235d82f9b78f1167dabfb25621a13

Request headers

Referer: https://mtnvpn.manteghi.sbs/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Sat, 29 Jul 2023 22:42:28 GMT

POST
H2 200 hb Show response
hb-pb.media.net/rtb/ 820 B
552 B 173ms
111ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-pb.media.net/rtb/hb?cid=8CU66J63J
Requested by: Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=mtnvpn.manteghi.sbs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a1291da2df487c8aeaab99d353a8589450350cb8eae920050b631fa12a657e51

Request headers

Referer: https://mtnvpn.manteghi.sbs/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Sat, 29 Jul 2023 22:42:28 GMT

GET
H2 200 tcb.js Show response
contextual.media.net/ 93 KB
13 KB 20ms
20ms Script
text/javascript 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/tcb.js?&cb=window.advBidxc.nativetemplatefetch&req=T31K017_300x50%7CT31K017_300x600%7CT31K017_728x90%7CT9VJI4H_728x90%7CTB13F85_1x7%7CTEU8ETI_1x9%7CTEU8ETI_300x250%7CTNG7O25_300x600%7CTU6BMCI_160x600&v=1

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=mtnvpn.manteghi.sbs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

fe5b28e5195dc56bc8b4b1b6d806514f9fe9302410acde1a8184ba61eb623c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 29 Jul 2023 22:42:28 GMT
server: Apache
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=172800
content-length: 12856
expires: Mon, 31 Jul 2023 22:42:28 GMT

GET
H2 200 mcx.js Show response
hbx.media.net/ 256 B
452 B 605ms
605ms Script
text/javascript 2.18.160.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/mcx.js?&callback=window.advBidxc.contextualcallback&cid=8CU66J63J&dn=mtnvpn.manteghi.sbs&icode=cop&itype=HB&rt=2&url=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&ver=2

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=mtnvpn.manteghi.sbs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.160.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-160-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

54bb1d4e52591841b123bb3a40751c12a89b70ca7a1d5b1aafc0ffcaef8aff3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Sat, 29 Jul 2023 22:42:29 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, no-cache
content-length: 256
expires: Sat, 29 Jul 2023 22:42:29 GMT

GET
H3 200 tracker.min.js Show response
ibclick.stream/assets/js/track/dist/js/v1/ Frame 9D7D 88 KB
29 KB 18ms
18ms Script
application/javascript 2606:4700:e4::ac40:a60e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ibclick.stream/assets/js/track/dist/js/v1/tracker.min.js
Requested by: Host: ibclick.stream
URL: https://ibclick.stream/ib.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a60e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c43985be26e000897fe43ffcfea945dfa23d744be4bae8e25c7fb8886b7c80f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibclick.stream/ib.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 886
p3p: CP="This site does not have a p3p policy."
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Wed, 06 Jan 2021 04:59:32 GMT
server: cloudflare
etag: W/"161f4-5b83430515500"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xdMhfXj5t%2BG%2BSj9tEMA02wc0Ah3na23%2BfD1vjx78jNTzgXnkg4FlLiJqsnlV7nwlF%2FBUXDL%2F40AjzWKYWPtGs0xDyOjzNkhQMwq6tRlD%2Fx%2BBQITfAzUqOzWg%2FUl0PUe81WaAFkeeuR%2BzVLqAw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600, must-revalidate
cf-ray: 7ee8e011bdb818e2-FRA

GET
H2 200 rtbsspub
xch.media.net/AdExchange/ 49 KB
3 KB 70ms
19ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=39896735664759401690670548736&gdpr=1&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=170485818*23%7C300x250%7C1037255%7C19266772%7C%7C%7C1%40170485818*29%7C300x250%7C16268%7C119516_564736_15%7C%7C%7C1%40170485818*441%7C300x250%7C934769%7C758214918_934769%7C0.05%7C%7C1%40170485818*450%7C300x250%7C8CU66J63J%7C170485818_8CU66J63J%7C%7C%7C1%40235515020*23%7C300x600~300x250%7C1037255%7C11572294~11572294%7C%7C%7C1%40235515020*29%7C300x250%7C16268%7C119516_564736_15%7C%7C%7C1%40235515020*117%7C1x1_TNG7O25_1%7C8CU66J63J%7C235515020_8CU66J63J~235515020_8CU66J63J%7C%7C%7C3%40235515020*441%7C300x600~300x250%7C934769%7C235515020_934769~235515020_934769%7C0.05%7C%7C1%40235515020*450%7C300x600~300x250%7C8CU66J63J%7C235515020_8CU66J63J~235515020_8CU66J63J%7C%7C%7C1%40356136642*23%7C728x90%7C1037255%7C11572292%7C%7C%7C1%40356136642*29%7C728x90%7C16268%7C119516_564736_2%7C%7C%7C1%40356136642*117%7C1x1_T9VJI4H_1%7C8CU66J63J%7C356136642_8CU66J63J~356136642_8CU66J63J~356136642_8CU66J63J%7C%7C%7C3%40356136642*441%7C728x90~970x250~970x90%7C934769%7C356136642_934769~356136642_934769~356136642_934769%7C0.05%7C%7C1%40356136642*450%7C728x90~970x250~970x90%7C8CU66J63J%7C356136642_8CU66J63J~356136642_8CU66J63J~356136642_8CU66J63J%7C%7C%7C1%40388736527*23%7C160x600%7C1037255%7C11572293%7C%7C%7C1%40388736527*29%7C160x600%7C16268%7C119516_564736_9%7C%7C%7C1%40388736527*117%7C1x1_TU6BMCI_1%7C8CU66J63J%7C388736527_8CU66J63J%7C%7C%7C3%40388736527*441%7C160x600%7C934769%7C388736527_934769%7C0.05%7C%7C1%40388736527*450%7C160x600%7C8CU66J63J%7C388736527_8CU66J63J%7C%7C%7C1%40638432657*23%7C300x50~300x250~320x50%7C1037255%7C19830371~19830371~19830371%7C%7C%7C1%40638432657*29%7C300x250~300x50~320x50%7C16268%7C119516_564736_15~119516_564736_44~119516_564736_43%7C%7C%7C1%40638432657*441%7C300x50~300x250~320x50%7C934769%7C638432657_934769~638432657_934769~638432657_934769%7C0.05%7C%7C1%40638432657*450%7C300x50~300x250~320x50%7C8CU66J63J%7C638432657_8CU66J63J~638432657_8CU66J63J~638432657_8CU66J63J%7C%7C%7C1%40656615527*23%7C300x600~300x250%7C1037255%7C11572290~11572290%7C%7C%7C1%40656615527*29%7C300x600~300x250%7C16268%7C119516_564736_10~119516_564736_15%7C%7C%7C1%40656615527*117%7C1x1_TNG7O25_1%7C8CU66J63J%7C656615527_8CU66J63J~656615527_8CU66J63J~656615527_8CU66J63J~656615527_8CU66J63J%7C%7C%7C3%40656615527*441%7C300x600~300x250~300x251~300x1050%7C934769%7C656615527_934769~656615527_934769~656615527_934769~656615527_934769%7C0.05%7C%7C1%40656615527*450%7C300x600~300x250~300x251~300x1050%7C8CU66J63J%7C656615527_8CU66J63J~656615527_8CU66J63J~656615527_8CU66J63J~656615527_8CU66J63J%7C%7C%7C1%40758214918*450%7C1x9%7C8CU66J63J%7C758214918_8CU66J63J%7C%7C%7C1%40758214918*3003%7C1x1_TEU8ETI_1%7C1037255%7C14309511%7C%7C%7C3%40758214918*3054%7C1x1_TEU8ETI_1%7C562650%7C733010%7C%7C%7C3%40867238351*23%7C728x90%7C1037255%7C19266769%7C%7C%7C1%40867238351*29%7C728x90%7C16268%7C119516_564736_2%7C%7C%7C1%40867238351*117%7C1x1_T31K017_1%7C8CU66J63J%7C867238351_8CU66J63J%7C%7C%7C3%40867238351*441%7C728x90%7C934769%7C867238351_934769%7C0.05%7C%7C1%40867238351*450%7C728x90%7C8CU66J63J%7C867238351_8CU66J63J%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.16150682546163475&tscode=1&crid=170485818%2C235515020%2C356136642%2C388736527%2C638432657%2C656615527%2C758214918%2C867238351&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fmtnvpn.manteghi.sbs&https=1&requrl=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=headerBid&cc=DE&ct=NURNBERG&rc=BY&usp_enf=1&usp_status=0&rtusuid=%7B%7D&tmt=250&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&isRefresh=0&taginfo=%7B%22170485818%22%3A%7B%22tid%22%3A%2220434628647887011690670548727%22%7D%2C%22235515020%22%3A%7B%22tid%22%3A%2252958744414987351690670548727%22%7D%2C%22356136642%22%3A%7B%22tid%22%3A%2288642193645414201690670548727%22%7D%2C%22388736527%22%3A%7B%22tid%22%3A%2262712490204537771690670548727%22%7D%2C%22638432657%22%3A%7B%22tid%22%3A%2269394491874711861690670548727%22%7D%2C%22656615527%22%3A%7B%22tid%22%3A%2255491764096747861690670548727%22%7D%2C%22758214918%22%3A%7B%22tid%22%3A%2245146940489697361690670548727%22%7D%2C%22867238351%22%3A%7B%22tid%22%3A%2211656820883263701690670548727%22%7D%7D&pinfo=%7B%2223%22%3A%7B%22dsh%22%3A0%2C%22psh%22%3A0%2C%22csh%22%3A100%7D%2C%2229%22%3A%7B%22dsh%22%3A0%2C%22psh%22%3A0%2C%22csh%22%3A100%7D%7D&encryptionVersion=0.0&switch=1

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.136.107.34.bc.googleusercontent.com

Software

Resource Hash

087c9ce9e2ec669ba219190df0e515ca9c68f10a54ff3be38d422ad4a1f891c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://mtnvpn.manteghi.sbs/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rtbsspub
xch.media.net/AdExchange/ 10 KB
1 KB 68ms
18ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=82280012124269721690670548745&gdpr=1&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=170485818*29%7C300x250%7C16268%7C119516_564736_15%7C%7C%7C1%40235515020*29%7C300x250%7C16268%7C119516_564736_15%7C%7C%7C1%40356136642*29%7C728x90%7C16268%7C119516_564736_2%7C%7C%7C1%40388736527*29%7C160x600%7C16268%7C119516_564736_9%7C%7C%7C1%40638432657*29%7C300x250~300x50~320x50%7C16268%7C119516_564736_15~119516_564736_44~119516_564736_43%7C%7C%7C1%40656615527*29%7C300x600~300x250%7C16268%7C119516_564736_10~119516_564736_15%7C%7C%7C1%40758214918*3003%7C1x1_TEU8ETI_1%7C1037255%7C14309511%7C%7C%7C3%40867238351*29%7C728x90%7C16268%7C119516_564736_2%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.34192569059605415&tscode=1&crid=170485818%2C235515020%2C356136642%2C388736527%2C638432657%2C656615527%2C758214918%2C867238351&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fmtnvpn.manteghi.sbs&https=1&requrl=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=cache&cc=DE&ct=NURNBERG&rc=BY&usp_enf=1&usp_status=0&rtusuid=%7B%7D&tmt=401&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&isRefresh=0&taginfo=%7B%22170485818%22%3A%7B%22tid%22%3A%2293786146854792441690670548742%22%7D%2C%22235515020%22%3A%7B%22tid%22%3A%2257923780740624261690670548742%22%7D%2C%22356136642%22%3A%7B%22tid%22%3A%2250383629481079881690670548742%22%7D%2C%22388736527%22%3A%7B%22tid%22%3A%2292131805026983281690670548742%22%7D%2C%22638432657%22%3A%7B%22tid%22%3A%2277691170247990881690670548742%22%7D%2C%22656615527%22%3A%7B%22tid%22%3A%2230170630899326651690670548742%22%7D%2C%22758214918%22%3A%7B%22tid%22%3A%2284626019718664731690670548742%22%7D%2C%22867238351%22%3A%7B%22tid%22%3A%2280258675221522901690670548742%22%7D%7D&pinfo=%7B%2229%22%3A%7B%22dsh%22%3A0%2C%22psh%22%3A0%2C%22csh%22%3A100%7D%7D&encryptionVersion=0.0

