coinbase.in.w3snoop.com Open in urlscan Pro
18.158.98.109  Public Scan

35 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

• http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 301
• https://securepubads.g.doubleclick.net/tag/js/gpt.js

Request Chain 77

• https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
• https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=528982cc-6e71-4ac9-ad5a-085a79fa5ca4

Request Chain 78

• http://cdn.id5-sync.com/api/1.0/id5-api.js HTTP 307
• https://cdn.id5-sync.com/api/1.0/id5-api.js

Request Chain 120

• https://ad.turn.com/r/cs?pid=3&google_gid=CAESEP2X64ugFUGhfl670WbA5Ww&google_cver=1&google_push=AYg5qPLG4bpDb7i2mA83xExHIf74iIWQNoo1TNhKwupNtKUcFiye6QklOPX11p3vb_nyrnvnp_XKlyYCWjrhB-syNBp5qQEvpVw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQyNDkxMTQ1NzA4NjY5NDcwNg==&gdpr=&gdpr_consent= HTTP 302
• https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP2X64ugFUGhfl670WbA5Ww&google_cver=1

Request Chain 121

• https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEI1zPJ5LX-1wSvw0-MBbiVg&google_cver=1&google_push=AYg5qPJ3gkt64ZtsfYN2GmcFtMKLV5BE1KkEPExNBXhTHA5-5XEWAF5a-KyEV94ZJjjXODBZ4Upts3Qj6EjCtAcmnWKhN1wtri8 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJ3gkt64ZtsfYN2GmcFtMKLV5BE1KkEPExNBXhTHA5-5XEWAF5a-KyEV94ZJjjXODBZ4Upts3Qj6EjCtAcmnWKhN1wtri8

Request Chain 122

• https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEFi7MnQdpeZOl6NfoxVMsFE&google_cver=1&google_push=AYg5qPK-5lpzdc5pWYszWuGdxv9hQNnvQJAkxpJvYHc-kmG-EcTp98cUSKOaXHtfYQD-Qg-J5UyEGjN6NIxnUG6ye1vzoo_BxDE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPK-5lpzdc5pWYszWuGdxv9hQNnvQJAkxpJvYHc-kmG-EcTp98cUSKOaXHtfYQD-Qg-J5UyEGjN6NIxnUG6ye1vzoo_BxDE

Request Chain 123

• https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPD_8R0aawXsHAtpJ5bZucM&google_cver=1&google_push=AYg5qPLmmkMSjR2O5GNbosxzGwfTQ_ngqSAzzFmraKr8zKmIJNSWPqQNFpnbGGNAFq8sm-8XNdSXpcC_pLiwFPgB1FH6GOM0cmQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA1NTgzMjA3NzAwNTQ4NjIxOQ%3D%3D&google_push=AYg5qPLmmkMSjR2O5GNbosxzGwfTQ_ngqSAzzFmraKr8zKmIJNSWPqQNFpnbGGNAFq8sm-8XNdSXpcC_pLiwFPgB1FH6GOM0cmQ

Request Chain 124

• https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESEPrVDc-Ri2dr4rarCGt2PrI&google_cver=1&google_push=AYg5qPL7K0lTqkLGJJte0vYy-VoZ_WsrP8c7aqB3CmSjY0WkelhQGEs7u9PNas7WPaebqnUgOffAgSbVL1xUd3VsQamfXeMbMA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPL7K0lTqkLGJJte0vYy-VoZ_WsrP8c7aqB3CmSjY0WkelhQGEs7u9PNas7WPaebqnUgOffAgSbVL1xUd3VsQamfXeMbMA

Request Chain 125

• https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEAAMew_sVQyHaC7o0_Fdz60&google_cver=1&google_push=AYg5qPK2CVht6EXdWN-PgGgXNHKAsELdLUZBDGqfYHoEpPFAgu03gYYwP6fE5u6K3ugCbyZWgrZg9v8h7B3ZN-sxym7VRzBvwg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=E7fM-BmSTAJjJMZ0ImwLD1QTr7g&google_push=AYg5qPK2CVht6EXdWN-PgGgXNHKAsELdLUZBDGqfYHoEpPFAgu03gYYwP6fE5u6K3ugCbyZWgrZg9v8h7B3ZN-sxym7VRzBvwg

Request Chain 128

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 138

• https://www.berush.com/static/webpack_bundles/remote.js?v=9 HTTP 301
• https://pm.berush.com/source/widgets-legacy/js/remote.js?v=9

Request Chain 148

• http://www.berush.com/en/promo/widget-iframe-traffic-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en HTTP 307
• https://www.berush.com/en/promo/widget-iframe-traffic-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en HTTP 301
• https://pm.berush.com/widgets/traffic-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en

Request Chain 149

• http://www.berush.com/en/promo/widget-iframe-backlink/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en HTTP 307
• https://www.berush.com/en/promo/widget-iframe-backlink/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en HTTP 301
• https://pm.berush.com/widgets/backlink-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en

Request Chain 179

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGp5clLsjIpE7Ru1rPNBUfU&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGp5clLsjIpE7Ru1rPNBUfU&google_cver=1&C=1

Request Chain 180

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YetZ6CdVgAXS6ZCv9sOtSwAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGp5clLsjIpE7Ru1rPNBUfU&google_cver=1

Request Chain 181

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEHF3cm6iLGC0qGTsQSafzZ4&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHF3cm6iLGC0qGTsQSafzZ4%26google_cver%3D1

Request Chain 182

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk3MTU5NjY2NDM3MTY1Mjg0Mg%3D%3D

Request Chain 194

• https://hal900029.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=df0c66ed79&subid=&uid=e722c7fbe22ce224&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrXQV6FnrYdnCGMvs3wP6qKz4DrXN-YNXzN65q-UM8C4QASD0-cYlYJXKpYKwB8gBCakCfPp161YIsz6oAwGqBO4BT9DpbdQr7qyhz3f1Bg8APDlWA7qLuWj6b88iWk97sgV74gw9CVGU3cvgYuFsgY9n_j5h9rRvvZEkWbwG9GzZtFOrXy2Flhil0tSwOfQyNt1kNE5RB9MTtymGKYPaMwS4hYo4OQgsxbEP_Jzsxq-IQEsyC-1X0sr_NtEoOd6hyBpuKx3q9eDJY1FjobYQoUOjdX-TYImlXh8MBZvmMmti0wx2aYe0zisV9OxtHjGl5ewSq2WwdkRUVsA3U3UQU9ylYPOly6dMhJPfIMjjLeVpuai3YaJ8hjk-MjwA3lZ6nNpubFFstva-Rn-RRY7-uMAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi00MTgwODMzNTg1MjA4NzEygAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoZ7DYsobHvq8UG5i5on6Arg%26sig%3DAOD64_0EBxUZK00kFDZCrsg9BQ8Ywv4y6g%26client%3Dca-pub-6396844742497208%26dbm_c%3DAKAmf-BLk6F_JEwDE0WGVopwcQkCvlf6k1AjL0yt3-Gt3jruqMq4subF0r7duwtjibP0GSqNBRzIX53MCvETx6W8lPvtdR6lsUzv9byOzkGW7_yTluWWmNQWIKYgGj1J6k74aZmg9-2PoodeDidWxkDO1GZY2kDlCw%26cry%3D1%26dbm_d%3DAKAmf-DPVX7PzsHegb8HCg2rk__6PJy6yBw1IYQ7qeMDMVXUy04XJuycZErmKPRTXSIPPhRgps12_v4Ge9QxG6R8c6kWddbK9frlmja4a46vqen1K8_wuH8k3FHChi_eg7_J1BwYlkpqZxeuNa_PO4MRzzHVP5qfmL8W-U5SOUSvOwUrMPNU5M27Mzp7Corjm50WpHe-pR7qbkHCLqFcI58Fi5Oeydmxw928dlH0kzv2UnFLhochTXhRK3VcvhRz0OfUUcecS37dz5SNGn75XvofhUKQDQ-qYbHpmlwYspRHSiLAFk0UVmGBMZNeeF-j_yQ0z4kUnkEmFOIDDzMNi90g3xh5GUqYL4qptf3L_6oewadeexHAIhOql2ul32ZbMMH0Er66AIDeQNOjbqtOgjTkeOd_HklGHP16pyLYg0LZWAMUaACXxqa7DUHsjaJt0r_tpXSgm5YZ9-RgN5CkaCMDd8KGv0PG3w%26adurl%3D&documentReferer=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&ancestorOrigins=http%3A%2F%2Fcoinbase.in.w3snoop.com&random=1469920006777&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
• https://hal900029.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=df0c66ed79&subid=&uid=e722c7fbe22ce224&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrXQV6FnrYdnCGMvs3wP6qKz4DrXN-YNXzN65q-UM8C4QASD0-cYlYJXKpYKwB8gBCakCfPp161YIsz6oAwGqBO4BT9DpbdQr7qyhz3f1Bg8APDlWA7qLuWj6b88iWk97sgV74gw9CVGU3cvgYuFsgY9n_j5h9rRvvZEkWbwG9GzZtFOrXy2Flhil0tSwOfQyNt1kNE5RB9MTtymGKYPaMwS4hYo4OQgsxbEP_Jzsxq-IQEsyC-1X0sr_NtEoOd6hyBpuKx3q9eDJY1FjobYQoUOjdX-TYImlXh8MBZvmMmti0wx2aYe0zisV9OxtHjGl5ewSq2WwdkRUVsA3U3UQU9ylYPOly6dMhJPfIMjjLeVpuai3YaJ8hjk-MjwA3lZ6nNpubFFstva-Rn-RRY7-uMAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi00MTgwODMzNTg1MjA4NzEygAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoZ7DYsobHvq8UG5i5on6Arg%26sig%3DAOD64_0EBxUZK00kFDZCrsg9BQ8Ywv4y6g%26client%3Dca-pub-6396844742497208%26dbm_c%3DAKAmf-BLk6F_JEwDE0WGVopwcQkCvlf6k1AjL0yt3-Gt3jruqMq4subF0r7duwtjibP0GSqNBRzIX53MCvETx6W8lPvtdR6lsUzv9byOzkGW7_yTluWWmNQWIKYgGj1J6k74aZmg9-2PoodeDidWxkDO1GZY2kDlCw%26cry%3D1%26dbm_d%3DAKAmf-DPVX7PzsHegb8HCg2rk__6PJy6yBw1IYQ7qeMDMVXUy04XJuycZErmKPRTXSIPPhRgps12_v4Ge9QxG6R8c6kWddbK9frlmja4a46vqen1K8_wuH8k3FHChi_eg7_J1BwYlkpqZxeuNa_PO4MRzzHVP5qfmL8W-U5SOUSvOwUrMPNU5M27Mzp7Corjm50WpHe-pR7qbkHCLqFcI58Fi5Oeydmxw928dlH0kzv2UnFLhochTXhRK3VcvhRz0OfUUcecS37dz5SNGn75XvofhUKQDQ-qYbHpmlwYspRHSiLAFk0UVmGBMZNeeF-j_yQ0z4kUnkEmFOIDDzMNi90g3xh5GUqYL4qptf3L_6oewadeexHAIhOql2ul32ZbMMH0Er66AIDeQNOjbqtOgjTkeOd_HklGHP16pyLYg0LZWAMUaACXxqa7DUHsjaJt0r_tpXSgm5YZ9-RgN5CkaCMDd8KGv0PG3w%26adurl%3D&documentReferer=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&ancestorOrigins=http%3A%2F%2Fcoinbase.in.w3snoop.com&random=1469920006777&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 196

• https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=23135900016096500710616011847029&t=htlp HTTP 301
• https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=23135900016096500710616011847029&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 198

• https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=23135900016096500710616011847029 HTTP 302
• https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=23135900016096500710616011847029 HTTP 301
• https://ad-server.eu/wm/pb/native.png

Request Chain 221

• https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
• https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=d5aa0e1cb2521ea4c1ba15458683c951