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.136.107.34.bc.googleusercontent.com

Software

Resource Hash

7bb8012bf5e0d0a8e96b7dfb41878d1db0f4534d67fe946c19ff1c4cc1d8fdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://mtnvpn.manteghi.sbs/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rtbsspub
xch.media.net/AdExchange/ 7 KB
1 KB 68ms
18ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=38718423550476281690670548751&gdpr=1&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=170485818*3012%7C1x1_TEU8ETI_1%7C8CU66J63J%7C170485818_8CU66J63J%7C%7C%7C3%40235515020*3012%7C1x1_TNG7O25_1%7C8CU66J63J%7C235515020_8CU66J63J~235515020_8CU66J63J%7C%7C%7C3%40356136642*3012%7C1x1_T9VJI4H_1%7C8CU66J63J%7C356136642_8CU66J63J~356136642_8CU66J63J~356136642_8CU66J63J%7C%7C%7C3%40388736527*3012%7C1x1_TU6BMCI_1%7C8CU66J63J%7C388736527_8CU66J63J%7C%7C%7C3%40656615527*3012%7C1x1_TNG7O25_1%7C8CU66J63J%7C656615527_8CU66J63J~656615527_8CU66J63J~656615527_8CU66J63J~656615527_8CU66J63J%7C%7C%7C3%40867238351*3012%7C1x1_T31K017_1%7C8CU66J63J%7C867238351_8CU66J63J%7C%7C%7C3&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.8472773328693559&tscode=1&crid=170485818%2C235515020%2C356136642%2C388736527%2C656615527%2C867238351&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fmtnvpn.manteghi.sbs&https=1&requrl=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=headerBid&cc=DE&ct=NURNBERG&rc=BY&usp_enf=1&usp_status=0&rtusuid=%7B%7D&tmt=250&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&isRefresh=0&taginfo=%7B%22170485818%22%3A%7B%22tid%22%3A%2220434628647887011690670548727%22%7D%2C%22235515020%22%3A%7B%22tid%22%3A%2252958744414987351690670548727%22%7D%2C%22356136642%22%3A%7B%22tid%22%3A%2288642193645414201690670548727%22%7D%2C%22388736527%22%3A%7B%22tid%22%3A%2262712490204537771690670548727%22%7D%2C%22638432657%22%3A%7B%22tid%22%3A%2269394491874711861690670548727%22%7D%2C%22656615527%22%3A%7B%22tid%22%3A%2255491764096747861690670548727%22%7D%2C%22758214918%22%3A%7B%22tid%22%3A%2245146940489697361690670548727%22%7D%2C%22867238351%22%3A%7B%22tid%22%3A%2211656820883263701690670548727%22%7D%7D&encryptionVersion=0.0

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.136.107.34.bc.googleusercontent.com

Software

Resource Hash

11b1f3c5468d513f72b1bf888bc7a9a1d9cb163edc92242a55393222edc1cc67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://mtnvpn.manteghi.sbs/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rtbsspub
xch.media.net/AdExchange/ 8 KB
1 KB 68ms
18ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=30147098530591381690670548751&gdpr=1&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=235515020*126%7C300x600~300x250%7C8CU66J63J%7C_113610~_113610%7C%7C%7C1%40356136642*126%7C728x90%7C8CU66J63J%7C_113610%7C%7C%7C1%40388736527*126%7C160x600%7C8CU66J63J%7C_113610%7C%7C%7C1%40638432657*126%7C300x50~300x250~320x50%7C8CU66J63J%7C_113610~_113610~_113610%7C%7C%7C1%40656615527*126%7C300x600~300x250%7C8CU66J63J%7C_113610~_113610%7C%7C%7C1%40867238351*126%7C728x90%7C8CU66J63J%7C_113610%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.46788925977016227&tscode=1&crid=235515020%2C356136642%2C388736527%2C638432657%2C656615527%2C867238351&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fmtnvpn.manteghi.sbs&https=1&requrl=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=headerBid&cc=DE&ct=NURNBERG&rc=BY&usp_enf=1&usp_status=0&rtusuid=%7B%7D&tmt=250&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&isRefresh=0&taginfo=%7B%22170485818%22%3A%7B%22tid%22%3A%2220434628647887011690670548727%22%7D%2C%22235515020%22%3A%7B%22tid%22%3A%2252958744414987351690670548727%22%7D%2C%22356136642%22%3A%7B%22tid%22%3A%2288642193645414201690670548727%22%7D%2C%22388736527%22%3A%7B%22tid%22%3A%2262712490204537771690670548727%22%7D%2C%22638432657%22%3A%7B%22tid%22%3A%2269394491874711861690670548727%22%7D%2C%22656615527%22%3A%7B%22tid%22%3A%2255491764096747861690670548727%22%7D%2C%22758214918%22%3A%7B%22tid%22%3A%2245146940489697361690670548727%22%7D%2C%22867238351%22%3A%7B%22tid%22%3A%2211656820883263701690670548727%22%7D%7D&encryptionVersion=0.0

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.136.107.34.bc.googleusercontent.com

Software

Resource Hash

7e4912f5863335257c5f7d3e6114f013c3038c3c086b619af2094eb519f7192d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://mtnvpn.manteghi.sbs/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rtbsspub
xch.media.net/AdExchange/ 7 KB
1 KB 74ms
24ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=67788524935961111690670548752&gdpr=1&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=170485818*3012%7C1x1_TEU8ETI_1%7C8CU66J63J%7C170485818_8CU66J63J%7C%7C%7C3%40235515020*3012%7C1x1_TNG7O25_1%7C8CU66J63J%7C235515020_8CU66J63J~235515020_8CU66J63J%7C%7C%7C3%40356136642*3012%7C1x1_T9VJI4H_1%7C8CU66J63J%7C356136642_8CU66J63J~356136642_8CU66J63J~356136642_8CU66J63J%7C%7C%7C3%40388736527*3012%7C1x1_TU6BMCI_1%7C8CU66J63J%7C388736527_8CU66J63J%7C%7C%7C3%40656615527*3012%7C1x1_TNG7O25_1%7C8CU66J63J%7C656615527_8CU66J63J~656615527_8CU66J63J~656615527_8CU66J63J~656615527_8CU66J63J%7C%7C%7C3%40867238351*3012%7C1x1_T31K017_1%7C8CU66J63J%7C867238351_8CU66J63J%7C%7C%7C3&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.4591260730210698&tscode=1&crid=170485818%2C235515020%2C356136642%2C388736527%2C656615527%2C867238351&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fmtnvpn.manteghi.sbs&https=1&requrl=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=cache&cc=DE&ct=NURNBERG&rc=BY&usp_enf=1&usp_status=0&rtusuid=%7B%7D&tmt=401&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&isRefresh=0&taginfo=%7B%22170485818%22%3A%7B%22tid%22%3A%2293786146854792441690670548742%22%7D%2C%22235515020%22%3A%7B%22tid%22%3A%2257923780740624261690670548742%22%7D%2C%22356136642%22%3A%7B%22tid%22%3A%2250383629481079881690670548742%22%7D%2C%22388736527%22%3A%7B%22tid%22%3A%2292131805026983281690670548742%22%7D%2C%22638432657%22%3A%7B%22tid%22%3A%2277691170247990881690670548742%22%7D%2C%22656615527%22%3A%7B%22tid%22%3A%2230170630899326651690670548742%22%7D%2C%22758214918%22%3A%7B%22tid%22%3A%2284626019718664731690670548742%22%7D%2C%22867238351%22%3A%7B%22tid%22%3A%2280258675221522901690670548742%22%7D%7D&encryptionVersion=0.0

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.136.107.34.bc.googleusercontent.com

Software

Resource Hash

f2664ead242ffa1fd243fdaa819d33479ceaa54fee84c89bbdd6f8b0045c0ab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://mtnvpn.manteghi.sbs/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rtbsspub
xch.media.net/AdExchange/ 8 KB
1 KB 74ms
24ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=26983027378567441690670548752&gdpr=1&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=235515020*126%7C300x600~300x250%7C8CU66J63J%7C_113610~_113610%7C%7C%7C1%40356136642*126%7C728x90%7C8CU66J63J%7C_113610%7C%7C%7C1%40388736527*126%7C160x600%7C8CU66J63J%7C_113610%7C%7C%7C1%40638432657*126%7C300x50~300x250~320x50%7C8CU66J63J%7C_113610~_113610~_113610%7C%7C%7C1%40656615527*126%7C300x600~300x250%7C8CU66J63J%7C_113610~_113610%7C%7C%7C1%40867238351*126%7C728x90%7C8CU66J63J%7C_113610%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.046336210382740495&tscode=1&crid=235515020%2C356136642%2C388736527%2C638432657%2C656615527%2C867238351&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fmtnvpn.manteghi.sbs&https=1&requrl=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=cache&cc=DE&ct=NURNBERG&rc=BY&usp_enf=1&usp_status=0&rtusuid=%7B%7D&tmt=401&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&isRefresh=0&taginfo=%7B%22170485818%22%3A%7B%22tid%22%3A%2293786146854792441690670548742%22%7D%2C%22235515020%22%3A%7B%22tid%22%3A%2257923780740624261690670548742%22%7D%2C%22356136642%22%3A%7B%22tid%22%3A%2250383629481079881690670548742%22%7D%2C%22388736527%22%3A%7B%22tid%22%3A%2292131805026983281690670548742%22%7D%2C%22638432657%22%3A%7B%22tid%22%3A%2277691170247990881690670548742%22%7D%2C%22656615527%22%3A%7B%22tid%22%3A%2230170630899326651690670548742%22%7D%2C%22758214918%22%3A%7B%22tid%22%3A%2284626019718664731690670548742%22%7D%2C%22867238351%22%3A%7B%22tid%22%3A%2280258675221522901690670548742%22%7D%7D&encryptionVersion=0.0

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.136.107.34.bc.googleusercontent.com

Software

Resource Hash

e45655ab0b75b72d4fcc3b9c1287c85bcef6ffcd3bec70fd0d611e74e235cc2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://mtnvpn.manteghi.sbs/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=jrg8A8cSM6Nn9CRarj5zT1OnbT7vJnO7&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame C81B
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=jrg8A8cSM6Nn9CRarj5zT1OnbT7vJnO7&gdpr=0&gdpr_consent=

42 B
942 B

43ms
32ms

Image
image/gif

52.30.115.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=jrg8A8cSM6Nn9CRarj5zT1OnbT7vJnO7&gdpr=0&gdpr_consent=

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

HTTP/1.1

Server

52.30.115.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-115-249.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webmd.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-064b86ed4.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: aARBuAUuQ+E=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=jrg8A8cSM6Nn9CRarj5zT1OnbT7vJnO7&gdpr=0&gdpr_consent=
date: Sat, 29 Jul 2023 22:42:28 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 650582
content-length: 0