219 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
9 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response coinbase.in.w3snoop.com/	81 KB 21 KB	636ms 586ms	Document text/html	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://coinbase.in.w3snoop.com/ Protocol HTTP/1.1 Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 40941037c4dab6b91164b5810cec4369d0596428464cad541b1ddb8b4b8211fb Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Cache-Control private, max-age=0, must-revalidate, no-cache, no-store Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sat, 22 Jan 2022 01:12:02 GMT Display pub_site_sa_sol Expires Fri, 21 Jan 2022 01:12:02 GMT Pagespeed off Response 200 Server nginx Vary Accept-Encoding Accept-Encoding X-Content-Type-Options nosniff X-Ez-Minify-Html 7.90% 79381 / 86190 X-Frame-Options SAMEORIGIN X-Middleton-Display pub_site_sa_sol X-Middleton-Response 200 X-Sol pub_site X-Xss-Protection 1; mode=block Transfer-Encoding chunked
GET H2	200	app.css w3snoop.com/css/	35 KB 8 KB	467ms 398ms	Stylesheet text/css	3.66.136.156 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://w3snoop.com/css/app.css Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-66-136-156.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 6650cd30bfe89f3c9ad302c63cfc40794a4e99317f9ba6622a286f8dd0141e84 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:02 GMT content-encoding br x-content-type-options nosniff x-sol orig display staticcontent_sol, orig_site_sol x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 x-xss-protection 1; mode=block response 200 last-modified Fri, 21 Jan 2022 23:11:10 GMT server nginx x-frame-options SAMEORIGIN etag W/"5ec50a0d-8c9a-gzip" vary Accept-Encoding, Accept-Encoding,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	app.js Show response w3snoop.com/js/	505 KB 152 KB	772ms 704ms	Script application/javascript	3.66.136.156 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://w3snoop.com/js/app.js?v=6 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-66-136-156.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash b1fd003241addf4bc00b090f2bf310d957b30536c3cb84680563ac7fd8d25805 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:03 GMT content-encoding br x-content-type-options nosniff display staticcontent_sol x-middleton-display staticcontent_sol x-middleton-response 200 x-xss-protection 1; mode=block response 200 last-modified Fri, 21 Jan 2022 23:11:13 GMT server nginx x-frame-options SAMEORIGIN etag W/"5ebe3a4d-7e222-gzip" vary Accept-Encoding, Accept-Encoding,Origin content-type application/javascript; charset=utf-8 cache-control max-age=259200 x-ez-minify-js 0.00% 516642 / 516642 expires Tue, 25 Jan 2022 01:12:02 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	91 KB 36 KB	66ms 25ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-123359880-1 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 00bfa24e64a14314783404fc40216a3001b8086ba4e9355ffe1b022e5a3699e8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:02 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36459 x-xss-protection 0 last-modified Sat, 22 Jan 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 22 Jan 2022 01:12:02 GMT
GET H/1.1	200 OK	consentsettings.js Show response coinbase.in.w3snoop.com/detroitchicago/	1 KB 965 B	19ms 19ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://coinbase.in.w3snoop.com/detroitchicago/consentsettings.js?cb=2 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol HTTP/1.1 Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 383472db86bc19b822592340828e1a9d680ece8e6a5114eb4744351081fdea3c Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:02 GMT Content-Encoding gzip Last-Modified Fri, 21 Jan 2022 06:21:24 GMT Server nginx Etag "5be-5d611a0d3fa8a;5d611a0d3fa8a-gzip" Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript Cache-Control max-age=31536000, public Accept-Ranges bytes X-Robots-Tag noindex Content-Length 587
GET H2	200	logo.png w3snoop.com/images/interface/	25 KB 11 KB	567ms 566ms	Image image/png	3.66.136.156 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://w3snoop.com/images/interface/logo.png Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-66-136-156.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash d3d0691529584a990bbfe5c69c8e6830d63a35527415bc77368f99ee18707c87 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:03 GMT content-encoding br x-content-type-options nosniff response 200 last-modified Fri, 21 Jan 2022 06:21:28 GMT server nginx display staticcontent_sol etag "5e49f91d-6397-gzip" x-frame-options SAMEORIGIN content-type image/png x-middleton-display staticcontent_sol cache-control public, max-age=31536000 x-middleton-response 200 vary Accept-Encoding, Origin,Accept-Encoding x-xss-protection 1; mode=block
GET H/1.1	200 OK	boise.js Show response coinbase.in.w3snoop.com/detroitchicago/	983 B 1 KB	20ms 19ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://coinbase.in.w3snoop.com/detroitchicago/boise.js?gcb=195-7&cb=1 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol HTTP/1.1 Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:02 GMT Server nginx Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript X-Middleton-Display sol-js Cache-Control max-age=31536000, public X-Robots-Tag noindex Content-Length 983
GET H/1.1	200 OK	memphis.js Show response coinbase.in.w3snoop.com/detroitchicago/	5 KB 2 KB	40ms 23ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://coinbase.in.w3snoop.com/detroitchicago/memphis.js?gcb=195-7&cb=14 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol HTTP/1.1 Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 6e34ee9c29fca0e065bf19aefa870945e9d47cb92df2ecd332e0466b686d69d4 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:02 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript X-Middleton-Display sol-js Cache-Control max-age=31536000, public X-Robots-Tag noindex Content-Length 1788
GET H/1.1	200 OK	minneapolis.js Show response coinbase.in.w3snoop.com/detroitchicago/	864 B 1 KB	36ms 19ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://coinbase.in.w3snoop.com/detroitchicago/minneapolis.js?gcb=195-7&cb=3 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol HTTP/1.1 Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 5578a62b81f315375d072cfe506fc13813e844f94c910bdb15ce20e1fc3ef50a Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:02 GMT Server nginx Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript X-Middleton-Display sol-js Cache-Control max-age=31536000, public X-Robots-Tag noindex Content-Length 864
GET H/1.1	200 OK	raleigh.js Show response coinbase.in.w3snoop.com/detroitchicago/	2 KB 1 KB	36ms 19ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://coinbase.in.w3snoop.com/detroitchicago/raleigh.js?gcb=195-7&cb=5 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol HTTP/1.1 Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash f69dfe383fe0ef66df2c8de098fda546a826801c150ec22e7e09b8020b221dae Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:02 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript X-Middleton-Display sol-js Cache-Control max-age=31536000, public X-Robots-Tag noindex Content-Length 838
GET H/1.1	200 OK	tampa.js Show response coinbase.in.w3snoop.com/detroitchicago/	955 B 1 KB	38ms 20ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://coinbase.in.w3snoop.com/detroitchicago/tampa.js?gcb=195-7&cb=4 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol HTTP/1.1 Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 2d4af0388e203196017340fee6ff0513441d72eda6f69f5f2b3878b1ea980717 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:02 GMT Server nginx Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript X-Middleton-Display sol-js Cache-Control max-age=31536000, public X-Robots-Tag noindex Content-Length 955
GET H/1.1	200 OK	tulsa.js Show response coinbase.in.w3snoop.com/detroitchicago/	16 KB 5 KB	39ms 21ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://coinbase.in.w3snoop.com/detroitchicago/tulsa.js?gcb=195-7&cb=5 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol HTTP/1.1 Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 636e5f5b2eebe0800656a171c6ee9d34ee67cbae3d745983c48d4a5474421d53 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:02 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript X-Middleton-Display sol-js Cache-Control max-age=31536000, public Transfer-Encoding chunked X-Robots-Tag noindex
GET H2	200	Generic-Share.svg w3snoop.com/images/icons/social/	1 KB 606 B	374ms 373ms	Image image/svg+xml	3.66.136.156 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://w3snoop.com/images/icons/social/Generic-Share.svg Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-66-136-156.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 57049695f33501c282f431b3b9ccfaa7e64bbb1b574ecabfbfca7168bc1b2e1a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:03 GMT content-encoding br x-content-type-options nosniff display staticcontent_sol x-middleton-display staticcontent_sol x-middleton-response 200 content-length 513 x-xss-protection 1; mode=block response 200 last-modified Fri, 21 Jan 2022 23:11:11 GMT server nginx x-frame-options SAMEORIGIN etag W/"5e49f91d-54a-gzip" vary Accept-Encoding, Accept-Encoding,Origin content-type image/svg+xml cache-control public, max-age=31536000
GET H/1.1	200 OK	ezcl.webp Show response coinbase.in.w3snoop.com/utilcave_com/inc/	1 KB 2 KB	24ms 24ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://coinbase.in.w3snoop.com/utilcave_com/inc/ezcl.webp?cb=4 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol HTTP/1.1 Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:02 GMT X-Sol middleton Server nginx Display staticcontent_sol Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript X-Middleton-Display staticcontent_sol Cache-Control max-age=86400 X-Ez-Minify-Js 0.00% 1337 / 1337 Content-Length 1337
GET H2	200	css fonts.googleapis.com/	4 KB 1 KB	65ms 25ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese Requested by Host: w3snoop.com URL: https://w3snoop.com/css/app.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 22 Jan 2022 00:29:05 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sat, 22 Jan 2022 01:12:02 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 22 Jan 2022 01:12:02 GMT
GET H/1.1	200 OK	lazy_load.js Show response coinbase.in.w3snoop.com/tardisrocinante/	13 KB 5 KB	20ms 20ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://coinbase.in.w3snoop.com/tardisrocinante/lazy_load.js?gcb=7&cb=5 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol HTTP/1.1 Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 1db332733543b64c60bf18daec07aa99d8384904c565e66919242d6d8e528776 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:02 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript X-Middleton-Display sol-js Cache-Control max-age=31536000, public Transfer-Encoding chunked X-Robots-Tag noindex
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 94cce56c2c4bc1d0fb5b8e5ddf05d1cf4c15ce425e6c35b0b8932486cf25455c Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6deb2c33c9e4b3317e268899b41948a4765b5152fd63f108380f6d883cffe9b1 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c278a6ed54254611f394192014869bc930d03848a1c37c7e4120b163583f5d85 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	67 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6a8475cf62649d63b702a0bd9c20f35909d87d029d2950bd74bf4c68c2b3e34d Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1f5c4dae22b0316bc107d417e182a2b520174473315401887a2004f1ff05a90f Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	url.png w3snoop.com/images/icons/	375 B 483 B	366ms 365ms	Image image/png	3.66.136.156 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://w3snoop.com/images/icons/url.png Requested by Host: w3snoop.com URL: https://w3snoop.com/css/app.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-66-136-156.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 544a07ea785fbf3038bff6880b444664138c3aa00e89858cf9fb9c76e2bc94f9 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://w3snoop.com/css/app.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:03 GMT content-encoding br x-content-type-options nosniff display staticcontent_sol x-middleton-display staticcontent_sol x-middleton-response 200 content-length 379 x-xss-protection 1; mode=block response 200 last-modified Fri, 21 Jan 2022 07:11:17 GMT server nginx x-frame-options SAMEORIGIN etag "5e49f91d-177-gzip" vary Accept-Encoding, Origin,Accept-Encoding content-type image/png cache-control public, max-age=31536000
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	62ms 21ms	Font font/woff2	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://coinbase.in.w3snoop.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 17:56:19 GMT x-content-type-options nosniff age 198943 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:28 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 19 Jan 2023 17:56:19 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	57ms 17ms	Font font/woff2	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://coinbase.in.w3snoop.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 21 Jan 2022 13:39:48 GMT x-content-type-options nosniff age 41534 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 21 Jan 2023 13:39:48 GMT
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 55d4281576433134d8b17334e25dc390a6062aee7a6da5ceab383a407c660855 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	jellyfish.webp Show response coinbase.in.w3snoop.com/porpoiseant/	43 KB 10 KB	22ms 22ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://coinbase.in.w3snoop.com/porpoiseant/jellyfish.webp?a=a&cb=195-7&shcb=34 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol HTTP/1.1 Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 0832d5639489c2bc2f2fb8f9c8371ccaf19b4053114f23dd70fa306b1f6d48f7 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:02 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript X-Middleton-Display sol-js Cache-Control max-age=31536000, public Transfer-Encoding chunked X-Robots-Tag noindex
POST H/1.1	200 OK	safa.go Show response g.ezoic.net/	53 KB 13 KB	134ms 113ms	XHR text/javascript	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://g.ezoic.net/safa.go?url=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&wc=394&ez_pwa=0&scriptsLoaded=false&dps=false&dpa=false&group=0&t=%7B%7D&a=true&rpg=true&pc=[{%22id%22:142,%22size%22:%22300x250%22},{%22id%22:121,%22size%22:%22468x60%22},{%22id%22:136,%22size%22:%22300x250%22},{%22id%22:125,%22size%22:%22300x250%22},{%22id%22:130,%22size%22:%22300x250%22},{%22id%22:100,%22size%22:%22970x90%22},{%22id%22:6,%22size%22:%223x3%22}]&fa=true&uh=false&abt=mod96&tid=134&tname=pub_site&ltcl=0&bw=false&wbr=0&ref=&npv=true&msn=-1 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol HTTP/1.1 Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e35efa4d6c7b0df44682476cf36acc9db8ecaacd5dfbc490cd9385b75abf568c Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Date Sat, 22 Jan 2022 01:12:03 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding, Accept-Encoding Access-Control-Allow-Methods GET, POST, PUT, OPTIONS Content-Type text/javascript Access-Control-Allow-Origin http://coinbase.in.w3snoop.com Access-Control-Max-Age 1728000 Cache-Control private, max-age=0, must-revalidate, no-cache, no-store Transfer-Encoding chunked Access-Control-Allow-Credentials true Access-Control-Allow-Headers Content-Type Expires Fri, 21 Jan 2022 01:12:02 GMT
GET DATA	200 OK	truncated /	42 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	55ms 15ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-123359880-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 5828 date Fri, 21 Jan 2022 23:34:54 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Sat, 22 Jan 2022 01:34:54 GMT
GET H2	200	like.php Show response www.facebook.com/plugins/ Frame 7BD3	0 3 KB	65ms 32ms	Document text/html	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fw3snoop%2F&width=225&layout=button_count&action=like&size=large&share=false&height=21&appId=1749095788540828 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/tardisrocinante/lazy_load.js?gcb=7&cb=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ Response headers content-type text/html;charset=utf-8 pragma no-cache cache-control private, no-cache, no-store, must-revalidate expires Sat, 01 Jan 2000 00:00:00 GMT content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-content-type-options nosniff x-xss-protection 0 x-fb-debug Hjbi1GEPKHZRyA0+KQ+MLu1YkRxxv9XkfQci8Cbqg/Muc3RpyszBqAEujOumiJ+zhcgeren80aGfnoFoz65ANQ== content-length 0 date Sat, 22 Jan 2022 01:12:02 GMT alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600
GET H2	200	favicons coinbase.in.w3snoop.com/ezoimgfmt/www.google.com/s2/	288 B 565 B	421ms 375ms	Image image/webp	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://coinbase.in.w3snoop.com/ezoimgfmt/www.google.com/s2/favicons?domain=coinbase.in&ezimgfmt=rs:16x20/rscb5/ng:webp/ngcb5 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 3b2af8f0155ddeaded04b5c0d6d35d8445541a649640a7a368e4dcbc3e89fd7f Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:03 GMT content-encoding br x-sol pub_site display staticcontent_sol x-amzn-requestid df211f11-51c2-4d62-9bcc-321d05576f08 x-cache Miss from cloudfront x-middleton-display staticcontent_sol x-middleton-response 200 x-amz-apigw-id MUr7hEm8IAMFx2w= content-length 292 response 200 server nginx x-amzn-trace-id Root=1-61eb59e3-484f40c77bf19f6e18bed5ae;Sampled=0 vary Accept-Encoding, Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront) cache-control public, max-age=31536000 access-control-allow-credentials true x-amz-cf-pop FRA56-P3 access-control-allow-headers Content-Type, Authorization x-amz-cf-id QJhUWeMkx2Kv3Mt892OxTrI9ztYxujUcpMXZEpiw4Uf_d6ZkYaBiwg==
GET H2	200	no-ssl.png coinbase.in.w3snoop.com/ezoimgfmt/w3snoop.com/images/icons/	488 B 1 KB	78ms 32ms	Image image/webp	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://coinbase.in.w3snoop.com/ezoimgfmt/w3snoop.com/images/icons/no-ssl.png?ezimgfmt=rs:23x30/rscb5/ng:webp/ngcb5 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash beae3275b7d0dd95049541b0d4028817570e205167bf6d6f85f447e787dc92de Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:02 GMT content-encoding br age 39675 x-amzn-requestid 3f87e474-c39d-4ef5-a1a3-c32ee1e74513 x-cache Hit from cloudfront x-middleton-display staticcontent_sol x-middleton-response 200 x-amz-apigw-id MTLEIEjSIAMFa0w= content-length 492 display staticcontent_sol response 200 server nginx x-amzn-trace-id Root=1-61eabee7-130bc04c4b2fcabf6d21a226;Sampled=0 vary Accept-Encoding, Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront) cache-control public, max-age=31536000 access-control-allow-credentials true x-amz-cf-pop FRA56-P3 access-control-allow-headers Content-Type, Authorization x-amz-cf-id ppil8YTeTVYfNmH_ySf6iyVh2fbZfyz-LUCy_DksjbjvVqP0xOX_Ww==
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 209 B	22ms 22ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=909859898&t=pageview&_s=1&dl=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&ul=en-us&de=UTF-8&dt=Coinbase%20-%20Coinbase.in&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2098901270&gjid=303585970&cid=1640558168.1642813923&tid=UA-123359880-1&_gid=1256281952.1642813923&_r=1&gtm=2ou1j0&z=1027052119 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 22 Jan 2022 01:12:02 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin http://coinbase.in.w3snoop.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	favicons coinbase.in.w3snoop.com/ezoimgfmt/www.google.com/s2/	288 B 508 B	348ms 347ms	Image image/webp	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://coinbase.in.w3snoop.com/ezoimgfmt/www.google.com/s2/favicons?domain=coinbase.in&ezimgfmt=rs:16x16/rscb5/ng:webp/ngcb5 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 3b2af8f0155ddeaded04b5c0d6d35d8445541a649640a7a368e4dcbc3e89fd7f Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:03 GMT content-encoding br x-sol pub_site display staticcontent_sol x-amzn-requestid ee87c9cb-0e33-449a-a17b-eaa21afa17d3 x-cache Miss from cloudfront x-middleton-display staticcontent_sol x-middleton-response 200 x-amz-apigw-id MUr7iGCsIAMFnDA= content-length 292 response 200 server nginx x-amzn-trace-id Root=1-61eb59e3-3d36692c79f1c94129e1fa30;Sampled=0 vary Accept-Encoding, Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront) cache-control public, max-age=31536000 access-control-allow-credentials true x-amz-cf-pop FRA56-P3 access-control-allow-headers Content-Type, Authorization x-amz-cf-id jdpXtbzJcTgLq7M7ihgpngRO3DdWegudnO02-GhA_9rrGRlUCdef9A==
GET H/1.1	200 OK	info.png coinbase.in.w3snoop.com/images/icons/	196 B 1007 B	485ms 484ms	Image image/webp	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://coinbase.in.w3snoop.com/images/icons/info.png?ezimgfmt=rs:12x12/rscb5/ng:webp/ngcb5 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol HTTP/1.1 Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash ede737173b04cf62cc39dc1942f8e5579c8ff36109f29c6c9648998ae6d539d8 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:03 GMT Via 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront) Display staticcontent_sol X-Amzn-Requestid 385fab01-deb5-416f-9d89-7ac7049641dc X-Cache Miss from cloudfront X-Middleton-Display staticcontent_sol X-Middleton-Response 200 X-Amz-Apigw-Id MUr7iFirIAMFdSA= Content-Length 196 Response 200 Server nginx X-Amzn-Trace-Id Root=1-61eb59e3-361eb74413ce8d7b0d593a9f;Sampled=0 Vary Accept-Encoding, Origin,Accept-Encoding Access-Control-Allow-Methods GET Content-Type image/webp Cache-Control public, max-age=31536000 Access-Control-Allow-Credentials true X-Amz-Cf-Pop FRA6-C1 Access-Control-Allow-Headers Content-Type, Authorization X-Amz-Cf-Id j092RQMHtr8oJP0ptZ3nuQADoNmQPzZbpWBj2zBOrRfAFRv3x9WKbA==
GET H/1.1	200 OK	anchorfix.js Show response go.ezodn.com/detroitchicago/	886 B 1 KB	61ms 36ms	Script application/javascript	2606:4700:3031::6815:496e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://go.ezodn.com/detroitchicago/anchorfix.js?cb=195-7 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol HTTP/1.1 Server 2606:4700:3031::6815:496e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a19643aa47aeee6f664e5b4f825b784ae76b84eacbd8dab2ef588d4f6c9c93da Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:03 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 736611 Transfer-Encoding chunked x-middleton-display sol-js Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 CF-RAY 6d14e96b29ec4e43-FRA Last-Modified Thu, 13 Jan 2022 12:35:12 GMT Server cloudflare vary Accept-Encoding, Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x690ji7L08bix%2B6lJRUuNj314bjUbt7fHAf2tNer6ErjT%2BNrPNobSZQtmxwPlTzrKdIqW3oXCKHV%2FstCrleLUaEA0DmwwrwkiGYlFJGrAQvGgb0pBZRYSmWY8VeC%2Fo%2FDK5coPI2SRU%2B0Ns0%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript cache-control public, max-age=31536000 x-robots-tag noindex
GET H/1.1	200 OK	houston.js Show response go.ezodn.com/detroitchicago/	4 KB 2 KB	43ms 21ms	Script application/javascript	2606:4700:3031::6815:496e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://go.ezodn.com/detroitchicago/houston.js?gcb=7&cb=16 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol HTTP/1.1 Server 2606:4700:3031::6815:496e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a89057208861e739c4ea6ea2e1126afd5b41c89f22548e5afeb74b7c71614777 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:03 GMT content-encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 640863 x-middleton-display sol-js Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 1459 Last-Modified Fri, 14 Jan 2022 15:11:00 GMT Server cloudflare x-robots-tag noindex vary Accept-Encoding, Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUQl0H1fb%2FXtCcZf%2FARq8gHNVXXH8C9IGmPI5DK6zO49e0OKUOPs1i5rnS4UKkd%2BZBFajKWRB%2BxwFXp%2BeSg4O9L2%2BAZxbA85qZGSxO1zlImHk87x5WWw%2B0WWlRK4cchnn5Taxir50wY1eq0%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript cache-control public, max-age=31536000 Accept-Ranges bytes CF-RAY 6d14e96b2dc02c0d-FRA
GET H/1.1	200 OK	dall.js Show response go.ezodn.com/hb/	344 KB 103 KB	69ms 47ms	Script application/javascript	2606:4700:3031::6815:496e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol HTTP/1.1 Server 2606:4700:3031::6815:496e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bc240758302090afcfc62c801c4c32b50e84a2e90f01fb237a10930fbb6a4a11 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:03 GMT content-encoding gzip CF-Cache-Status MISS Last-Modified Sat, 22 Jan 2022 01:12:03 GMT Server cloudflare NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding, Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AU4YCfWGkY6CcEryjqFdeqK0hD63H0wc2V19EAQmZigLTWh3ahZZWE9zVxq6CauJa9Nc%2B3rePIhSDbqVU5FuR8s%2FgTyYI66Z1wdCItnGOV5ihTfOrFl4U9L4%2FxlMPqUC0Q6htBZewHtm9%2FE%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript cache-control public, max-age=31536000 Transfer-Encoding chunked Connection keep-alive CF-RAY 6d14e96b2df04e2b-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/ Redirect Chain http://securepubads.g.doubleclick.net/tag/js/gpt.js https://securepubads.g.doubleclick.net/tag/js/gpt.js	78 KB 27 KB	64ms 25ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol H2 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software sffe / Resource Hash c23e1ac09981f482a8e986029bb865a4ad954540e785f04c3367bfc30f62601b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:03 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 26997 x-xss-protection 0 server sffe etag "1109 / 207 of 1000 / last-modified: 1642808442" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 22 Jan 2022 01:12:03 GMT Redirect headers Date Sat, 22 Jan 2022 00:47:03 GMT X-Content-Type-Options nosniff Server sffe Age 1500 Content-Type text/html; charset=UTF-8 Location https://securepubads.g.doubleclick.net/tag/js/gpt.js Cache-Control public, max-age=1800 Cross-Origin-Resource-Policy cross-origin Content-Length 249 X-XSS-Protection 0 Expires Sat, 22 Jan 2022 01:17:03 GMT