GET
H3 200 csc-event
ibclick.stream/ 37 B
596 B 167ms
167ms Image
image/gif 2606:4700:e4::ac40:a60e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ibclick.stream/csc-event?p=0%3Alkollcfx%3Aafcfabb2-bf99-445e-a461-ecd80daa917b&s=0%3Alkollcfy%3A0079b4a7-1c0b-4dd5-9918-54a44100ece7&v=0%3AxYsy0d5sg1Qj32u2cTLRnWlEaldQNO0G&e=0%3AxYsy0d5sg1Qj32u2cTLRnWlEaldQNO0G0&c=lkollcg4&n=f&f=f&l=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&i=18g&j=xc&k=1&w=18g&h=xc&t=pageView&u=(seventText!MedicineNet%20-%20Health%20and%20Medical%20Information%20Produced%20by%20Doctors!ssite!medicinenet.com!svertical!health%20consumer!ssnippetVersion!1.2!strackerJsSha!235fbc5e!ssource!snippet!tcookieEnabled!)&x=-rth811
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a60e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6b3edc43-20ec-4078-bc47-e965dd76b88a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6MSi%2FLSCWAnRtUZcBMHMG4AYMVU%2FnLT5DqbrO4%2Ft15sz5CySkvmWq7o1coEWw%2FDqGhqEV%2Fas8%2FjBVXllbKNJwcfb3TJA5PuYLDAEs39PoL7T8kJL8aZn0KZVMWA1OP6k5zwGSSCsC30HbM3SQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
p3p: CP="This site does not have a p3p policy."
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7ee8e0120e0318e2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: Fri, 14 Apr 1995 11:30:00 GMT

GET
H2 200 log
hblg.media.net/ 35 B
191 B 47ms
15ms Image
image/gif 23.212.88.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfk&evtid=belog&itype=HB&tElp=155&adt=desktop&cid=8CU66J63J&ct=NURNBERG&cc=DE&ugd=4&app=0&pht=1200&pid=8PRL4E7N3&dn=mtnvpn.manteghi.sbs&servname=ssp-serving-7586466f54-92gx5&svr=2023072110_141_072810_700_072810_662_ssp&sc=BY&version=4&vh=1200&vw=1600&vsid=&vid=00001690670548708013588915207533&sspAbBucket=CONTROL&lw=1&dapp=green&nob=&bx_dc=sc&itypeid=1&sd=1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=0&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=ID5%3D0&gpp_present=0&gpp_dec_sid%3C%3E=&gpp_sid%3C%3E=&uspca_status=---------&uspco_status=---------&uspct_status=---------&uspnat_status=---------&usput_status=---------&uspva_status=---------&abte=SSP_CLIENT&rtype=&lbr=1&mnkv=&pabte=&pc=1728&ccat=&floc_id=&floc_ver=&gfundl=500&gtd=1&inid=&ngfundl=500&rdl=300&name=TEMPLATE_UNAVAILABLE_IN_FRAMEWORK_FOR_170485818_FOR_300x250&stack=NONE&lvl=3&crid=170485818&pvid=&dfpDiv=&liid=&dfpBd=&acid=&rctr=&sz=&t_cntdwn=&t_ciel=&lper=1&requrl=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&kwrf=

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-88-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sat, 29 Jul 2023 22:42:28 GMT

GET
H/1.0 200
OK image.sbix
global.ib-ibi.com/ Frame C81B 0
72 B 538ms
129ms Image
text/plain 216.46.185.182
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=10074224897010768703751213549182056050
Requested by: Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_128_CBC
Server: 216.46.185.182 Littleton, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webmd.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

POST
H2 200 hb Show response
hb-pb.media.net/rtb/ 820 B
551 B 75ms
74ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-pb.media.net/rtb/hb?cid=8CU66J63J
Requested by: Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=mtnvpn.manteghi.sbs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 747ea4c652ca1d64a542b3d2941278dfe43c3fc2781809da59da64d080a1e5da

Request headers

Referer: https://mtnvpn.manteghi.sbs/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Sat, 29 Jul 2023 22:42:28 GMT

POST
H2 200 hb Show response
hb-pb.media.net/rtb/ 820 B
552 B 77ms
77ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-pb.media.net/rtb/hb?cid=8CU66J63J
Requested by: Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=mtnvpn.manteghi.sbs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 140178e9c4ab8e5d4f63b1aac4aad9f8040a43cf6c3180bc356a826dede271ed

Request headers

Referer: https://mtnvpn.manteghi.sbs/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Sat, 29 Jul 2023 22:42:28 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 412 KB
75 KB 718ms
717ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177882169733893&correlator=3257516329686198&eid=31072019%2C21065724&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fifs&iu_parts=4312434%2Cconsumer%2Cmednet%2Chp-conmnet&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%2C320x50%7C300x250%7C1x15%7C300x251%2C320x50%7C300x250%7C1x15%7C300x251%2C1x1&fluid=height%2Cheight%2Cheight%2C0&ifi=1&adks=3204028643%2C1778419798%2C784904530%2C880777314&sfv=1-0-40&prev_scp=pos%3D101%26ad_slot%3Dads2-pos-101%26amznbid%3D2%26amznp%3D2%26ad_group%3Dad_opt%26ad_h%3D22%26optimera%3DNULL%7Cpos%3D121%26ad_slot%3Dads2-pos-121%26amznbid%3D2%26amznp%3D2%26ad_group%3Dad_opt%26ad_h%3D22%26optimera%3DNULL%7Cpos%3D121%26ad_slot%3Dads2-pos-121-1%26amznbid%3D2%26amznp%3D2%26ad_group%3Dad_opt%26ad_h%3D22%26optimera%3DNULL%7Cpos%3D901%26ad_slot%3Dads2-pos-901%26ad_group%3Dad_opt%26ad_h%3D22&eri=4&cust_params=pvid%3D169067054763588869%26fis%3D1%26fipt%3D1728%26aamid%3D0%26pch%3D1%26ecd%3D0%26sname%3Dmedicinenet%26tug%3D%26art%3Dnav%2520-%2520home%2520page%26pt%3D1728%26uri%3D%252F%26cc%3Dnav%2520-%2520home%2520page%26oohc%3D20%26env%3D0%26segm%3D0%26bp%3D1%26lif%3D0%26saf%3D0%26iaf%3D1%26pimc%3D0%26pts_pid%3Dcf3f7c05-3b9f-43cb-9804-53a827568a29%26IDS%3D1%26qt_loaded%3Dids%252Cbsc%26BSC%3D84010000%252C80000000%26excl_cat%3Dssg&sc=1&cookie_enabled=1&cdm=mtnvpn.manteghi.sbs&abxe=1&dt=1690670548945&adxs=436%2C1049%2C1049%2C0&adys=81%2C717%2C2054%2C5749&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.manteghi.sbs&loc=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&frm=20&vis=1&psz=738x100%7C302x252%7C302x2%7C1600x5767&msz=728x90%7C300x250%7C300x0%7C1600x0&fws=512%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&ga_vid=17985928.1690670548&ga_sid=1690670549&ga_hid=1811736487&ga_fc=true&dlt=1690670547375&idt=840

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb1269a058c6a1530211e75577e92a8be2892ce779b9ad586d973d45c51f013f

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKrVhcz-tIADFb2e_QcduYIHUA&gqi=&layout=/sadbundle/%24csp%253Der3%24/14515170120703914388/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKnVhcz-tIADFb2e_QcduYIHUA&gqi=&layout=/sadbundle/%24csp%253Der3%24/2153815233448623277/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKvVhcz-tIADFb2e_QcduYIHUA&gqi=&layout=/sadbundle/%24csp%253Der3%24/14515170120703914388/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKrVhcz-tIADFb2e_QcduYIHUA&gqi=&layout=/sadbundle/%24csp%253Der3%24/14515170120703914388/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKnVhcz-tIADFb2e_QcduYIHUA&gqi=&layout=/sadbundle/%24csp%253Der3%24/2153815233448623277/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKvVhcz-tIADFb2e_QcduYIHUA&gqi=&layout=/sadbundle/%24csp%253Der3%24/14515170120703914388/index.html
date: Sat, 29 Jul 2023 22:42:29 GMT
x-content-type-options: nosniff
content-encoding: br
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77214
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,17870354
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,43342760954
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 75C4 6 KB
3 KB 99ms
15ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mtnvpn.manteghi.sbs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 22:42:29 GMT
expires: Sun, 28 Jul 2024 22:42:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame AB0D 22 KB
8 KB 114ms
113ms Document
text/html 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU66J63J&prvid=55%2C77%2C251%2C141%2C175%2C178%2C201%2C246%2C3017%2C147%2C203%2C214%2C237%2C337%2C208&itype=HB&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=mtnvpn.manteghi.sbs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

aef90d16f18d651189e5e06a6527be600cce4624d0fb511dd1a1be5e763dcf2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://mtnvpn.manteghi.sbs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8048
content-type: text/html; charset=UTF-8
date: Sat, 29 Jul 2023 22:42:29 GMT
expires: Mon, 31 Jul 2023 22:42:29 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 log
hblg.media.net/ 35 B
191 B 10ms
10ms Image
image/gif 23.212.88.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfk&evtid=relog&itype=HB&tElp=293&adt=desktop&cid=8CU66J63J&ct=NURNBERG&cc=DE&ugd=4&app=0&pht=1200&pid=8PRL4E7N3&dn=mtnvpn.manteghi.sbs&servname=ssp-serving-7586466f54-92gx5&svr=2023072110_141_072810_700_072810_662_ssp&sc=BY&version=4&vh=1200&vw=1600&vsid=&vid=00001690670548708013588915207533&sspAbBucket=CONTROL&lw=1&dapp=green&nob=&bx_dc=sc&itypeid=1&sd=1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=0&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=ID5%3D0&gpp_present=0&gpp_dec_sid%3C%3E=&gpp_sid%3C%3E=&uspca_status=---------&uspco_status=---------&uspct_status=---------&uspnat_status=---------&usput_status=---------&uspva_status=---------&abte=SSP_CLIENT&rtype=&lbr=1&mnkv=&pabte=&pc=1728&ccat=&floc_id=&floc_ver=&gfundl=500&gtd=1&inid=&ngfundl=500&rdl=300&dfpadpath=%2F4312434%2Fconsumer%2Fmednet%2Fhp-conmnet&efp=dgdd&ffp=0&mdk=&mdf=0&rfs=nfetched&rf=&rp=&src=Rules&lper=1&requrl=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&kwrf=

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-88-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sat, 29 Jul 2023 22:42:28 GMT