GET H/1.1	200 OK	apstag.js Show response c.amazon-adsystem.com/aax2/	134 KB 36 KB	72ms 17ms	Script application/javascript	108.156.255.177 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol HTTP/1.1 Server 108.156.255.177 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-amz-version-id HFEsVPyG2xdk9_FYeN9qMCR4YggSwnaH Content-Encoding gzip ETag 8d3665a9b316600491247ca6d78c204c Age 116 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Server Server x-amz-rid 0HKN4P6MMG45NAM3DXW8 Date Sat, 22 Jan 2022 01:10:07 GMT Vary Accept-Encoding Content-Type application/javascript Via 1.1 0247123ccdc6a2a86167d7f4de30885a.cloudfront.net (CloudFront) Cache-Control public, max-age=900 X-Amz-Cf-Pop DUS51-P2 Accept-Ranges bytes Timing-Allow-Origin * X-Amz-Cf-Id CwCz6tzY646WG3Aje1AXx_qONXKSPk1MkqCnyg1Rdzm2Rb9n3mwqfQ==
GET H/1.1	200 OK	banger.js Show response go.ezodn.com/porpoiseant/	53 KB 13 KB	44ms 23ms	Script application/javascript	2606:4700:3031::6815:496e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://go.ezodn.com/porpoiseant/banger.js?cb=195-7&bv=95&v=57&PageSpeed=off Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol HTTP/1.1 Server 2606:4700:3031::6815:496e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cbdbe4272bfcc8e29cb4b221a2fac36d1f236b6d47ac3e9d3e3dc994d2ca13f1 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:03 GMT content-encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 56313 Transfer-Encoding chunked x-middleton-display sol-js Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 CF-RAY 6d14e96b2d5e5b62-FRA Last-Modified Fri, 21 Jan 2022 09:33:30 GMT Server cloudflare vary Accept-Encoding, Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77ZK%2FRKVuwjYO31%2FHdFiJUXnPh3Ei8GUShlCVL6ZA3jwsq2M3bQcY%2BvmKz5CaU4EHttrSOBrR1luLRg%2BY6%2BJ6x39AyIXuwgTz8cnx1b12HbR8Vii8tSvc6BoptRQpcyDPZsZrZWGjMxhGFQ%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript cache-control public, max-age=31536000 x-robots-tag noindex
GET H/1.1	200 OK	nmash.js Show response go.ezodn.com/porpoiseant/	24 KB 7 KB	24ms 24ms	Script application/javascript	2606:4700:3031::6815:496e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://go.ezodn.com/porpoiseant/nmash.js?v=95 Requested by Host: go.ezodn.com URL: http://go.ezodn.com/porpoiseant/banger.js?cb=195-7&bv=95&v=57&PageSpeed=off Protocol HTTP/1.1 Server 2606:4700:3031::6815:496e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ffb648200f12e9e83c7a7d94892271c74f23b39d6f77b9df5e21c96166a41ecb Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:03 GMT content-encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 102278 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 CF-RAY 6d14e96b5da45b62-FRA last-modified Thu, 20 Jan 2022 03:31:19 GMT Server cloudflare etag "6003-5d5fb22b3bc84;5d5fb22b3bc84-gzip" vary Accept-Encoding, Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BRR6ynBs8gXUJjVPlOtKIe%2FRJRlzoh2FpTAs8NzJYZLpQFM%2BTj4MFY3depl70Wg%2FdSsRr7Knzw%2FEFaGBFqflfWNg%2Fly%2BCmAY0lOcxCDUKXPtlHkt%2BrSPFpQ6N3EOT1imkU0IC2nLzuTY8c%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript cache-control public, max-age=31536000 x-robots-tag noindex
GET H/1.1	200 OK	rochester.js Show response coinbase.in.w3snoop.com/detroitchicago/	3 KB 1 KB	20ms 19ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://coinbase.in.w3snoop.com/detroitchicago/rochester.js?gcb=195-7&cb=12 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol HTTP/1.1 Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 60336c13eea75c96878f24585b6f20a843e7ce7fd3f23af03f6ccad8d9119690 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:03 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript X-Middleton-Display sol-js Cache-Control max-age=31536000, public X-Robots-Tag noindex Content-Length 1052
GET H/1.1	200 OK	screx.js Show response coinbase.in.w3snoop.com/tardisrocinante/	10 KB 3 KB	20ms 19ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://coinbase.in.w3snoop.com/tardisrocinante/screx.js?gcb=7&cb=2 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol HTTP/1.1 Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash be410830498ee32cf1c61d29613e1ef4a4afb9647a5b1eaaad9acc41f4119e25 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:03 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript X-Middleton-Display sol-js Cache-Control max-age=31536000, public Transfer-Encoding chunked X-Robots-Tag noindex
GET H/1.1	200 OK	edmonton.webp Show response coinbase.in.w3snoop.com/detroitchicago/	21 KB 6 KB	21ms 21ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://coinbase.in.w3snoop.com/detroitchicago/edmonton.webp?a=a&cb=195-7&shcb=34 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol HTTP/1.1 Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash c5d9c9f6bbfd42b7c3c63a20fb54ba49978b53f6b981fbabe4d56dd90b2b44ab Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:03 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript X-Middleton-Display sol-js Cache-Control max-age=31536000, public Transfer-Encoding chunked X-Robots-Tag noindex
GET H/1.1	200 OK	vitals.js Show response coinbase.in.w3snoop.com/tardisrocinante/	5 KB 2 KB	20ms 20ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://coinbase.in.w3snoop.com/tardisrocinante/vitals.js?gcb=7&cb=3 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol HTTP/1.1 Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash d839b193eba1dd4578cc90dfe2fe6edea552e807f65af9e79780a58d0ad9b1bb Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:03 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript X-Middleton-Display sol-js Cache-Control max-age=31536000, public X-Robots-Tag noindex Content-Length 1895
GET H/1.1	200 OK	imp.gif Show response g.ezoic.net/detroitchicago/	43 B 569 B	41ms 25ms	XHR image/gif	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://g.ezoic.net/detroitchicago/imp.gif?e=%7B%22ab_test_id%22%3A%22mod96%22%2C%22ad_cache_level%22%3A0%2C%22ad_count_adjustment%22%3A0%2C%22ad_lazyload_version%22%3A2%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%221%2C2%2C3%2C30%2C0%2C5%2C6%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A6%2C%22city%22%3A%22%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A0%2C%22domain_id%22%3A86868%2C%22domain_test_group%22%3A20210303%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A11%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A4%2C%22metro_code%22%3A0%2C%22page_ad_positions%22%3A%221006%2C1100%2C1121%2C1125%2C1130%2C1136%2C1142%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22a287eb0d-9237-42e5-4e75-48224f16c630%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22referring_domain%22%3A%22w3snoop.com%22%2C%22response_size_orig%22%3A0%2C%22response_time_orig%22%3A0%2C%22serverid%22%3A%2218.184.155.4%3A15238%22%2C%22state%22%3A%22%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1121%2C1125%2C1130%2C1136%2C1142%22%2C%22t_epoch%22%3A1642813922%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22http%3A%2F%2Fcoinbase.in.w3snoop.com%2F%22%2C%22user_id%22%3A0%2C%22visit_uuid%22%3A%2264819009-7927-42c2-7326-c48aa9069657%22%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A394%2C%22worst_bad_word_level%22%3A0%2C%22cdn_browser_cache%22%3A0%7D Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/detroitchicago/memphis.js?gcb=195-7&cb=14 Protocol HTTP/1.1 Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:03 GMT Server nginx Vary Accept-Encoding, Accept-Encoding, Accept-Encoding Access-Control-Allow-Methods HEAD, PUT, POST, GET, OPTIONS Content-Type image/gif Access-Control-Allow-Origin http://coinbase.in.w3snoop.com X-Middleton-Display imp_sol Access-Control-Max-Age 1728000 Cache-Control private, max-age=0, must-revalidate, no-cache, no-store Access-Control-Allow-Headers Content-Type Content-Length 43 Expires Fri, 21 Jan 2022 01:12:01 GMT
GET H/1.1	200 OK	script_delay.js Show response coinbase.in.w3snoop.com/tardisrocinante/	6 KB 2 KB	19ms 19ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://coinbase.in.w3snoop.com/tardisrocinante/script_delay.js?gcb=7&cb=2 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol HTTP/1.1 Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 8788975f588d159ec1a3cfba8b7508b3dd8ac8e48440d112e3c0e026b3ffc138 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:03 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript X-Middleton-Display sol-js Cache-Control max-age=31536000, public X-Robots-Tag noindex Content-Length 1870
GET H2	200	config Show response c.amazon-adsystem.com/cdn/prod/	385 B 738 B	153ms 115ms	XHR application/json	108.156.255.177 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fcoinbase.in.w3snoop.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4 Requested by Host: c.amazon-adsystem.com URL: http://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.255.177 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash dd4320cdfa0077bbe8f1a4e0e77a65c6253cfae2fc282ce7a6ab8e78a330b143 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:02 GMT via 1.1 f47fcc9b2aa47ced36c40c318e6f006a.cloudfront.net (CloudFront) server Server x-amz-cf-pop DUS51-P2 x-cache Miss from cloudfront content-type application/json;charset=UTF-8 access-control-allow-origin http://coinbase.in.w3snoop.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true content-length 385 x-amz-cf-id NYgvtntrb_mREEyNmlwnwjJxwwGaOjcjbrHIpEGjIkaQHHSC-L2Nsg==
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/	23 B 494 B	90ms 55ms	XHR text/javascript	108.156.255.177 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&pid=GWwtG27EWpNQO&cb=0&ws=1600x1200&v=7.72.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-w3snoop_com-box-2-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C15511903%2Fw3snoop_com-box-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-w3snoop_com-box-3-0%22%2C%22s%22%3A%5B%22468x60%22%5D%2C%22sn%22%3A%22%2F1254144%2C15511903%2Fw3snoop_com-box-3%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-w3snoop_com-box-4-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C15511903%2Fw3snoop_com-box-4%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-w3snoop_com-banner-1-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C15511903%2Fw3snoop_com-banner-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-w3snoop_com-box-1-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C15511903%2Fw3snoop_com-box-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-w3snoop_com-medrectangle-2-0%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C15511903%2Fw3snoop_com-medrectangle-2%22%7D%5D&schain=1.0%2C1!ezoic.ai%2C89dda44f243a7dcabff588800a1bcd4f%2C1%2C%2C%2C&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: http://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.255.177 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:03 GMT via 1.1 f47fcc9b2aa47ced36c40c318e6f006a.cloudfront.net (CloudFront) server Server x-amz-cf-pop DUS51-P2 x-amz-rid WS21MJ79PCQ0C1F7DFM6 vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin http://coinbase.in.w3snoop.com access-control-allow-credentials true permissions-policy interest-cohort=() strict-transport-security max-age=47474747; includeSubDomains; preload timing-allow-origin * content-length 23 x-amz-cf-id rZeBRW3OlNDZNr-BJXpy2o9CIpfVC1YZ18lbyX8kM1os-Rd8y3SbeA==
GET H/1.1	200 OK	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	176ms 158ms	XHR application/javascript	108.156.255.177 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: http://c.amazon-adsystem.com/aax2/apstag.js Protocol HTTP/1.1 Server 108.156.255.177 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:04 GMT Content-Encoding gzip Vary Accept-Encoding,Origin X-Amz-Cf-Pop DUS51-P2 Transfer-Encoding chunked X-Cache Miss from cloudfront Connection keep-alive Access-Control-Allow-Origin * Last-Modified Fri, 21 Jan 2022 02:54:57 GMT Server AmazonS3 ETag W/"a4d296427fc806b21335359e398c025c" Access-Control-Max-Age 3000 Access-Control-Allow-Methods GET x-amz-version-id eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn Via 1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront) Cache-Control public, max-age=86400 Content-Type application/javascript X-Amz-Cf-Id b4ZFt_i840WyWAliD-3kiNn4TCKfFNLZBKUfA-M5O0iTR9fPIiIWdA==
POST H2	200	cookie_sync Show response pb-server.ezoic.com/	271 B 496 B	67ms 16ms	XHR application/json	3.123.221.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pb-server.ezoic.com/cookie_sync Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.123.221.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-123-221-18.eu-central-1.compute.amazonaws.com Software / Resource Hash 121a7895494cf562e623fea3fd368f7a796af3d9b3d971774f0909c6d2d8f94e Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 22 Jan 2022 01:12:03 GMT vary Origin content-type application/json; charset=utf-8 access-control-allow-origin http://coinbase.in.w3snoop.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 271 expires 0