GET
H2 200 rtbsspub
xch.media.net/AdExchange/ 7 KB
1 KB 20ms
19ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=52164229273616501690670548925&gdpr=1&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=656615527*23%7C300x250%7C1037255%7C11572290%7C%7C%7C1%40656615527*29%7C300x250%7C16268%7C119516_564736_15%7C%7C%7C1%40656615527*117%7C1x1_TNG7O25_1%7C8CU66J63J%7C656615527_8CU66J63J~656615527_8CU66J63J%7C%7C%7C3%40656615527*441%7C300x250~300x251%7C934769%7C656615527_934769~656615527_934769%7C0.05%7C%7C1%40656615527*450%7C300x250~300x251%7C8CU66J63J%7C656615527_8CU66J63J~656615527_8CU66J63J%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.9908885454400207&tscode=1&crid=656615527&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fmtnvpn.manteghi.sbs&https=1&requrl=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=headerBid&cc=DE&ct=NURNBERG&rc=BY&usp_enf=1&usp_status=0&rtusuid=%7B%7D&tmt=250&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&isRefresh=0&taginfo=%7B%22656615527%22%3A%7B%22tid%22%3A%2297249217565278241690670548923%22%2C%22supply_tag_id%22%3A%22ads2-pos-121-1%22%2C%22xps%22%3A1199%2C%22yps%22%3A2053.65625%7D%7D&uids=%7B%22ID5%22%3A%220%22%7D&pinfo=%7B%2223%22%3A%7B%22dsh%22%3A0%2C%22psh%22%3A0%2C%22csh%22%3A100%7D%2C%2229%22%3A%7B%22dsh%22%3A0%2C%22psh%22%3A0%2C%22csh%22%3A100%7D%7D&encryptionVersion=0.0

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.136.107.34.bc.googleusercontent.com

Software

Resource Hash

16d0d4bd7f0eb05ce6a30085c43c2848426f2edc0121a9051555ffa1083b815b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://mtnvpn.manteghi.sbs/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rtbsspub
xch.media.net/AdExchange/ 2 KB
964 B 17ms
15ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=26292579954209111690670548928&gdpr=1&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=656615527*29%7C300x250%7C16268%7C119516_564736_15%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.2104014469563813&tscode=1&crid=656615527&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fmtnvpn.manteghi.sbs&https=1&requrl=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=cache&cc=DE&ct=NURNBERG&rc=BY&usp_enf=1&usp_status=0&rtusuid=%7B%7D&tmt=401&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&isRefresh=0&taginfo=%7B%22656615527%22%3A%7B%22tid%22%3A%2217448919562722841690670548927%22%2C%22supply_tag_id%22%3A%22ads2-pos-121-1%22%2C%22xps%22%3A1199%2C%22yps%22%3A2053.65625%7D%7D&uids=%7B%22ID5%22%3A%220%22%7D&pinfo=%7B%2229%22%3A%7B%22dsh%22%3A0%2C%22psh%22%3A0%2C%22csh%22%3A100%7D%7D&encryptionVersion=0.0

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.136.107.34.bc.googleusercontent.com

Software

Resource Hash

2eda75107d1cd2a85bb8a545300e34d229fac6c94bd44836727ab6df47b69a9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://mtnvpn.manteghi.sbs/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rtbsspub
xch.media.net/AdExchange/ 1 KB
925 B 18ms
16ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=98776151499263761690670548931&gdpr=1&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=656615527*126%7C300x250%7C8CU66J63J%7C_113610%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.022586723518631002&tscode=1&crid=656615527&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fmtnvpn.manteghi.sbs&https=1&requrl=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=headerBid&cc=DE&ct=NURNBERG&rc=BY&usp_enf=1&usp_status=0&rtusuid=%7B%7D&tmt=250&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&isRefresh=0&taginfo=%7B%22656615527%22%3A%7B%22tid%22%3A%2297249217565278241690670548923%22%2C%22supply_tag_id%22%3A%22ads2-pos-121-1%22%2C%22xps%22%3A1199%2C%22yps%22%3A2053.65625%7D%7D&uids=%7B%22ID5%22%3A%220%22%7D&encryptionVersion=0.0

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.136.107.34.bc.googleusercontent.com

Software

Resource Hash

ca75a282915f303c9e206b1366002cb302302e36cdfd36540500e16cd2fa6c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://mtnvpn.manteghi.sbs/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rtbsspub
xch.media.net/AdExchange/ 2 KB
968 B 19ms
17ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=97796940844020841690670548931&gdpr=1&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=656615527*3012%7C1x1_TNG7O25_1%7C8CU66J63J%7C656615527_8CU66J63J~656615527_8CU66J63J%7C%7C%7C3&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.11493597977091641&tscode=1&crid=656615527&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fmtnvpn.manteghi.sbs&https=1&requrl=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=headerBid&cc=DE&ct=NURNBERG&rc=BY&usp_enf=1&usp_status=0&rtusuid=%7B%7D&tmt=250&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&isRefresh=0&taginfo=%7B%22656615527%22%3A%7B%22tid%22%3A%2297249217565278241690670548923%22%2C%22supply_tag_id%22%3A%22ads2-pos-121-1%22%2C%22xps%22%3A1199%2C%22yps%22%3A2053.65625%7D%7D&uids=%7B%22ID5%22%3A%220%22%7D&encryptionVersion=0.0

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.136.107.34.bc.googleusercontent.com

Software

Resource Hash

34b27861e5b35f31b9c8b01ec9b399038cb12a60cd40a299da8956db07bd6df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://mtnvpn.manteghi.sbs/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rtbsspub
xch.media.net/AdExchange/ 1 KB
921 B 18ms
17ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=54529729403737501690670548932&gdpr=1&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=656615527*126%7C300x250%7C8CU66J63J%7C_113610%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.8750229495422988&tscode=1&crid=656615527&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fmtnvpn.manteghi.sbs&https=1&requrl=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=cache&cc=DE&ct=NURNBERG&rc=BY&usp_enf=1&usp_status=0&rtusuid=%7B%7D&tmt=401&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&isRefresh=0&taginfo=%7B%22656615527%22%3A%7B%22tid%22%3A%2217448919562722841690670548927%22%2C%22supply_tag_id%22%3A%22ads2-pos-121-1%22%2C%22xps%22%3A1199%2C%22yps%22%3A2053.65625%7D%7D&uids=%7B%22ID5%22%3A%220%22%7D&encryptionVersion=0.0

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.136.107.34.bc.googleusercontent.com

Software

Resource Hash

396e7593e0a3f5ae96314e10837c8a03f688df79e7638d12cb18420862fadc92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://mtnvpn.manteghi.sbs/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rtbsspub
xch.media.net/AdExchange/ 2 KB
951 B 18ms
17ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=55059632149579471690670548933&gdpr=1&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=656615527*3012%7C1x1_TNG7O25_1%7C8CU66J63J%7C656615527_8CU66J63J~656615527_8CU66J63J%7C%7C%7C3&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.43150044156218614&tscode=1&crid=656615527&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fmtnvpn.manteghi.sbs&https=1&requrl=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=cache&cc=DE&ct=NURNBERG&rc=BY&usp_enf=1&usp_status=0&rtusuid=%7B%7D&tmt=401&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&isRefresh=0&taginfo=%7B%22656615527%22%3A%7B%22tid%22%3A%2217448919562722841690670548927%22%2C%22supply_tag_id%22%3A%22ads2-pos-121-1%22%2C%22xps%22%3A1199%2C%22yps%22%3A2053.65625%7D%7D&uids=%7B%22ID5%22%3A%220%22%7D&encryptionVersion=0.0

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.136.107.34.bc.googleusercontent.com

Software

Resource Hash

c589c250a374ea04211b73f174ac4e673d238a5f1548f3dda8e6b57f19824747

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://mtnvpn.manteghi.sbs/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:28 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame C81B 49 B
486 B 14ms
13ms Image
image/gif 208.93.169.131
WEBMD-IDC1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?pid=562544&ev=10074224897010768703751213549182056050&rurl=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D96678%26dpuuid%3D%%VGUID%%

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webmd.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-DE
content-type: image/gif;charset=iso-8859-1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-848647674d-6hj5d
expires: -1

GET
H2 200 log
hblg.media.net/ 35 B
191 B 8ms
8ms Image
image/gif 23.212.88.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfk&evtid=relog&itype=HB&tElp=335&adt=desktop&cid=8CU66J63J&ct=NURNBERG&cc=DE&ugd=4&app=0&pht=1200&pid=8PRL4E7N3&dn=mtnvpn.manteghi.sbs&servname=ssp-serving-7586466f54-92gx5&svr=2023072110_141_072810_700_072810_662_ssp&sc=BY&version=4&vh=1200&vw=1600&vsid=&vid=00001690670548708013588915207533&sspAbBucket=CONTROL&lw=1&dapp=green&nob=&bx_dc=sc&itypeid=1&sd=1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=0&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=ID5%3D0&gpp_present=0&gpp_dec_sid%3C%3E=&gpp_sid%3C%3E=&uspca_status=---------&uspco_status=---------&uspct_status=---------&uspnat_status=---------&usput_status=---------&uspva_status=---------&abte=SSP_CLIENT&rtype=&lbr=1&mnkv=&pabte=&pc=1728&ccat=&floc_id=&floc_ver=&gfundl=500&gtd=1&inid=&ngfundl=500&rdl=300&dfpadpath=%2F4312434%2Fconsumer%2Fmednet%2Fhp-conmnet&efp=dgdd&ffp=0&mdk=&mdf=0&rfs=nfetched&rf=&rp=&src=Rules&lper=1&requrl=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&kwrf=

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-88-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:29 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sat, 29 Jul 2023 22:42:29 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1690670549217&se=e30&pu=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&gdpr=1&n3pc=1&n3pct=1&nb=1
https://rp4.liadm.com/j?dtstmp=1690670549217&se=e30&pu=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&gdpr=1&n3pc=1&n3pct=1&nb=1&i6=MmEwMTo0YTA6NWE6OjEx

13 B
422 B

292ms
91ms

XHR
application/json

3.211.211.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1690670549217&se=e30&pu=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&gdpr=1&n3pc=1&n3pct=1&nb=1&i6=MmEwMTo0YTA6NWE6OjEx

Protocol

Server

3.211.211.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-211-211-42.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:29 GMT
x-pixel-event-id: f29c9bf0-16ce-4b1c-aaf5-c4bd4e8102b2
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: f09ee9a2ecac5e7f
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Sat, 29 Jul 2023 22:42:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1690670549217&se=e30&pu=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&gdpr=1&n3pc=1&n3pct=1&nb=1&i6=MmEwMTo0YTA6NWE6OjEx
access-control-allow-origin: https://mtnvpn.manteghi.sbs
request-time: 0
access-control-allow-credentials: true
trace-id: 884db8046a34c964
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 checksync.php Show response
hbx.media.net/ Frame C593 30 KB
10 KB 191ms
190ms Document
text/html 2.18.160.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/checksync.php?cid=8CU66J63J&cs=1&cv=37&hb=1&prvid=440%2C327%2C29%2C461%2C107%2C345%2C3012%2C23%2C3018%2C459%2C3030%2C3%2C126%2C326%2C374%2C338%2C262%2C226%2C351%2C117%2C296%2C455%2C229%2C344%2C97%2C3054%2C3016%2C339%2C79%2C441%2C3003%2C108%2C2043%2C450%2C96%2C54%2C3053%2C77%2C203%2C201%2C246%2C251%2C214%2C3007%2C3017%2C141%2C175%2C337%2C228%2C178%2C208%2C237%2C55%2C172%2C307%2C147&vsSync=1&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0&ckdel=0&gpp=&gpp_sid=

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=mtnvpn.manteghi.sbs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.160.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-160-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

81b597f1f7bb5f384cb7689a636f5be9f77f0a17081437fb9e52c0096fdd0e5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer: https://mtnvpn.manteghi.sbs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 10230
content-type: text/html; charset=UTF-8
date: Sat, 29 Jul 2023 22:42:29 GMT
expires: Mon, 31 Jul 2023 22:42:29 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=86400 ; includeSubDomains max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 75ms
52ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307250102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e82d5e1dd1b7a6dd17a92863261b1941e7cd8c4261984f8240b25c4b7b0f752e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11798
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 766ms
739ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 22:42:30 GMT