POST H2	200	auction Show response pb-server.ezoic.com/openrtb2/	150 B 363 B	250ms 200ms	XHR application/json	3.123.221.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pb-server.ezoic.com/openrtb2/auction Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.123.221.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-123-221-18.eu-central-1.compute.amazonaws.com Software / Resource Hash d823848aa4d5a6fc276eac1bde678c4c997bfffa297807fa79974e95c976817e Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 22 Jan 2022 01:12:03 GMT vary Origin content-type application/json access-control-allow-origin http://coinbase.in.w3snoop.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 150 expires 0
POST H2	200	/ Show response prebid.smilewanted.com/	0 77 B	87ms 42ms	XHR application/json	104.22.69.131 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prebid.smilewanted.com/ Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers date Sat, 22 Jan 2022 01:12:03 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/json access-control-allow-origin http://coinbase.in.w3snoop.com access-control-allow-credentials true cf-ray 6d14e96c1e3c4309-FRA access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
POST H2	200	/ Show response prebid.smilewanted.com/	0 441 B	81ms 36ms	XHR application/json	104.22.69.131 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prebid.smilewanted.com/ Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers date Sat, 22 Jan 2022 01:12:03 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/json access-control-allow-origin http://coinbase.in.w3snoop.com access-control-allow-credentials true cf-ray 6d14e96c1e3d4309-FRA access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
POST H2	200	/ Show response prebid.smilewanted.com/	0 76 B	82ms 37ms	XHR application/json	104.22.69.131 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prebid.smilewanted.com/ Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers date Sat, 22 Jan 2022 01:12:03 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/json access-control-allow-origin http://coinbase.in.w3snoop.com access-control-allow-credentials true cf-ray 6d14e96c1e3e4309-FRA access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
POST H2	200	/ Show response prebid.smilewanted.com/	0 77 B	84ms 39ms	XHR application/json	104.22.69.131 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prebid.smilewanted.com/ Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers date Sat, 22 Jan 2022 01:12:03 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/json access-control-allow-origin http://coinbase.in.w3snoop.com access-control-allow-credentials true cf-ray 6d14e96c1e3f4309-FRA access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
POST H2	200	/ Show response prebid.smilewanted.com/	0 77 B	103ms 59ms	XHR application/json	104.22.69.131 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prebid.smilewanted.com/ Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers date Sat, 22 Jan 2022 01:12:03 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/json access-control-allow-origin http://coinbase.in.w3snoop.com access-control-allow-credentials true cf-ray 6d14e96c1e404309-FRA access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
POST H2	200	/ Show response prebid.smilewanted.com/	0 77 B	81ms 37ms	XHR application/json	104.22.69.131 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prebid.smilewanted.com/ Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers date Sat, 22 Jan 2022 01:12:03 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/json access-control-allow-origin http://coinbase.in.w3snoop.com access-control-allow-credentials true cf-ray 6d14e96c1e424309-FRA access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
POST		translator hbopenbid.pubmatic.com/	0 0
POST H/1.1	200 OK	bid Show response ap.lijit.com/rtb/	93 B 753 B	146ms 86ms	XHR application/json	216.52.2.19 AS-INAPCDN-OCY
General Check archive.org Show headers Download Go to Full URL https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.0.0 Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US), Reverse DNS Software / Resource Hash 403ebae7c02f4f73c50cf7a825d18c695c9d6330a9e3d4a7056ee195a9540990 Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Date Sat, 22 Jan 2022 01:12:03 GMT Content-Encoding gzip Vary Accept-Encoding, User-Agent Access-Control-Allow-Methods GET, POST, DELETE, PUT Content-Type application/json Access-Control-Allow-Origin http://coinbase.in.w3snoop.com Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap4ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 99
GET H2	200	cygnus Show response htlb.casalemedia.com/	37 B 335 B	210ms 161ms	XHR application/json	23.37.38.181 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/cygnus?s=305137&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2229e57760ad54edd%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fcoinbase.in.w3snoop.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A6%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A6%2C%22ren%22%3Afalse%2C%22version%22%3A%226.0.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22306e42f5b554303%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305137%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2231c9c38685ecac3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22305138%22%2C%22sid%22%3A%22468x60%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2232e6a5ae82491c8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305139%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22338dea7145189d9%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305144%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2234613bb414e8bca%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305136%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22355e599d65105c8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22305141%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22305141%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ezoic.ai%22%2C%22sid%22%3A%2289dda44f243a7dcabff588800a1bcd4f%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-37-38-181.deploy.static.akamaitechnologies.com Software Apache / Resource Hash c5a22c2789ae687b676656b0cf4baa4f7bca0acf93544a312647a032d8062891 Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 22 Jan 2022 01:12:03 GMT x-ak-initial-geo CC:[DE], RC:[HE], CN:[EU], CIP:[84.19.175.184], XFF:[] server Apache content-type application/json access-control-allow-origin http://coinbase.in.w3snoop.com x-cs-client-geo 12 cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 37 x-ak-client-geo 12 expires Sat, 22 Jan 2022 01:12:03 GMT
POST H2	200	prebid Show response prebid.media.net/rtb/	32 B 288 B	265ms 224ms	XHR application/json	34.107.148.139 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://prebid.media.net/rtb/prebid?cid=8CUBCB617 Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 139.148.107.34.bc.googleusercontent.com Software nginx / Resource Hash dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 22 Jan 2022 01:12:03 GMT content-encoding gzip server nginx content-type application/json;charset=UTF-8 access-control-allow-origin http://coinbase.in.w3snoop.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 via 1.1 google
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 369 B	53ms 15ms	XHR application/json	51.38.120.206 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.38.120.206 , France, ASN16276 (OVH, FR), Reverse DNS ip206.ip-51-38-120.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin http://coinbase.in.w3snoop.com cache-control no-transform, no-cache access-control-allow-credentials true content-type application/json access-control-allow-headers content-type, origin, referer, user-agent content-length 41
GET H2	204	prebid Show response ads.yieldmo.com/exchange/	0 229 B	189ms 39ms	XHR text/plain	99.81.117.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.yieldmo.com/exchange/prebid?pbav=6.0.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-w3snoop_com-box-2-0%22%2C%22callback_id%22%3A%225109b180fb9495c%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-w3snoop_com-box-3-0%22%2C%22callback_id%22%3A%22520effd4c8e3106%22%2C%22sizes%22%3A%5B%5B468%2C60%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-w3snoop_com-box-4-0%22%2C%22callback_id%22%3A%225317584a202c3b6%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-w3snoop_com-banner-1-0%22%2C%22callback_id%22%3A%2254bead814e1426e%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-w3snoop_com-box-1-0%22%2C%22callback_id%22%3A%225568ab4f82bda07%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-w3snoop_com-medrectangle-2-0%22%2C%22callback_id%22%3A%2256da60fa18ccbf9%22%2C%22sizes%22%3A%5B%5B970%2C90%5D%2C%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%5D&page_url=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&bust=1642813923176&pr=&scrd=1&dnt=false&description=View%20Coinbase.in%20-%20Free%20traffic%2C%20revenue%2C%20rankings%2C%20ip%20address%20report%20for%20the%20Coinbase%20website.&title=Coinbase%20-%20Coinbase.in&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ezoic.ai%22%2C%22sid%22%3A%2289dda44f243a7dcabff588800a1bcd4f%22%2C%22hp%22%3A1%7D%5D%7D Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.81.117.116 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-81-117-116.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin http://coinbase.in.w3snoop.com pragma no-cache date Sat, 22 Jan 2022 01:12:03 GMT access-control-allow-credentials true x-robots-tag none,NOINDEX,NOFOLLOW access-control-allow-methods POST, GET, OPTIONS access-control-request-headers Cache-Control, Pragma
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	4 KB 3 KB	142ms 78ms	XHR application/json	2602:803:c004:200::141 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,89dda44f243a7dcabff588800a1bcd4f,1,,,&rf=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=e28450b3-72f5-4b09-b12f-67a691ee0be8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.0069261517230112535 Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash f9fd542a14b1dd1d6510e5eee2b9eeddcc6131cf9e0e60e82800ebb9354e4b07 Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sat, 22 Jan 2022 01:12:03 GMT Content-Encoding gzip Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin http://coinbase.in.w3snoop.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 1750 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	240 B 1 KB	137ms 73ms	XHR application/json	2602:803:c004:200::141 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=1&rp_schain=1.0,1!ezoic.ai,89dda44f243a7dcabff588800a1bcd4f,1,,,&rf=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=20a081d2-56fe-45b6-88a3-ddf8f9ba2ef0&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.022109903655143093 Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash 23ddde94c744bba03799087b148155ae9f4f7c4cfbe0362dff6f8761907d4c90 Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sat, 22 Jan 2022 01:12:03 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin http://coinbase.in.w3snoop.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 240 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	241 B 1 KB	136ms 71ms	XHR application/json	2602:803:c004:200::141 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,89dda44f243a7dcabff588800a1bcd4f,1,,,&rf=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=f99c465e-46c2-4106-a1b0-8ee232fc7b89&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.05318820939404412 Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash 3b2e5b282bec8be5fcdfd0d094e594db2ffc11db6cd53e4a93d950cbb371162d Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sat, 22 Jan 2022 01:12:03 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin http://coinbase.in.w3snoop.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 241 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	241 B 1 KB	142ms 78ms	XHR application/json	2602:803:c004:200::141 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,89dda44f243a7dcabff588800a1bcd4f,1,,,&rf=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=797afa4c-8b7b-4de5-975d-782a14103961&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8008361781082636 Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash 338aed550ec75d2ec54c57efc58d314cfafde74bcec18d97421f0af3665b7984 Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sat, 22 Jan 2022 01:12:03 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin http://coinbase.in.w3snoop.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 241 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	241 B 1 KB	133ms 69ms	XHR application/json	2602:803:c004:200::141 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,89dda44f243a7dcabff588800a1bcd4f,1,,,&rf=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=542eb4a3-9cb3-4f8e-90ed-5f98345b560e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.0020444095639247095 Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash 92878570f9d437d888c84a8ffc3d9c614190007430838ddc066101267ff86df1 Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sat, 22 Jan 2022 01:12:03 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin http://coinbase.in.w3snoop.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 241 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	260 B 1 KB	148ms 84ms	XHR application/json	2602:803:c004:200::141 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=2&alt_size_ids=55&rp_schain=1.0,1!ezoic.ai,89dda44f243a7dcabff588800a1bcd4f,1,,,&rf=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=85a6fe95-5db9-4c11-84ee-05cdef8cb2ee&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6104264640069659 Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash 55309c3c60c26cd8fc2305164def4e75aa7e04a97649e911b8cdca88ddd34268 Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sat, 22 Jan 2022 01:12:03 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin http://coinbase.in.w3snoop.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 260 Expires Wed, 17 Sep 1975 21:32:10 GMT