GET
H2 200 container.html Show response
193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5684 6 KB
3 KB 9ms
8ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mtnvpn.manteghi.sbs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 22:42:29 GMT
expires: Sun, 28 Jul 2024 22:42:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A5EA 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mtnvpn.manteghi.sbs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 22:42:29 GMT
expires: Sun, 28 Jul 2024 22:42:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E4F8 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mtnvpn.manteghi.sbs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 22:42:29 GMT
expires: Sun, 28 Jul 2024 22:42:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D969 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstG2LXAKzjT7b2A0ks95D8JADAgkq4DE3b_b9e3FjzZn-TLawGTXjnhP7ApeCKNxaYV2yBsj9GiL4UehCwEdrg09Cn5oH6Husb0IQDYTBwv857sggUa-2REFwZVhvBoPGvlb8lnrmZMkqxJaa7WXdQOX2XBcvR0-xy5dIu2U8NNk-sSRfzzuHGVQEyRpaEmlWjJkm5_UM9ZTlKN7HdSQEmP_juMlCR8oRAb7WWIH11IIozgxzWffT38TrXqKRQPUENh5bpKt4fDt4Suzz6UcPreCM-URlaAWYL_TsyPf_7bSCxyFFgz6KTOG47SvRWQqCzOV3admibjEYoqEnrihQeCbwg&sai=AMfl-YSlCVgyufxAqfplVmKbWjSPp64yTOxHVM_in5CW2Y_61Nxn4zePIsV6biDXKez4tfGPIZ8RCFZHBDHkHOP2k8JLay9T3DpkTtSuEdk1c3t2_g3AVYgYXpk5l0odNA&sig=Cg0ArKJSzJzLHmUiY8luEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D969 179 KB
57 KB 63ms
16ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Jul 2023 22:42:29 GMT

GET
H2 200 litype.php Show response
hbx.media.net/ 103 B
287 B 19ms
19ms Script
text/html 2.18.160.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/litype.php?&cid=8CU66J63J&lid=60364634&callback=window.advBidxc.autoRefreshResponseParser

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=mtnvpn.manteghi.sbs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.160.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-160-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f42cf36970aa9f2a275768bcdb6459d0bfb452dc95ef6587d221aedc9199a538

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Sat, 29 Jul 2023 22:42:29 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=10800
content-length: 103
x-mnet-hl2: E
expires: Sun, 30 Jul 2023 01:42:29 GMT

GET
H2 200 litype.php Show response
hbx.media.net/ 103 B
287 B 19ms
19ms Script
text/html 2.18.160.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/litype.php?&cid=8CU66J63J&lid=71329994&callback=window.advBidxc.autoRefreshResponseParser

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=mtnvpn.manteghi.sbs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.160.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-160-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e736384d147e30a565f162e299261009a24bcdfc1c803c7c204318fa4fce1db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Sat, 29 Jul 2023 22:42:29 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=10800
content-length: 103
x-mnet-hl2: E
expires: Sun, 30 Jul 2023 01:42:29 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/ Frame 2C1B 15 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/index.html

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a36e7aa55ea2a2b6276f74bf85b450c46f076c04202d5dfecd601fd76113f56d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 260465
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3774
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 22:21:24 GMT
expires: Thu, 25 Jul 2024 22:21:24 GMT
last-modified: Mon, 27 Sep 2021 11:18:35 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame 5684 23 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Host: 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 22:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85778
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Aug 2023 22:52:51 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EF62 143 B
383 B 41ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2054
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 22:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 5684 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 21:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 21:46:20 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 5684 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54876
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 07:27:53 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/ Frame 761D 258 KB
60 KB 16ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/index.html

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efa3af7dd7edb3496baa2512634744cff6ddb9858b71d4800d066b263776a96b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 24083
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 61029
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 16:01:06 GMT
expires: Sun, 28 Jul 2024 16:01:06 GMT
last-modified: Mon, 24 Jul 2023 16:16:48 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame A5EA 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Host: 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 22:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85778
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Aug 2023 22:52:51 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 40B1 143 B
200 B 12ms
8ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2054
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 22:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame A5EA 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 21:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 21:46:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame A5EA 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54876
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 07:27:53 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/ Frame ABA2 258 KB
60 KB 8ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/index.html

Requested by

Host: mtnvpn.manteghi.sbs
URL: https://mtnvpn.manteghi.sbs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efa3af7dd7edb3496baa2512634744cff6ddb9858b71d4800d066b263776a96b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 24083
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 61029
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 16:01:06 GMT
expires: Sun, 28 Jul 2024 16:01:06 GMT
last-modified: Mon, 24 Jul 2023 16:16:48 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame E4F8 23 KB
9 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Host: 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 22:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85778
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Aug 2023 22:52:51 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2C93 143 B
200 B 8ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2054
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 22:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame E4F8 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 21:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 21:46:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame E4F8 20 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54876
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 07:27:53 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 2C1B 6 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 01:53:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74955
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 30 Jul 2023 01:53:14 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2C1B 34 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 00:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 30 Jul 2023 00:35:38 GMT

GET
H3 200 eb744b3419cc476ea9b42d8622b32fe9.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/ Frame 2C1B 77 KB
19 KB 9ms
8ms Script
application/x-javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/eb744b3419cc476ea9b42d8622b32fe9.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60d7a14752f4c4926b4ffb3d968e050a8ef77534da88ffe139d90f3b28583baf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 29 Jul 2023 09:53:48 GMT
age: 46121
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19914
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 11:18:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 09:53:48 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 761D 6 KB
1 KB 41ms
17ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:regular,500,700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fcd07d21f21002d006e7e9a4797896bb12f00ea503ccbfed143527826c61694e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 29 Jul 2023 22:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 29 Jul 2023 22:42:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 29 Jul 2023 22:42:29 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 761D 16 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 14:28:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 30 Jul 2023 14:28:22 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 761D 34 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 00:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 30 Jul 2023 00:35:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame ABA2 6 KB
752 B 28ms
18ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:regular,500,700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fcd07d21f21002d006e7e9a4797896bb12f00ea503ccbfed143527826c61694e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 29 Jul 2023 22:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 29 Jul 2023 22:42:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 29 Jul 2023 22:42:29 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame ABA2 16 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 14:28:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 30 Jul 2023 14:28:22 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame ABA2 34 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 00:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 30 Jul 2023 00:35:38 GMT

GET
DATA 200
OK truncated
/ Frame D969 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce64daa9c35e6f165851e520fb4bfa6d7d9c517b3c2ae801f656baa51c6e84e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D969 0
0 43ms
43ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOKsdyzWgnTKpl7Ejhg5Ul2oNsnimnxSfNxAmp09pjX9oqbyZz78oaeQjDu45YxQNOOJ5Nubnr3BjOCzC4mYbEgp3uD7WozszG4DNXgEivlcDbwovov2e1-sJ7dwbpno_rtsinDR7w1Bk-SCWBxB8HXDb26KR0ckvjsRRcp5H__rh3xmGNHzH-u6bCxrjoD8_SdDyKkFQo5PUXsiFq8kfJBRUZP-wa1bA0uxFIj75CEb_F9A3oGrcZK7fQkWcHiNRDy1yn2qKY7KJ3wg3xX_2N54PDk9HQNjzoRSbVTUYIWlNPNQaYROK_a8TgmvWfEHCvw2OYyLCmPWsQ8JSJEkzQcDpEgQ&sai=AMfl-YT4yg0cmyUZdw9qxNXNK2Wcm9a_0SJeE5yt8JpLw6NRv3H974Z2NPqz_Ms_wY7wmOiS0gdGbA8j9i7KAet11bg6UV4Fjd7HPqc6S-9oFtvrGxM1YUz740EeRP24aw&sig=Cg0ArKJSzLgrnahh1IxZEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 29 Jul 2023 22:42:29 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EF62
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

21ms
21ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 22:42:30 GMT
expires: Sat, 29 Jul 2023 22:42:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 22:42:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 40B1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

24ms
22ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 22:42:30 GMT
expires: Sat, 29 Jul 2023 22:42:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 22:42:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5684 0
0 36ms
16ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS2FinSUhYwJxCbo-b-D4HA7dpSDQRpoKeNo10hx0ZlFOKarSRgm-TmjTA7gjw-89N5reovNTjM4uC6Tg2wFjPQrR4a_w
Requested by: Host: 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5684 179 KB
56 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Jul 2023 22:42:29 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2C93
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

35ms
33ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 22:42:30 GMT
expires: Sat, 29 Jul 2023 22:42:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 22:42:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 l
www.google.com/ads/measurement/ Frame A5EA 0
0 29ms
17ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTz0dGk-n8msA-D4Be8E4k2-i7OY7j6o8Tq_rJbiQe82bGOlhWBiSXIyQR3C4m0REZQKkbUzVzLY-Gcnnbq-JMy2qxDUA
Requested by: Host: 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A5EA 179 KB
56 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Jul 2023 22:42:29 GMT

GET
DATA 200
OK truncated
/ Frame 5684 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2910cb261a1afe5c6c197c3a215cdc3ca2b8a2c7bec027f436b65346b2b77435

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A5EA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f6902d4323c3bb34b65ea222cf9b240270a8890cd5184a26c93c246fd8ce7da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 l
www.google.com/ads/measurement/ Frame E4F8 0
0 22ms
17ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT8Oad9ehNC0tjQg9KUJxJO3Ok3S6GQd7f1gGs_pNyFidSyPJtBmvR5H9fuG9wPRhJ_ghIeNJ9LupFFMqX6sQKKteaCgA
Requested by: Host: 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E4F8 179 KB
56 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Jul 2023 22:42:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 761D 15 KB
16 KB 40ms
8ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 153338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 04:06:52 GMT

GET
DATA 200
OK truncated
/ Frame E4F8 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41d6d69cf4644124110e13fda89e040e975b3ae6779420a3fb1f3ef78a2aa4ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ABA2 15 KB
15 KB 29ms
12ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 153338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 04:06:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2C1B 2 KB
597 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/eb744b3419cc476ea9b42d8622b32fe9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

210af7500353d54adfbe6dc9d5f648442206b8f4a09333d0cb044dad47c86b15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 29 Jul 2023 22:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 29 Jul 2023 22:14:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 29 Jul 2023 22:42:30 GMT

GET
H3 200 379279448bbf543bf8c2fa86903fc46c.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/media/ Frame 2C1B 2 KB
2 KB 10ms
10ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/media/379279448bbf543bf8c2fa86903fc46c.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a887bd6a183741869dc302c6e1d566de475fb84f3922ddb11c98907b2e9aab5b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 29 Jul 2023 22:05:41 GMT
x-content-type-options: nosniff
age: 2209
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2504
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 11:18:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 22:05:41 GMT

GET
H3 200 58d2f59d68376a687d7855a81096d208.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/media/ Frame 2C1B 3 KB
3 KB 11ms
11ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/media/58d2f59d68376a687d7855a81096d208.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37d00f3270cb5aed8b837e97a0bb184eeb9b8d3e65a34b253175997812ccf920

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 26 Jul 2023 22:21:25 GMT
x-content-type-options: nosniff
age: 260465
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2856
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 11:18:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 25 Jul 2024 22:21:25 GMT

GET
H3 200 e1c46deefe10079210da2397809a8aeb.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/media/ Frame 2C1B 2 KB
2 KB 12ms
11ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/media/e1c46deefe10079210da2397809a8aeb.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f86337f9fd7492cb54286f53a35d91d0f8642f81d205ae70afad69241f607802

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 29 Jul 2023 09:53:48 GMT
x-content-type-options: nosniff
age: 46122
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2489
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 11:18:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 09:53:48 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ Frame 2C1B 29 KB
29 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 04:09:19 GMT
x-content-type-options: nosniff
age: 66791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 04:09:19 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E4F8 0
0 52ms
52ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CA4Ip1ZXFZOsWvb327w-5hZ6ABZ2uqfZx18Op-8ARZBABIODVySlglfrwgYwHoAGjisfSA8gBCakCRWIt1t82gT7gAgCoAwHIA0iqBPIBT9ANTmUimHP6jUMDJ13PIYDJQANGYBpKm0MMk-O5aBkEED8ULeB2ZOymGEMVVF577SFf3HrALLtJrmn9c6in_5mqDDan4limCfVjx8lJbkZZxkgqF8QFPmQ3HTce7MFzj8_w5oAykBNGRXwn8JpkiFPc9S9aKa17m70tCX3rdD5Pad_z8Wi34-_alJbVeTV-EvmggJ9DR_4qEc3QDYQm_kD18qSw_oQclUVehhSJwilKVcqLmfwC78CP7ebSYO77inldRUAD_KdVeQ7-EyR2R2kl_uPpHVKKBFibVL5LFM-PtJINzr9DEukRqAUmiuiPHjLABKHdiOCsBOAEAZIFBAgEGAGSBQQIBRgEoAYugAfF9bgtqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ5aQL0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAdgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi02OTUxNDk2MzY1NDU0NDkzGNqEEg&sigh=s_pFcr6MqAA&uach_m=[UACH]&cid=CAQSOwBpAlJW2i80wdgRMPWHkMqeYvt0on3EVCOWSe-QLjbntMDRJaUrttFs8b7vhGJNZsGGCTTE8bQXINTNGAE&template_id=419&cbvp=2&vis=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A5EA 0
0 49ms
48ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-HAu1ZXFZOoWvb327w-5hZ6ABZ2uqfZx18Op-8ARZBABIODVySlglfrwgYwHoAGjisfSA8gBCakCRWIt1t82gT7gAgCoAwHIA0iqBPIBT9D28ppIKrn92oNDXGa3dzwX8UQmtIh8LeL_T526Eao7kcEpU3tSALAMcvnA77Vf5jjrgoHVl1ntjU0379uF93qJdgyoCnR9dui6tGPZ0B_47XZJQgzbJeq_1Ad6jrA2fWJGOLblDihzcJDWANS1ndypb00kkd0LiZuXcoS8E3pQr-z1KuQHqMYh6qZGikv9FXuYPtQMin1H4zqx95NHoMxR-o8gGNlBH_0zw2FMdCFiJ2eJKxVFe8GeFX4pAUdy1FNAaByvd5dZFLRRgMEp9tX0EHMJOY8b4aUbwRuQWKwcTlj9PJZcYjfAXlpKgtvZXW7ABKHdiOCsBOAEAZIFBAgEGAGSBQQIBRgEoAYugAfF9bgtqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQv74S0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAdgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi02OTUxNDk2MzY1NDU0NDkzGNqEEg&sigh=HzrnGFj6c1w&uach_m=[UACH]&cid=CAQSOwBpAlJW2i80wdgRMPWHkMqeYvt0on3EVCOWSe-QLjbntMDRJaUrttFs8b7vhGJNZsGGCTTE8bQXINTNGAE&template_id=419&cbvp=2&vis=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5684 0
0 51ms
50ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CLrgK1ZXFZOkWvb327w-5hZ6ABdDP9PNowKj9qOYOqp25j8UkEAEg4NXJKWCV-vCBjAegAe-NhbgByAEJqQLjpbV8LtaDPuACAKgDAcgDSKoE-QFP0LZFE368Z8SFxNoOWw6l6ULQP8DzrPWlZf_aKFwE9NPsw-a-e-rTu5LUegG1voSLg_NWVbXLhTXfTgcs0EB_U9l-vrJ7tM5eDCSKy6DJ6HR5qEdtXvQ8l0f41XlvqGsQXoj3kaB5oROvxZWciLNg8AcFUpMrCRjLLRZFnMkcLAh0SHrbfnvDvO4wxmt8EHdCIEI-JvrHIpP-zMo6KDvrUYqQAO3xyky7y7K2Il-v1pPQak7Qsc2-_C8-i45fVfoqXVPvTJpp3T2n3SbMDgLPQZeFt9XQ2dEaXCIw8nE_9IRzXhBfs1oY_c_-mYh08041cTMGiUyE-qrABNeI6-vEA-AEAZIFBAgEGAGSBQQIBRgEoAYugAf58frHAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENyKFdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYEwLQFQGAFwGyFx4KHAgAEhRwdWItNjk1MTQ5NjM2NTQ1NDQ5MxjahBI&sigh=k5nZTTc4oGI&uach_m=[UACH]&cid=CAQSOwBpAlJW2i80wdgRMPWHkMqeYvt0on3EVCOWSe-QLjbntMDRJaUrttFs8b7vhGJNZsGGCTTE8bQXINTNGAE&template_id=419&cbvp=2&vis=1
Requested by: Host: 193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 761D 37 KB
14 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 04:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 04:01:15 GMT

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame ABA2 37 KB
14 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 04:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 04:01:15 GMT

GET
H3 200 02.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/ Frame 761D 39 KB
39 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/02.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b33593e3ecba9a93f5693466674a5e7f7a1847dac2e0e7ded1125e398d7121d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 28 Jul 2023 07:42:18 GMT
x-content-type-options: nosniff
age: 140412
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39713
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 16:16:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jul 2024 07:42:18 GMT

GET
H3 200 03.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/ Frame 761D 28 KB
28 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/03.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d205cfa540ba3114cac4bc34d14fb0815ad3e3bc6f1210b840512b29e76fd4de

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 29 Jul 2023 16:32:20 GMT
x-content-type-options: nosniff
age: 22210
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28599
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 16:16:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 16:32:20 GMT

GET
H3 200 04.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/ Frame 761D 8 KB
8 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/04.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6442e669fe9bfa461c395b04ab3eaf1b8a78cd121c59c688f062d374992cd2ce

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 29 Jul 2023 21:31:28 GMT
x-content-type-options: nosniff
age: 4262
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8352
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 16:16:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 21:31:28 GMT

GET
H3 200 05.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/ Frame 761D 17 KB
17 KB 13ms
12ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14515170120703914388/05.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c271abdbeeabd161accaa013ce45202e310a77480ddc56b622fc11501c83552

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 29 Jul 2023 06:33:33 GMT
x-content-type-options: nosniff
age: 58137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16911
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 16:16:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 06:33:33 GMT

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C1B 37 KB
14 KB 25ms
12ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 04:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 04:01:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 03A7 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mtnvpn.manteghi.sbs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1755
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 22:13:15 GMT
expires: Sun, 28 Jul 2024 22:13:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 06E7 783 B
971 B 18ms
17ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c8bdaa58ecd752d03b788589137ecbf5f5ab0d5f46b3fff927511b20867f7fce

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-x4WdVSjfcSa7qjrZXgJV5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mtnvpn.manteghi.sbs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-x4WdVSjfcSa7qjrZXgJV5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 22:42:30 GMT
expires: Sat, 29 Jul 2023 22:42:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 03A7 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 04:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 04:01:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 06E7 0
0 39ms
39ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307250102&jk=177882169733893&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 03A7 0
12 B 7ms
7ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ekadxQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:42:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307250102&jk=177882169733893&bg=!wMOlw5fNAAZGOVy5Zjk7ADkAdvg8WkE84Q-P_LLb-o7goFMffx7hNyUXLI-A3eYpNFAOZrrXZS5SQ4C-ZeOgo-Yo_8-7wYvimpcCAAAAVlIAAAAKaAEHCgASh9t7MUml4j0KdORzcaaRvKAlmQKoQJPyGrYvgyaAZztLr5y7fcdisVrVvcJRrwj6-jrmAwuSzPGdCsZ4xrr43pupz8AzPsqNmuQmphmwDrJjC2p-cWVTvkoQp9fy4c5K-vX3Zt9r9qX0hbXKf113NITq4ZtnFg2qQ7OEqG7rmPr9396Opeo9RkHIOpDLJiNoZcH3ABFR9GZXYzbjGU2pT_JUKZ3E5z2XeH96i2ror5sr3DRmb-GeUt_On8Ao_Q0J2-AXCWP3xCNI4_qLGm7-u3U2DnV7vJtbOl6LQsnCWy92rYEJBeW-CFhCTqXrhnVd1TRmIMGMYJYF_FLxbSzMBXxgKxKJlaUoHjAxQIgPZpWPss02BpOMYv-dmMnse5FLgWpEi91Ck7UrUB-Bs5iRy4DnjB02S7fThVtKB-8kCpN9CXjlFFW3Tplsz9fVeZYsVe_NLXGfmQnMa1w6RTlNrUlLlwEy6K0ksYzXewKdWhZmYrzSSxYyDYhook2Ffa3xgAGx_urpIVYE8Nlo25kT8udVC-Fcrh01Y5jjfuZYSMfKUa0NUBXNzfYEFwcJSfwdwzy_eQaI2t8IE1mZBECDy-WzcUCmzeTg35mWNguEKUjD_satb5HcZpqqAwjU3cYQxrKq--M6n-BF2ZgDVRnQjIOGwt_J2oH5Q_p8_VZ4fRp7Fu6CKUgXMeAn8QFXwLnGB3N-PhMNWmZkNJvHpRfdyhyE7PlSTp_XaGToEbur4Se9YycKIRQsu_81HzLk8Ulnk4gH2trIEdBTFXU2uLI2PcumRBQEmxBLwHA3uVvRDZ6GFXmmyC4bBYhurT0OlL8zQOqrpnXS1XoiAK0re18-pbJBN7iyEpOvYNrJu8h5-51S-9Q3FSi4Xey4ZE02b8zmtcZLAyQ0z527RDDrc1KLREMkGQWKtuTYqm27hYo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5684 42 B
174 B 51ms
50ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGQ2Z16YiR0wpciOGMasdztmcRNBb2eaKgr9o83QeZpFyFlRvBLhDgGTIbEJwkuKa_HASddvUzBOyarK9MLx3ADIMJ7Qx-pZ1aecbR4kNCUZrImUVz7B4igOy1va4O6RCZwBQ6rpm4YB1uHciIm2LOKN1WMnr8uA8ATtHGKTY&sai=AMfl-YTHyrunjkYHukBTkVyNDmngpPwMBYa8Bsp5UqN5IVhe2bdw14Asw5EUNNV5KKX_KN0KRPgN8knRkVOrJd5LWMYg9qjN6D1T6ysg386aX6qXZA9M1ke-k10nDAo&sig=Cg0ArKJSzMyMSIcCZhbSEAE&cid=CAQSOwBpAlJW2i80wdgRMPWHkMqeYvt0on3EVCOWSe-QLjbntMDRJaUrttFs8b7vhGJNZsGGCTTE8bQXINTNGAE&id=lidar2&mcvt=1000&p=81,436,171,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3204028643&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690670549703&rpt=406&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A5EA 42 B
108 B 52ms
52ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMpdakpj3Ulecsn91cwCDKpqfsllsPFuup5MR-kvTqJqXJXTCsxXG3zve3XVh_QvtmoqdFLGBf1VBB_F2yFfuzjR1Bh8wIUOxW-eQTm9lOT5Z6bcosuEP0uKYRQAAjefBKD9b6--D-llY2dRm2i99hxtlOxIXCjzjRYtJV4RY&sai=AMfl-YRGFPVXaYEevbN1PKXYM7KHVGlkxqjkwQ6VKlYxQyUDjW2hV0QgeVZAh3awXpRJfYqoqh2obOQYN8kxnQ1DfYuVvxnqiyIbIV1GRYGKrySRiDd1SFa_xCbxfpM&sig=Cg0ArKJSzOA-R1VbCsz9EAE&cid=CAQSOwBpAlJW2i80wdgRMPWHkMqeYvt0on3EVCOWSe-QLjbntMDRJaUrttFs8b7vhGJNZsGGCTTE8bQXINTNGAE&id=lidar2&mcvt=1002&p=717,1049,967,1349&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1778419798&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690670549712&rpt=377&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4ZNGPR9ZQ0&gtm=45je37q0&_p=1811736487&cid=17985928.1690670548&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&uid=&sid=1690670548&sct=1&seg=0&dl=https%3A%2F%2Fmtnvpn.manteghi.sbs%2F&dt=MedicineNet%20-%20Health%20and%20Medical%20Information%20Produced%20by%20Doctors&en=TTFB&_ee=1&ep.optimize_id=&ep.anonymize_ip=false&ep.channel_health=medicinenet&ep.effective_connection_type=4g&ep.page_type=nav%20-%20home%20page&epn.value=632.3999977111816&ep.metric_id=v3-1690670548080-2551672951159&epn.metric_value=632.3999977111816&epn.metric_delta=632.3999977111816&ep.metric_rating=good&ep.debug_target=&ep.debug_event=&ep.debug_timing=&ep.event_time=&_et=1245
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4ZNGPR9ZQ0&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mtnvpn.manteghi.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 22:42:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mtnvpn.manteghi.sbs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