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 118 B	115ms 66ms	XHR text/plain	35.157.152.254 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.157.152.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-152-254.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin http://coinbase.in.w3snoop.com date Sat, 22 Jan 2022 01:12:03 GMT access-control-allow-credentials true vary Origin
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 117 B	128ms 78ms	XHR text/plain	35.157.152.254 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.157.152.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-152-254.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin http://coinbase.in.w3snoop.com date Sat, 22 Jan 2022 01:12:03 GMT access-control-allow-credentials true vary Origin
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 117 B	116ms 66ms	XHR text/plain	35.157.152.254 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.157.152.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-152-254.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin http://coinbase.in.w3snoop.com date Sat, 22 Jan 2022 01:12:03 GMT access-control-allow-credentials true vary Origin
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 117 B	128ms 79ms	XHR text/plain	35.157.152.254 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.157.152.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-152-254.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin http://coinbase.in.w3snoop.com date Sat, 22 Jan 2022 01:12:03 GMT access-control-allow-credentials true vary Origin
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 117 B	128ms 79ms	XHR text/plain	35.157.152.254 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.157.152.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-152-254.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin http://coinbase.in.w3snoop.com date Sat, 22 Jan 2022 01:12:03 GMT access-control-allow-credentials true vary Origin
GET H3	200	pubads_impl_2022011408.js Show response securepubads.g.doubleclick.net/gpt/	351 KB 118 KB	37ms 15ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Requested by Host: securepubads.g.doubleclick.net URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software sffe / Resource Hash 0530384d8115b9411cd4fac3bad2e6565ab2ddf9c866c86b1422a65dfccb3980 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 21 Jan 2022 23:46:05 GMT content-encoding gzip x-content-type-options nosniff age 5158 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 120805 x-xss-protection 0 last-modified Sat, 15 Jan 2022 00:18:29 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 21 Jan 2023 23:46:05 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	117 B 125 B	47ms 24ms	XHR application/json	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=coinbase.in.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 61d5c65e50ef94b363fdfef738f27c4ae3bb1e41056eb1627d9c4f57b1a9a16c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 22 Jan 2022 01:12:03 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0 expires Sat, 22 Jan 2022 01:12:03 GMT
GET H2	200	setuid pb-server.ezoic.com/ Redirect Chain https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=528982cc-6e71-4ac9-ad5a-085a79fa5ca4	86 B 453 B	16ms 16ms	Image image/png	3.123.221.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=528982cc-6e71-4ac9-ad5a-085a79fa5ca4 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol H2 Server 3.123.221.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-123-221-18.eu-central-1.compute.amazonaws.com Software / Resource Hash c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 22 Jan 2022 01:12:03 GMT cache-control no-cache, no-store, must-revalidate content-type image/png content-length 86 vary Origin expires 0 Redirect headers location https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=528982cc-6e71-4ac9-ad5a-085a79fa5ca4 date Sat, 22 Jan 2022 01:12:02 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 1 server envoy content-length 0
GET H2	200	id5-api.js Show response cdn.id5-sync.com/api/1.0/ Redirect Chain http://cdn.id5-sync.com/api/1.0/id5-api.js https://cdn.id5-sync.com/api/1.0/id5-api.js	37 KB 10 KB	75ms 37ms	Script text/javascript	46.105.202.126 OVH
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/id5-api.js Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol H2 Server 46.105.202.126 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash cd22c397f04eb61e3e9ad14b6149f294e4b8ae69b74b2140b237a31b26c99275 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding br x-cacheable Matched cache x-cdn-pop-ip 137.74.120.0/27 date Sat, 22 Jan 2022 00:15:10 GMT content-type text/javascript;charset=utf-8 cache-control max-age=3600 x-cdn-pop sbg content-disposition attachment;filename="id5-api.js" accept-ranges bytes content-length 10430 x-request-id 839485083 Redirect headers Location https://cdn.id5-sync.com/api/1.0/id5-api.js Non-Authoritative-Reason HSTS
POST H/1.1	200	457.json Show response id5-sync.com/g/v2/	213 B 540 B	76ms 18ms	XHR application/json	51.89.21.10 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/457.json Requested by Host: cdn.id5-sync.com URL: http://cdn.id5-sync.com/api/1.0/id5-api.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.89.21.10 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS p24.id5-sync.com Software / Resource Hash 0ed0c937dffdcf063ea76e0c1634bcba553499a9fb8a11119412cb88fd29d927 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin http://coinbase.in.w3snoop.com Date Sat, 22 Jan 2022 01:12:02 GMT Access-Control-Allow-Credentials true Vary Origin Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains; preload Content-Type application/json;charset=UTF-8
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	67ms 25ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=coinbase.in.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 22 Jan 2022 01:12:03 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	63ms 24ms	Script application/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=coinbase.in.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 22 Jan 2022 01:12:03 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	1 KB 296 B	438ms 437ms	XHR text/plain	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3803005523543764&correlator=20893700072536&output=ldjh&impl=fifs&vrg=2022011408&ptt=17&sc=0&sfv=1-0-38&ecs=20220122&iu_parts=1254144%3A15511903%2Cw3snoop_com-box-2%2Cw3snoop_com-box-3%2Cw3snoop_com-box-4&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=300x250%2C468x60%2C300x250&prev_scp=a%3D%257C5%257C%26iid1%3D1263870067619118%26eid%3D1263870067619118%26t%3D134%26d%3D86868%26t1%3D134%26pvc%3D0%26ap%3D1142%26sap%3D1142%26as%3Drevenue%26plat%3D1%26bra%3Dmod96%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dw3snoop_com-box-2-1263870067619118%26eb_br%3D26dfa00588543c52511429ade391f561%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D8925457851%26bv%3D0%26bvm%3D4%26bvr%3D4%26shp%3D1%26br1%3D550%26br2%3D200%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C168%2C0%2C67%2C0%2C193%2C66%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C2339%2C992%2C996%2C774%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26hb_bidder%3Drubicon%26hb_adid%3D7193ad78fe32da4%26hb_pb%3D0.21%26hb_format%3Dbanner%26hb_ssid%3D10063%26hb_opt%3D0.21%26hb_rt%3Dclient%7Ca%3D%257C3%257C%26iid1%3D5399922209652068%26eid%3D5399922209652068%26t%3D134%26d%3D86868%26t1%3D134%26pvc%3D0%26ap%3D1121%26sap%3D1121%26as%3Drevenue%26plat%3D1%26bra%3Dmod96%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dw3snoop_com-box-3-5399922209652068%26eb_br%3D736e09a0771285737509ab8954c475a7%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D8925457851%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D1%26br1%3D1200%26br2%3D200%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C193%2C0%2C67%2C0%2C168%2C77%2C192%2C26%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C992%2C996%2C774%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%7Ca%3D%257C2%257C%26iid1%3D6146008105623793%26eid%3D6146008105623793%26t%3D134%26d%3D86868%26t1%3D134%26pvc%3D0%26ap%3D1136%26sap%3D1136%26as%3Drevenue%26plat%3D1%26bra%3Dmod96%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D3%26al%3D1003%26compid%3D0%26tap%3Dw3snoop_com-box-4-6146008105623793%26eb_br%3Db2ac58e6c0c84fc65f344f47dd85768b%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D8925457851%26bv%3D0%26bvm%3D2%26bvr%3D1%26shp%3D1%26br1%3D2100%26br2%3D160%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C168%2C0%2C4%2C0%2C193%2C66%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C992%2C996%2C774%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&cookie_enabled=1&bc=23&abxe=1&dt=1642813923650&lmt=1642813923&dlt=1642813922259&idt=1027&frm=20&biw=1600&bih=1200&oid=2&adxs=650%2C661%2C661&adys=2%2C482%2C665&adks=3539511386%2C3313998340%2C3335128194&ucis=1%7C2%7C3&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x0%7C0x0%7C0x0&msz=300x0%7C602x0%7C602x0&ga_vid=1640558168.1642813923&ga_sid=1642813924&ga_hid=909859898&ga_fc=true&fws=0%2C0%2C0&ohw=0%2C0%2C0&btvi=0%7C0%7C0&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 4f8778adc9c1eba7670ea10a213a3d9df32900fd79ed0b342084b8585a25731c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:04 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 266 x-xss-protection 0 google-lineitem-id -2,-2,-2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2,-2,-2 content-type text/plain; charset=UTF-8 access-control-allow-origin http://coinbase.in.w3snoop.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	12 KB 9 KB	68ms 29ms	XHR application/json	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011408&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c1c91a8c369da374e6121bfb378b62a9f3151673da96f673345bd136865dac41 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 22 Jan 2022 01:12:03 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9115 x-xss-protection 0
GET H2	200	container.html Show response 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 26BA	6 KB 4 KB	84ms 24ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Sat, 22 Jan 2022 01:12:03 GMT expires Sun, 22 Jan 2023 01:12:03 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	48ms 24ms	Script application/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=coinbase.in.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 22 Jan 2022 01:12:03 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	47ms 24ms	Script application/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=coinbase.in.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 22 Jan 2022 01:12:03 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	458 B 275 B	292ms 291ms	XHR text/plain	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3803005523543764&correlator=1182368416488078&output=ldjh&impl=fifs&vrg=2022011408&ptt=17&sc=0&sfv=1-0-38&ecs=20220122&iu_parts=1254144%3A15511903%2Cw3snoop_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&prev_scp=a%3D%257C251%257C%26iid1%3D4024909493590809%26eid%3D4024909493590809%26t%3D134%26d%3D86868%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod96%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dw3snoop_com-medrectangle-2-4024909493590809%26eb_br%3D45a351e981f435b4c20fafca8a5d741c%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D8925457851%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D1%26br1%3D600%26br2%3D140%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C168%2C0%2C4%2C0%2C193%2C20%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C2339%2C992%2C996%2C774%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&cookie_enabled=1&bc=23&abxe=1&dt=1642813923727&lmt=1642813923&dlt=1642813922259&idt=1027&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=1200&adks=881660063&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=1600x-1&ga_vid=1640558168.1642813923&ga_sid=1642813924&ga_hid=909859898&ga_fc=true&fws=512&ohw=0&btvi=1&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 3c1309d262f6ec6a081b4a7756b9a2dd4095f81da11ac0598b5b1f47a6c8ba15 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:04 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 245 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin http://coinbase.in.w3snoop.