620 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-20 17:57:02	Name: demdex Value: 10074224897010768703751213549182056050
.medscape.com/	1969-12-31 23:59:59	Name: __cfruid Value: 24e6c396c65420c982e18c51e5eac6ce703e9bf6-1690670547
.manteghi.sbs/	1969-12-31 23:59:59	Name: AMCVS_16AD4362526701720A490D45%40AdobeOrg Value: 1
.manteghi.sbs/	1969-12-31 23:59:59	Name: ui Value: {%22vtime%22:28177842%2C%22expmatch%22:1}
.manteghi.sbs/	1969-12-31 23:59:59	Name: _ga Value: GA1.1.17985928.1690670548
.manteghi.sbs/	1969-12-31 23:59:59	Name: s_cc Value: true
.manteghi.sbs/	1970-01-20 23:13:50	Name: AMCV_16AD4362526701720A490D45%40AdobeOrg Value: 359503849%7CMCIDTS%7C19568%7CMCMID%7C09869703143843397293767126905032297189%7CMCAAMLH-1691275347%7C6%7CMCAAMB-1691275347%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1690677748s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.0.1
.manteghi.sbs/	1970-01-20 13:37:50	Name: lotame_domain_check Value: manteghi.sbs
.mtnvpn.manteghi.sbs/	1970-01-20 14:21:02	Name: aam_uuid Value: 10074224897010768703751213549182056050
.manteghi.sbs/	1969-12-31 23:59:59	Name: fpci Value: {%22iafValue%22:1%2C%22url%22:%22mtnvpn.manteghi.sbs%2F%22}
.manteghi.sbs/	1970-01-20 14:21:02	Name: ck_consent Value: true
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 1568f4b222297ef9
.adnxs.com/	1970-01-20 15:47:26	Name: uuid2 Value: 3719324157027877170
.dpm.demdex.net/	1970-01-20 17:57:02	Name: dpm Value: 10074224897010768703751213549182056050
.doubleclick.net/	1970-01-20 22:59:26	Name: IDE Value: AHWqTUkChJNQRO1DUKNjpjsP1-zri80HWj6UudV0cZda9vM9DdtEBlp5TG-cHGBbe-E
mtnvpn.manteghi.sbs/	1969-12-31 23:59:59	Name: mnet_session_depth Value: 1%7C1690670548709
ibclick.stream/	1970-01-20 23:13:50	Name: _ibp Value: 0:lkollcfx:afcfabb2-bf99-445e-a461-ecd80daa917b
ibclick.stream/	1969-12-31 23:59:59	Name: _ibs Value: 0:lkollcfy:0079b4a7-1c0b-4dd5-9918-54a44100ece7
mtnvpn.manteghi.sbs/	1970-01-20 23:13:50	Name: _ibp Value: 0:lkollcfx:afcfabb2-bf99-445e-a461-ecd80daa917b
mtnvpn.manteghi.sbs/	1970-01-20 13:37:52	Name: _ibs Value: 0:lkollcfy:0079b4a7-1c0b-4dd5-9918-54a44100ece7
.turn.com/	1970-01-20 17:57:02	Name: uid Value: 3659833090276633865
.criteo.com/	1970-01-20 22:59:26	Name: uid Value: 518ea5b2-1aa8-406a-ab8a-201741e16f0e
.demdex.net/	1970-01-20 17:57:02	Name: dextp Value: 269-1-1690670548187\|358-1-1690670548299\|470-1-1690670548400\|477-1-1690670548501\|771-1-1690670548602\|28645-1-1690670548764\|285689-1-1690670548864\|96678-1-1690670548982
.manteghi.sbs/	1969-12-31 23:59:59	Name: _ga_4ZNGPR9ZQ0 Value: GS1.1.1690670548.1.0.1690670549.0.0.0
.manteghi.sbs/	1970-01-20 22:59:26	Name: __gads Value: ID=0a9d479c4bf3498c:T=1690670548:RT=1690670548:S=ALNI_MYjPOqWT7R7iUWBfaxg8x9KuDD2gQ
.manteghi.sbs/	1970-01-20 22:59:26	Name: __gpi Value: UID=00000c4921544198:T=1690670548:RT=1690670548:S=ALNI_MYWxeOQCBvLPCuvMvwQwvi50GEU0Q
.doubleclick.net/	1970-01-20 13:37:54	Name: DSID Value: NO_DATA

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dyv1bugovvq1g.cloudfront.net/25/mtnvpn.manteghi.sbs/.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/365868.gif?partner_uid=10074224897010768703751213549182056050 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://thrtle.com/insync?vxii_pid=10015&vxii_pdid= Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/2153815233448623277/index.html".
security	error	URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/14515170120703914388/index.html".
security	error	URL: https://193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/14515170120703914388/index.html".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

193f47675a465867ad45d168e05a4faf.safeframe.googlesyndication.com
aax.amazon-adsystem.com
assets.adobedtm.com
bcp.crwdcntrl.net
bh.contextweb.com
bi.medscape.com
c.amazon-adsystem.com
cdn.id5-sync.com
choices.truste.com
cm.g.doubleclick.net
contextual.media.net
d.turn.com
d15kdpgjg3unno.cloudfront.net
dpm.demdex.net
dyv1bugovvq1g.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
googleads.g.doubleclick.net
gum.criteo.com
hb-pb.media.net
hblg.media.net
hbx.media.net
ib.adnxs.com
ibclick.stream
id.crwdcntrl.net
id5-sync.com
idsync.rlcdn.com
idx.liadm.com
images.medicinenet.com
img.lb.wbmdstatic.com
img.webmd.com
lb.eu-1-id5-sync.com
mtnvpn.manteghi.sbs
pagead2.googlesyndication.com
preferences.trustarc.com
privacy-policy.truste.com
pub.doubleverify.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
sqs.us-east-1.amazonaws.com
ssl.o.webmd.com
sync.mathtag.com
tag.tapad.com
tags.crwdcntrl.net
thrtle.com
tpc.googlesyndication.com
unpkg.com
vtrk.doubleverify.com
webmd.demdex.net
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.medicinenet.com
xch.media.net
104.18.22.143
104.18.25.47
104.18.29.163
108.138.9.235
13.225.34.75
13.32.99.90
141.95.98.64
142.250.186.98
162.19.138.120
18.203.192.232
184.30.20.22
184.30.211.26
185.29.134.248
185.89.210.90
2.18.160.23
2001:4860:4802:34::36
208.93.169.131
216.46.185.182
23.212.88.20
2600:1f18:730:b140:231f:659f:da19:e372
2600:9000:223e:b200:5:82fd:2500:21
2600:9000:2490:3600:11:b309:9100:21
2606:4700:10::6816:3456
2606:4700::6810:7caf
2606:4700::6812:1892
2606:4700::6812:a6e0
2606:4700:e4::ac40:a60e
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200a
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a02:2638:3::c
2a02:26f0:3500:587::1e80
3.211.211.42
3.236.169.45
3.90.170.4
34.107.136.65
34.107.148.139
34.203.102.88
35.186.225.155
35.244.174.68
45.61.128.84
46.228.164.13
52.208.156.123
52.222.174.20
52.222.208.154
52.30.115.249
54.154.176.164
54.236.245.174
63.140.62.160
65.9.66.68
005971eef42ed18ced28da5f6927c8ad54afff2db0b7f466f60967ba5b7c7b7a
040c18c351dd90463882fc9bd555c07cc7927e009cda2f0ee1ee5449fc8bc431
06446a8d69b393418762bca400c3b3ccfbcb9457fd14a80c001df6898fb6b29f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
087c9ce9e2ec669ba219190df0e515ca9c68f10a54ff3be38d422ad4a1f891c2
0d1ddb3debd31758b3e28d6189217bd3b486dec94c91226a5efc3c8d29cc20f3
0df681aa7908b78db3c17ed6fe6eca2c7c5c55a6069b7451f6878ad1cfe34b9b
0efe9841dac8a9864773d65f66b597f22a55ef389cca35d7427e6186abacd17c
11b1f3c5468d513f72b1bf888bc7a9a1d9cb163edc92242a55393222edc1cc67
140178e9c4ab8e5d4f63b1aac4aad9f8040a43cf6c3180bc356a826dede271ed
143aa6b7ce549df7f19fdc554f9102e7a050d91fbb5da46a64c242564145ce1d
1524b0cce77260957bf738c24ca7f7936fb3e4e79e61cf12555a5166c693931f
16d0d4bd7f0eb05ce6a30085c43c2848426f2edc0121a9051555ffa1083b815b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cde23cecb5090e7630d8651ff2319f441ab1e17b30bae85dbf581be9359d963
1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394
1e35a35135b7da45668f65e5c07d7a0a2ad304de273108620a6734666a10954b
1fbf6fa3fff96218a1a50d01ccc888baa775359cae22ffe4f0550215f2368a49
210af7500353d54adfbe6dc9d5f648442206b8f4a09333d0cb044dad47c86b15
24f12a1fc86725ff1aac601658a713f59b5a7974ac55e2cfc4d1ba886688d158
25ba951aee774d9eb8a743eed9f6f49e8d53c4d3e535730834c3e4488c3adeeb
2910cb261a1afe5c6c197c3a215cdc3ca2b8a2c7bec027f436b65346b2b77435
2b231bb9936cb870040854c4d03f385f5e09d4e955ac5ec5a530d312d2489383
2b33593e3ecba9a93f5693466674a5e7f7a1847dac2e0e7ded1125e398d7121d
2eda75107d1cd2a85bb8a545300e34d229fac6c94bd44836727ab6df47b69a9a
2ef2ece21f475de6f5c37d46d65f0728c72178eb9077103cd6b390c462c70d7f
30eff3eabb5d4516b8618df09600e3e50eb80f63d85ea99ee4e0264cc35c70e7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33a0f5570d9038817c265104501ce5b24c514fae1f15a531e30d63a876ef0b57
34b27861e5b35f31b9c8b01ec9b399038cb12a60cd40a299da8956db07bd6df8
37d00f3270cb5aed8b837e97a0bb184eeb9b8d3e65a34b253175997812ccf920
382057985793df57911aa24af72f312c8ab2fb0156f8876b8c7582f1e2a8be2a
3886be348a4dcaf2d46fedd1d8deca9586443b7d8ed374fc83bdbccc0e4e7f0c
396e7593e0a3f5ae96314e10837c8a03f688df79e7638d12cb18420862fadc92
3c43985be26e000897fe43ffcfea945dfa23d744be4bae8e25c7fb8886b7c80f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4012fdcbe9804fb76be489414b5d7fa6fc0a492ac676d9105b41e1dc73208395
41d6d69cf4644124110e13fda89e040e975b3ae6779420a3fb1f3ef78a2aa4ed
434f1ae7ade44ef059eced73987eb4da78c761e47209f3e2ed6da342dd624ace
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
46328715308aa1b948f5cd958386386cbb1e232408a6058b014a8748b20f0272
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46feb8c74326b4a196a1bfd7275019266f432cbf74bdd87218ecb2c7a860b41d
48436ef8e276651889c3bb1e25e6b28e8810c97ca36a922d5421c4d5e8a12336
4946de81ac04f51f918c1fa10b61702758a1c468b8eec4b1620f8b23ee927de9
4b2e3b178f96530a451d784d5fb7176397fdef2dcc424815268bbd42cb394a34
4b5364c8d9064ed57dac93f6a75547b1039ba7f1a00a61bbf8a16d6445acdcbc
4b8271a7147141530b4450016f74d728419e6cea808360acdf2c25ce1ab6cf96
4c4b3335fec06249cb897dfc4f94356e75cc67cb700b3520b06c8964147172ec
511b6b281e846aa9ddb481bc88592b025b999d11a448f4f4c1d57c5743482d29
52a4b5d01535c85b3476dec31ef7c8c9e09b56a1491e85e42fd297822057a757
536b9452a4231f59ddd75c8112631ab37278926aaf6283c3f2124cf5598e3364
54bb1d4e52591841b123bb3a40751c12a89b70ca7a1d5b1aafc0ffcaef8aff3b
554a520840f39c114b5eadc53a2652d612362511245bbd2eaf6a264eaf8bdd7b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d6f6c68f6364e3777349d5b9ba0b4f6a402121b5e9e5cc95c6b498cece57d7
582b621e5e5f364cb5f47882ee5d6b41e109b2f58aaadbd0ff377d1f2a75c1f2
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
5c829ca2f307512df70d12a3959e6235e9e807e7be94cc7c014839c5ce89724a
5e8310e062dcb148ae0cbae2f1ae8692347635c885ef9bf4c0aa6396be2b0f1c
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60d7a14752f4c4926b4ffb3d968e050a8ef77534da88ffe139d90f3b28583baf
619dc4f4ff3223e7507884f55e258b12a2c78a71b53b626cf03b4a1d56b93753
61bf9e19a328424ee2d5a2124881867766fae13cdc2822336d87525822ec9349
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6399b80ebb1d2f827cc55aa7862d581b88d8bbd2f4486144d502d9b6ca67f8f6
6442e669fe9bfa461c395b04ab3eaf1b8a78cd121c59c688f062d374992cd2ce
68212fce0695654392fc9432c16a15344f45f5c619a224589abe1a4447f32260
687231f280d2be782d06e177132b6ffa0eae823d3d8a28d02fdbdec2462b79f3
6895702472607ca89d62cb271ae7aecbbe99b25364c8e43c61ecf19c87a0a69e
6c271abdbeeabd161accaa013ce45202e310a77480ddc56b622fc11501c83552
6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
6f6902d4323c3bb34b65ea222cf9b240270a8890cd5184a26c93c246fd8ce7da
747ea4c652ca1d64a542b3d2941278dfe43c3fc2781809da59da64d080a1e5da
779d40dc27c6bca2c1a47e7f6f840c833826c5c5ee068353e0243848c800dcea
7888cbddb95b3cf089fcfb259c7403ec662ecaad6aed2f72f9c803f6181f079a
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7bb8012bf5e0d0a8e96b7dfb41878d1db0f4534d67fe946c19ff1c4cc1d8fdbf
7bbd9f93baf0cff22e3237136723fac85798b62626f0a85f5f1f11becab43387
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7cfe45b2a3110bafb254c16ad4b79aa39bd74a1a024f6d4e8352419d1190ea66
7e4912f5863335257c5f7d3e6114f013c3038c3c086b619af2094eb519f7192d
811cc1d369041d0ee6972afba4dd7cad4235d94e77df5c0f6adb5a3418ebbfe0
81b597f1f7bb5f384cb7689a636f5be9f77f0a17081437fb9e52c0096fdd0e5e
8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
872ffa9dc91dfe681b9be82cbb41cbcdc0985e77ab27e1583e38d84e1543cb74
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8c4f0f13dbcfc18b510da50f898782fa7c51c319c8a730efc62f23933dc47c39
8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3
93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19
9344b6a4db3db16dee581361244125a03a353c2ed0f5f701d83dc2be552d07c4
949c02893cb5bf4abd453594780de07965ef445ecd3f75c32fc4884d37c3c793
95f582f0fd0f939640936985e453a62d34b90c3a43f249deb67e274425cad7ef
964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00
9e4aaa6453e6afc534f8302beaa6bb6ded43e779df73794cd9524ef2b86141b1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a10ea5e3f0a6324532c6ae655b245a5ddecfb09a8950bac9d3504a7cbc6c616e
a1291da2df487c8aeaab99d353a8589450350cb8eae920050b631fa12a657e51
a36e7aa55ea2a2b6276f74bf85b450c46f076c04202d5dfecd601fd76113f56d
a5e9fab5977a7435b8e12be49dfd8fc8138b893ec391c5fcdca3337b2312d62b
a887bd6a183741869dc302c6e1d566de475fb84f3922ddb11c98907b2e9aab5b
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
ac6c61aa3ae3267a74098dadccaa07708549547d62b0cffafcd996a56b8d0234
aef90d16f18d651189e5e06a6527be600cce4624d0fb511dd1a1be5e763dcf2a
b0c8c93588f3261264dda9471d418f14f77de20d7f0a0adc7465916e56481317
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe7c6577bff6d5383b75cf97f955f55abfb1010e199cc162fdf910142f2932
b34ad8dba5186a072afd2e7e2c898cf4e01ca24c40331943d9fcbb23e7d4310f
b6fcf1185bec4759bd8ba9d65640e7959419a313689609647a56c57fdc6dda2e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcd09f17192ada82dfaffc0a43b96bc8610235d82f9b78f1167dabfb25621a13
bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19
bda5fa0768264ad5e05a326ebbffc8fb23e9ea9848ae089b5910eeecf50e95ac
becccc232a2bd5a36e1022f333de7fc8465316f8c9134642798d6b158454c376
c2278c66d4501d2970da61dbe466d04f7c627dcd2e94e56ca1ec866e2edad0a1
c2a9c1dec1a24dd650f7b3b74a5c8ab1f6b68b653deef124accbde1c8a24abf0
c2edebe379a16a0a46f38b1eeb32b586a1815e8c84dd5b5a62406f6f9491f472
c4f411b248326b4c6e63f1cdac354583074082818d8c87c78b10e9a8f6b13e21
c589c250a374ea04211b73f174ac4e673d238a5f1548f3dda8e6b57f19824747
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120
c8bdaa58ecd752d03b788589137ecbf5f5ab0d5f46b3fff927511b20867f7fce
ca75a282915f303c9e206b1366002cb302302e36cdfd36540500e16cd2fa6c87
cb1269a058c6a1530211e75577e92a8be2892ce779b9ad586d973d45c51f013f
ccc39d220a4815928117c745db1499b2d9ab191bc39e03356c7c4ed472f5e151
ce64daa9c35e6f165851e520fb4bfa6d7d9c517b3c2ae801f656baa51c6e84e8
cf03674a093c48b9f0e737be741f9cda1b286a22efeb97d56521cd4996c8ac39
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d205cfa540ba3114cac4bc34d14fb0815ad3e3bc6f1210b840512b29e76fd4de
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d3a635b296f84799cec206de15131424144bbd21ae9257ec0d72c7670c201079
d55691c63c3babafb37b6eefc591ee84a146c0b0000d73d1b6b6c47eff62f4e2
da6e070330c6a22168e30d49baf8e469dcc8a534a49f73bfd352ac98c4d8ff71
e15a157a9f76839353d5f68431ff2ade849e9a2fd2d937af0365aa2ab17dcac7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45655ab0b75b72d4fcc3b9c1287c85bcef6ffcd3bec70fd0d611e74e235cc2e
e5a7f29693c6cca8733ff471a1ef2ffccb2e8529ffbf29b208f1512a77c4658a
e6a7f564b38c90705e57ebafb88e1a399fcec76f6e193a72b9b27024bdd88f71
e736384d147e30a565f162e299261009a24bcdfc1c803c7c204318fa4fce1db6
e75c5652ee5ee83f993b17d4ad990aa37a50575d0ba260a40ccf8e34b5bb31ba
e82d5e1dd1b7a6dd17a92863261b1941e7cd8c4261984f8240b25c4b7b0f752e
ebd7057ce1f9b819fdbaee265dd4c57ce07631bbb8ad033a1ef7addbe0eb2751
ee0ad088e66c6164da0785d410f7d271653bf07fb832c9a5f71e488805b3183e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa3af7dd7edb3496baa2512634744cff6ddb9858b71d4800d066b263776a96b
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f19690d8f07e5b092b941176f8cae992dfa2a82c6dba5d3e659048f67bc863f1
f2664ead242ffa1fd243fdaa819d33479ceaa54fee84c89bbdd6f8b0045c0ab3
f42cf36970aa9f2a275768bcdb6459d0bfb452dc95ef6587d221aedc9199a538
f4899baa0741b74ef6b0fd1e19fa100bc7fb49289accf6ddd866a791d635b43a
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6a16c707fbb94cb34911a5c5d4d40218b6dcf3f01961015807c8badd955b2cc
f86337f9fd7492cb54286f53a35d91d0f8642f81d205ae70afad69241f607802
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fcd07d21f21002d006e7e9a4797896bb12f00ea503ccbfed143527826c61694e
fd21f396e11106e7b61c60b9447f0d121e25fbb9c4dbf8a432ddd38d1e0f00ec
fe5b28e5195dc56bc8b4b1b6d806514f9fe9302410acde1a8184ba61eb623c8c
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

mtnvpn.manteghi.sbs Open in urlscan Pro 45.61.128.84 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

230 Requests

94 %HTTPS

37 %IPv6

39 Domains

59 Subdomains

53 IPs

6 Countries

2528 kBTransfer

7154 kBSize

27 Cookies

94 Outgoing links

Redirected requests

230 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mtnvpn.manteghi.sbs Open in urlscan Pro
45.61.128.84 Public Scan

Screenshot
Live screenshot

Full Image

230
Requests

94 %
HTTPS

37 %
IPv6

39
Domains

59
Subdomains

53
IPs

6
Countries

2528 kB
Transfer

7154 kB
Size

27
Cookies

230 HTTP transactions
-1 data transactions