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	143ms 24ms	Script text/javascript	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:03 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 22 Jan 2022 01:12:03 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 689C	13 KB 5 KB	40ms 16ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5046 x-content-type-options nosniff server sffe x-xss-protection 0 date Sat, 22 Jan 2022 01:03:35 GMT expires Sun, 22 Jan 2023 01:03:35 GMT cache-control public, max-age=31536000 last-modified Mon, 21 Jun 2021 20:47:05 GMT content-type text/html age 508 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame D933	783 B 1 KB	69ms 27ms	Document text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash ab2ae104dae6124e453ce1518dbfdfa5ab3ea46e916b2501d343c35a05199261 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-CsiJJd72WzHQmkv2XR5sLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Sat, 22 Jan 2022 01:12:03 GMT date Sat, 22 Jan 2022 01:12:03 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-CsiJJd72WzHQmkv2XR5sLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 514 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js Show response pagead2.googlesyndication.com/bg/ Frame 689C	35 KB 13 KB	41ms 16ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5584809aa902aaa236a75bc6ecdd04661304da64818f8ec3b3c23a9c884398fe Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 00:04:59 GMT content-encoding br x-content-type-options nosniff age 4024 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13526 x-xss-protection 0 last-modified Wed, 12 Jan 2022 16:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 22 Jan 2023 00:04:59 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame D933	0 0	50ms 50ms	Image text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011408&jk=3803005523543764&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H3	200	/ Show response basher.ezodn.com/	3 KB 2 KB	65ms 44ms	XHR application/json	2606:4700:3031::6815:496e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://basher.ezodn.com/?did=86868&bf=2300&dc=1254144 Requested by Host: go.ezodn.com URL: http://go.ezodn.com/porpoiseant/nmash.js?v=95 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:496e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6651b220afded0ed201d9c011be17e2570460ea3b660c9a23a2589f9cc0312bc Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 X-PINGBACK pingpong Content-Type application/json Response headers date Sat, 22 Jan 2022 01:12:04 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding access-control-allow-methods GET,POST,OPTIONS content-type application/json access-control-allow-origin http://coinbase.in.w3snoop.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zK4wx2qmDcbm%2BcugXKxot14tZxrUjumXDi7luuA2wD1lc%2BwaNzc96dmvKZXFAX26e8SNxN0d%2FRBmeWXFzVBalLfQdYQRfV7lIZ8Vh9Em%2BHJfceaOxp0JJD%2B74vHp8TpgW6H%2B2GuMBXXnV7kjVskT"}],"group":"cf-nel","max_age":604800} access-control-max-age 86400 cache-control public, max-age=84400 cf-ray 6d14e971dcda704f-FRA access-control-allow-headers Content-Type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
OPTIONS H2	200	/ basher.ezodn.com/ Frame	0 0	73ms 28ms	Preflight application/json	2606:4700:3031::6815:496e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://basher.ezodn.com/?did=86868&bf=2300&dc=1254144 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:496e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type,x-pingback Origin http://coinbase.in.w3snoop.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Sec-Fetch-Mode cors Response headers date Sat, 22 Jan 2022 01:12:04 GMT content-type application/json content-length 0 access-control-allow-origin http://coinbase.in.w3snoop.com vary Origin, Accept-Encoding access-control-allow-headers content-type,x-pingback access-control-allow-methods GET,POST,OPTIONS access-control-max-age 86400 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3pCKMf%2BmQ1DqEt0TYITUlUtAr7EGqXqJw4ooQ%2BlPEdvgyi1lLAz3LY2Xl2y3dkeNFbXbNxpdSf5tX%2F5ZH%2Bo6i6xn%2FrvB%2FofllkiJGpMgQ8fUlb9BmNuBZGavjTNlVEEjOJq50j0VQ1s7WJxlpS%2F"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6d14e9718aaa4e4a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	greenoaks.gif Show response g.ezoic.net/detroitchicago/	0 380 B	19ms 18ms	XHR text/plain	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhMjg3ZWIwZC05MjM3LTQyZTUtNGU3NS00ODIyNGYxNmM2MzAiLCJkb21haW5faWQiOiI4Njg2OCIsInRfZXBvY2giOjE2NDI4MTM5MjIsImRhdGEiOlt7Im5hbWUiOiJkZXZpY2Vfd2lkdGgiLCJ2YWwiOiIxNjAwIn0seyJuYW1lIjoiZGV2aWNlX2hlaWdodCIsInZhbCI6IjEyMDAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhMjg3ZWIwZC05MjM3LTQyZTUtNGU3NS00ODIyNGYxNmM2MzAiLCJkb21haW5faWQiOiI4Njg2OCIsInRfZXBvY2giOjE2NDI4MTM5MjIsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIyLTAxLTIyIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI2In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhMjg3ZWIwZC05MjM3LTQyZTUtNGU3NS00ODIyNGYxNmM2MzAiLCJkb21haW5faWQiOiI4Njg2OCIsInRfZXBvY2giOjE2NDI4MTM5MjIsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImEyODdlYjBkLTkyMzctNDJlNS00ZTc1LTQ4MjI0ZjE2YzYzMCIsImRvbWFpbl9pZCI6Ijg2ODY4IiwidF9lcG9jaCI6MTY0MjgxMzkyMiwiZGF0YSI6W3sibmFtZSI6Imxhbmd1YWdlX3ByaW1hcnlfc3VidGFnIiwidmFsIjoiZW4ifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhMjg3ZWIwZC05MjM3LTQyZTUtNGU3NS00ODIyNGYxNmM2MzAiLCJkb21haW5faWQiOiI4Njg2OCIsInRfZXBvY2giOjE2NDI4MTM5MjIsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9yZXF1ZXN0IiwidmFsIjoiMTg5MiJ9XX1d Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/detroitchicago/memphis.js?gcb=195-7&cb=14 Protocol HTTP/1.1 Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:04 GMT Server nginx Vary Accept-Encoding, Accept-Encoding Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin http://coinbase.in.w3snoop.com X-Middleton-Display ezp_sol Cache-Control private, max-age=0, must-revalidate, no-cache, no-store Content-Length 0 Expires Fri, 21 Jan 2022 01:12:01 GMT
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	25ms 25ms	Script application/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=coinbase.in.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 22 Jan 2022 01:12:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	24ms 23ms	Script application/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=coinbase.in.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 22 Jan 2022 01:12:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	118 KB 31 KB	429ms 428ms	XHR text/plain	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3803005523543764&correlator=3917141319809211&output=ldjh&impl=fifs&vrg=2022011408&ptt=17&sc=0&sfv=1-0-38&ecs=20220122&iu_parts=1254144%3A15511903%2Cw3snoop_com-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=ga%3D2497208%26tap%3Dw3snoop_com-pixel1-8138357119616111%26ezoic%3D1%26eb_br%3D9e0a1ce5b2455cb9b48d5df4c6bf4053%26ap%3D9999%26iid1%3D8138357119616111%26bra%3Dmod96&eri=1&cookie=ID%3D0691e5ac56906254-22f6723e27cd000d%3AT%3D1642813923%3AS%3DALNI_Mb1FEfK9ZfAbIDdg4L3mcxcmp6NfQ&bc=23&abxe=1&dt=1642813924190&lmt=1642813924&dlt=1642813922259&idt=1027&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=1377911083&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1640558168.1642813923&ga_sid=1642813924&ga_hid=909859898&ga_fc=true&fws=2&ohw=0&btvi=-1&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 4629a5f566af2e6a1409d9ff5f49ba7997f0545d632e25f87e20a7e4a8afedb7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:04 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32126 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin http://coinbase.in.w3snoop.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pubads_impl_page_level_ads_2022011408.js Show response securepubads.g.doubleclick.net/gpt/	34 KB 13 KB	14ms 14ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022011408.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software sffe / Resource Hash eded73b494faf1cea930993a467caefe53ddd3ed81f4b2b6e038af3d7e6d5a9d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 18 Jan 2022 20:59:09 GMT content-encoding gzip x-content-type-options nosniff age 274375 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12966 x-xss-protection 0 last-modified Sat, 15 Jan 2022 00:18:29 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Wed, 18 Jan 2023 20:59:09 GMT
GET		generate_204 tpc.googlesyndication.com/ Frame 689C	0 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	51ms 50ms	Image image/gif	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011408&jk=3803005523543764&bg=!TE-lTwvNAAZ_DxPPfw87ACkAdvg8WrUGPvmqWfdfbGz9lXDPSidKx_OcrQUrL3ndwoQI6ubWkT2FFAIAAADwUgAAAAJoAQcKAHxW00h3QPlmwiFz0jayRM3f7sGybq-mnzKW6kbTVr5cx3GCU8k3WlBcBBrMSQzf7WFGTFbaT7ECZNN9I9Ht2GAhq3OpbEZJCcpJupB8Dw-yVcwJboRoK83lbBaBFdddnMtoBsw1AmqaXoBV6457VHQQqqKSbSbXINrL1c5BmQLf9Gbqg9--6ADA50IQt6UtZZspaGnM81-vmG1V6XYQwhKiLHGxptovNvjRsw3w4bgesyZfPXJ4m6MSEYv_TlHmW8OwXvaP5BbFJ4fOw4e9t8XlS-VD1jlQq_Bx-VIA44_cTljfYuFPepQS9i-7CDNwaJk-5mqPinjfXOIaR6E5rtn_ywZLZv4LYWZeYr_e6Xg_bU2u62Zp-epwsnpbKdSp7w3yknbS73fq-RPg-2WZuidV6ow8Dy_0E3E89OxP7VQjezQppi49V3Ai8lxPK280YMKFiNu7H2h8KnaspqSrqtyvFHgn2C323ZEXvekJuBdFQzIgAmMnpHWQQB9Rk0ud9RbLztwWRzTxlsPsTfydL0E0nU42IngcZH7ak2aHp8W3Fj3skXDYKl9YV1-IANjxHElxIJln7NpzuwQy-3JN6pkmCJAGmx5eoHfIo2bGQT8ShRHh2CW2L_XoORGwWG51AM4c1zG2CO980d5Vhk7alSXSF7MXNUzz_GhFWY4IrUHHFSzZPmACF1fIVeuFR000WuulqRnvItHAfmJiiDc-jgGXuTdZzX04ptKgWfVh6p-yzJFuO828UCmmxyEoH31PsO4qRII2MLsDHyYRpFZWUixxHioQRanXFbj0LyeNI0LFOk5kWUjhbJIgTZYfrkO40-ukZpkBu4buenybLahtpOfvLF_zN3rMTwU1NObCoyp8xcYXdQeqlFwGrvx2exypG0jeN0-i7iM3yf7cdiq_nTJDvtH1Vdbn6VDL5tDJ1le3tzsBhWe1RLckeIp7XZjYMdIkgw656rQF8SrV2sULPyAvXkKgvh8uC94vdls70delfiV2kEdzuR-oxM9_fVj5aRaBFkvCnFO17bKxUTlDgrRebXbNuDsJPq2QMB5R2qS2-bH4Dghzv12nYZ9uaE_vF-m3YEKAmyoQXKq0G7QcqzV5VzkdScUAivKzcHTfSIN8bTKLyMa6yoCdQO-rrr3U Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 22 Jan 2022 01:12:04 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	container.html Show response 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0242	6 KB 3 KB	39ms 15ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 x-content-type-options nosniff server sffe x-xss-protection 0 date Sat, 22 Jan 2022 01:12:03 GMT expires Sun, 22 Jan 2023 01:12:03 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT content-type text/html age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	NaN Show response go.ezoic.net/bfhash/1254144%7C1254144,15511903/	71 B 526 B	75ms 18ms	XHR text/plain	2600:9000:2156:c400:2:cb38:840:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://go.ezoic.net/bfhash/1254144%7C1254144,15511903/NaN Requested by Host: go.ezodn.com URL: http://go.ezodn.com/porpoiseant/nmash.js?v=95 Protocol HTTP/1.1 Server 2600:9000:2156:c400:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 06babd166c598082e01140414a84699d5e7ddc9db8278fe1ec44cc01d8a2957d Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:01:59 GMT Via 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront) Connection keep-alive Server nginx Age 605 Vary Accept-Encoding,Accept-Encoding X-Cache Hit from cloudfront Content-Type text/plain Access-Control-Allow-Origin * Cache-Control max-age=3600, public X-Amz-Cf-Pop FRA50-C1 Content-Length 71 X-Amz-Cf-Id GOGryaPUzm6KNacxMJ5zMS5LNPH2CnTEjc6soEt6_lvFUlOweaKIiQ==
GET H/1.1	200 OK	greenoaks.gif Show response g.ezoic.net/detroitchicago/	0 380 B	18ms 18ms	XHR text/plain	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhMjg3ZWIwZC05MjM3LTQyZTUtNGU3NS00ODIyNGYxNmM2MzAiLCJkb21haW5faWQiOiI4Njg2OCIsInRfZXBvY2giOjE2NDI4MTM5MjIsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9sb2FkIiwidmFsIjoiMjM1NyJ9XX1d Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/detroitchicago/memphis.js?gcb=195-7&cb=14 Protocol HTTP/1.1 Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:04 GMT Server nginx Vary Accept-Encoding, Accept-Encoding Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin http://coinbase.in.w3snoop.com X-Middleton-Display ezp_sol Cache-Control private, max-age=0, must-revalidate, no-cache, no-store Content-Length 0 Expires Fri, 21 Jan 2022 01:12:03 GMT
GET H/1.1	200 OK	army.gif Show response g.ezoic.net/porpoiseant/	0 380 B	32ms 16ms	XHR text/plain	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiODEzODM1NzExOTYxNjExMSIsImRvbWFpbl9pZCI6Ijg2ODY4IiwidW5pdCI6Inczc25vb3BfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NDI4MTM5MjIsImF1Y3Rpb25fZXBvY2giOjE2NDI4MTM5MjUsImFkX3Bvc2l0aW9uIjo5OTk5LCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYTI4N2ViMGQtOTIzNy00MmU1LTRlNzUtNDgyMjRmMTZjNjMwIiwiYmlkX2Zsb29yX2luaXRpYWwiOm51bGwsImJpZF9mbG9vcl9wcmV2IjpudWxsLCJiaWRfZmxvb3JfZmlsbGVkIjpudWxsLCJhdWN0aW9uX2NvdW50IjoxLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo0NDYsIm11bHRpX2FkX3VuaXQiOm51bGwsIm11bHRpX2FkX2NvdW50IjpudWxsLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ== Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/detroitchicago/memphis.js?gcb=195-7&cb=14 Protocol HTTP/1.1 Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:04 GMT Server nginx Vary Accept-Encoding, Accept-Encoding Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin http://coinbase.in.w3snoop.com X-Middleton-Display ezp_sol Cache-Control private, max-age=0, must-revalidate, no-cache, no-store Content-Length 0 Expires Fri, 21 Jan 2022 01:12:03 GMT
GET H/1.1	200 OK	info.png coinbase.in.w3snoop.com/images/icons/	196 B 1015 B	35ms 35ms	Image image/webp	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://coinbase.in.w3snoop.com/images/icons/info.png?ezimgfmt=rs:12x12/rscb5/ng:webp/ngcb5 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/tardisrocinante/lazy_load.js?gcb=7&cb=5 Protocol HTTP/1.1 Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash ede737173b04cf62cc39dc1942f8e5579c8ff36109f29c6c9648998ae6d539d8 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:04 GMT Via 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront) Age 1 X-Amzn-Requestid 385fab01-deb5-416f-9d89-7ac7049641dc X-Cache Hit from cloudfront X-Middleton-Display staticcontent_sol X-Middleton-Response 200 X-Amz-Apigw-Id MUr7iFirIAMFdSA= Content-Length 196 Display staticcontent_sol Response 200 Server nginx X-Amzn-Trace-Id Root=1-61eb59e3-361eb74413ce8d7b0d593a9f;Sampled=0 Vary Accept-Encoding, Origin,Accept-Encoding Access-Control-Allow-Methods GET Content-Type image/webp Cache-Control public, max-age=31536000 Access-Control-Allow-Credentials true X-Amz-Cf-Pop FRA56-P3 Access-Control-Allow-Headers Content-Type, Authorization X-Amz-Cf-Id IyT6qPGcnPP5x-JKfJF7gxcUtZ8Jz0PIbqnil2_P1ylR3PcreXbxEg==
GET H3	200	css2 fonts.googleapis.com/ Frame 0242	4 KB 634 B	48ms 24ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 22 Jan 2022 00:25:59 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sat, 22 Jan 2022 01:12:04 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 22 Jan 2022 01:12:04 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 0242	205 B 295 B	62ms 17ms	Image image/png	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 21 Jan 2022 00:15:41 GMT x-content-type-options nosniff age 89783 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 205 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 21 Jan 2023 00:15:41 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 0242	604 B 1 KB	61ms 17ms	Image image/png	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 21 Jan 2022 21:36:59 GMT x-content-type-options nosniff age 12905 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 604 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 21 Jan 2023 21:36:59 GMT
GET H3	200	interstitial_ad_frame_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220119/r20110914/elements/html/ Frame 0242	18 KB 8 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/elements/html/interstitial_ad_frame_fy2019.js Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b277171297bfc840b62b9f160060bf8fc630389b0dee3aadcbb0e855ac7ecbc8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:02:12 GMT content-encoding gzip x-content-type-options nosniff age 592 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8104 x-xss-protection 0 server cafe etag 11153116566150069083 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 05 Feb 2022 01:02:12 GMT
GET H3	200	css fonts.googleapis.com/ Frame AEBC	8 KB 888 B	25ms 25ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 22 Jan 2022 00:26:44 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sat, 22 Jan 2022 01:12:04 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 22 Jan 2022 01:12:04 GMT
GET H3	200	load_preloaded_resource_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame AEBC	1 KB 875 B	15ms 15ms	Script text/javascript	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/load_preloaded_resource_fy2019.js Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 00:26:53 GMT content-encoding gzip x-content-type-options nosniff age 2711 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 848 x-xss-protection 0 server cafe etag 2277666839114365613 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 05 Feb 2022 00:26:53 GMT
GET H3	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220119/r20110914/ Frame AEBC	19 KB 8 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/abg_lite_fy2019.js Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 00:47:02 GMT content-encoding gzip x-content-type-options nosniff age 1502 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7881 x-xss-protection 0 server cafe etag 7605774008668088057 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 05 Feb 2022 00:47:02 GMT
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame AEBC	2 KB 1 KB	17ms 16ms	Script text/javascript	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/window_focus_fy2019.js Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:06:42 GMT content-encoding gzip x-content-type-options nosniff age 322 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1205 x-xss-protection 0 server cafe etag 18074202747124231361 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 05 Feb 2022 01:06:42 GMT
GET H3	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame AEBC	15 KB 6 KB	17ms 16ms	Script text/javascript	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 00:56:18 GMT content-encoding gzip x-content-type-options nosniff age 946 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6473 x-xss-protection 0 server cafe etag 5124071950003790117 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 05 Feb 2022 00:56:18 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame AEBC	122 KB 38 KB	56ms 54ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software sffe / Resource Hash 425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:04 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38060 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1642595990432946" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 22 Jan 2022 01:12:04 GMT
GET H3	200	fccbdb50d0e11463e1edb3d8fcf7c364.js Show response www.gstatic.com/mysidia/ Frame AEBC	27 KB 11 KB	40ms 16ms	Script text/javascript	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 20 Jan 2022 19:23:34 GMT content-encoding gzip x-content-type-options nosniff age 107310 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11411 x-xss-protection 0 last-modified Thu, 20 Jan 2022 13:53:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 20 Apr 2022 19:23:34 GMT
GET H2	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame B064	143 B 426 B	63ms 18ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ Response headers x-content-type-options nosniff content-encoding gzip server cafe content-length 145 x-xss-protection 0 date Sat, 22 Jan 2022 01:03:49 GMT cache-control public, max-age=3600 content-type text/html; charset=UTF-8 age 495 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame A9CE	1 KB 749 B	17ms 16ms	Document text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 date Fri, 21 Jan 2022 05:53:44 GMT expires Sat, 22 Jan 2022 05:53:44 GMT cache-control public, max-age=86400 age 69500 etag 48472445140208031 content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	/ r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A9CE Redirect Chain https://ad.turn.com/r/cs?pid=3&google_gid=CAESEP2X64ugFUGhfl670WbA5Ww&google_cver=1&google_push=AYg5qPLG4bpDb7i2mA83xExHIf74iIWQNoo1TNhKwupNtKUcFiye6QklOPX11p3vb_nyrnvnp_XKlyYCWjrhB-syNBp5qQEvpVw https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQyNDkxMTQ1NzA4NjY5NDcwNg==&gdpr=&gdpr_consent= https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP2X64ugFUGhfl670WbA5Ww&google_cver=1	43 B 407 B	64ms 23ms	Image image/gif	2001:678:cb4:bbbb::11 AMOBEE
General Check archive.org Show headers Download Go to Show image Full URL https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP2X64ugFUGhfl670WbA5Ww&google_cver=1 Protocol H2 Server 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB), Reverse DNS Software / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 22 Jan 2022 01:12:04 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-type image/gif content-length 43 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Redirect headers pragma no-cache date Sat, 22 Jan 2022 01:12:04 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP2X64ugFUGhfl670WbA5Ww&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame A9CE Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEI1zPJ5LX-1wSvw0-MBbiVg&google_cver=1&google_push=AYg5qPJ3gkt64ZtsfYN2GmcFtMKLV5BE1KkEPExNBXhTHA5-5XEWAF5a-KyEV94ZJjjXODBZ4Upts3Qj6EjCtAcm... https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJ3gkt64ZtsfYN2GmcFtMKLV5BE1KkEPExNBXhTHA5-5XEWAF5a-KyEV94ZJjjXODBZ4Upts3Qj6EjCtAcmnWKhN1wtri8	170 B 188 B	48ms 26ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJ3gkt64ZtsfYN2GmcFtMKLV5BE1KkEPExNBXhTHA5-5XEWAF5a-KyEV94ZJjjXODBZ4Upts3Qj6EjCtAcmnWKhN1wtri8 Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 22 Jan 2022 01:12:04 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Sat, 22 Jan 2022 01:12:04 GMT Server MT3 4133 baa842e master zrh-pixel-x25 config:1.0.0 Access-Control-Allow-Origin * P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJ3gkt64ZtsfYN2GmcFtMKLV5BE1KkEPExNBXhTHA5-5XEWAF5a-KyEV94ZJjjXODBZ4Upts3Qj6EjCtAcmnWKhN1wtri8 Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Sat, 22 Jan 2022 01:12:03 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame A9CE Redirect Chain https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEFi7MnQdpeZOl6NfoxVMsFE&google_cver=1&google_push=AYg5qPK-5lpzdc5pWYszWuGdxv9hQNnvQJAkxpJvYHc-kmG-EcTp98cUSKOaXHtfYQD-Qg-J5UyEG... https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPK-5lpzdc5pWYszWuGdxv9hQNnvQJAkxpJvYHc-kmG-EcTp98cUSKOaXHtfYQD-Qg-J5UyEGjN6NIxnUG6ye1vzoo_BxDE	170 B 188 B	23ms 23ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPK-5lpzdc5pWYszWuGdxv9hQNnvQJAkxpJvYHc-kmG-EcTp98cUSKOaXHtfYQD-Qg-J5UyEGjN6NIxnUG6ye1vzoo_BxDE Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 22 Jan 2022 01:12:05 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sat, 22 Jan 2022 01:12:04 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 14A06BE8147F45DE9897AC89F5DCA1D7 Ref B: FRAEDGE0709 Ref C: 2022-01-22T01:12:04Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 location https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPK-5lpzdc5pWYszWuGdxv9hQNnvQJAkxpJvYHc-kmG-EcTp98cUSKOaXHtfYQD-Qg-J5UyEGjN6NIxnUG6ye1vzoo_BxDE x-li-proto http/2 content-length 0 x-li-uuid AAXWIWxt5Sr4soM2sjcwKA==
GET H3	200	pixel cm.g.doubleclick.net/ Frame A9CE Redirect Chain https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPD_8R0aawXsHAtpJ5bZucM&google_cver=1&google_push=AYg5qPLmmkMSjR2O5GNbosxzGwfTQ_ngqSAzzFmraKr8zKmIJNSWPqQNFpnbGGNAFq8sm-8XNdSXpcC_pLiwFP... https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA1NTgzMjA3NzAwNTQ4NjIxOQ%3D%3D&google_push=AYg5qPLmmkMSjR2O5GNbosxzGwfTQ_ngqSAzzFmraKr8zKmIJNSWPqQNFpnbGGNAFq8sm-8XNdSXpcC_pLiwFPgB1F...	170 B 188 B	46ms 24ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA1NTgzMjA3NzAwNTQ4NjIxOQ%3D%3D&google_push=AYg5qPLmmkMSjR2O5GNbosxzGwfTQ_ngqSAzzFmraKr8zKmIJNSWPqQNFpnbGGNAFq8sm-8XNdSXpcC_pLiwFPgB1FH6GOM0cmQ Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 22 Jan 2022 01:12:04 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA1NTgzMjA3NzAwNTQ4NjIxOQ%3D%3D&google_push=AYg5qPLmmkMSjR2O5GNbosxzGwfTQ_ngqSAzzFmraKr8zKmIJNSWPqQNFpnbGGNAFq8sm-8XNdSXpcC_pLiwFPgB1FH6GOM0cmQ Date Sat, 22 Jan 2022 01:12:04 GMT Server nginx Connection keep-alive Transfer-Encoding chunked p3p policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
GET H3	200	pixel cm.g.doubleclick.net/ Frame A9CE Redirect Chain https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESEPrVDc-Ri2dr4rarCGt2PrI&google_cver=1&google_push=AYg5qPL7K0lTqkLGJJte0vYy-VoZ_WsrP8c7aqB3CmSjY0WkelhQGEs7u9PNas7WPaebqnUgOffAgSbVL1xUd3VsQamf... https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPL7K0lTqkLGJJte0vYy-VoZ_WsrP8c7aqB3CmSjY0WkelhQGEs7u9PNas7WPaebqnUgOffAgSbVL1xUd3VsQamfXeMbMA	170 B 188 B	30ms 25ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPL7K0lTqkLGJJte0vYy-VoZ_WsrP8c7aqB3CmSjY0WkelhQGEs7u9PNas7WPaebqnUgOffAgSbVL1xUd3VsQamfXeMbMA Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 22 Jan 2022 01:12:04 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Sat, 22 Jan 2022 01:12:04 GMT Server nginx P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Location //cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPL7K0lTqkLGJJte0vYy-VoZ_WsrP8c7aqB3CmSjY0WkelhQGEs7u9PNas7WPaebqnUgOffAgSbVL1xUd3VsQamfXeMbMA Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0 Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame A9CE Redirect Chain https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEAAMew_sVQyHaC7o0_Fdz60&google_cver=1&google_push=AYg5qPK2CVht6EXdWN-PgGgXNHKAsELdLUZBDGqfYHoEpPFAgu03gYYwP6fE5u6K3ugCbyZWgrZg9v8h7B3ZN-s... https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=E7fM-BmSTAJjJMZ0ImwLD1QTr7g&google_push=AYg5qPK2CVht6EXdWN-PgGgXNHKAsELdLUZBDGqfYHoEpPFAgu03gYYwP6fE5u6K3ugCbyZWgrZg9v8h7B3ZN-...	170 B 188 B	24ms 23ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=E7fM-BmSTAJjJMZ0ImwLD1QTr7g&google_push=AYg5qPK2CVht6EXdWN-PgGgXNHKAsELdLUZBDGqfYHoEpPFAgu03gYYwP6fE5u6K3ugCbyZWgrZg9v8h7B3ZN-sxym7VRzBvwg Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 22 Jan 2022 01:12:05 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=E7fM-BmSTAJjJMZ0ImwLD1QTr7g&google_push=AYg5qPK2CVht6EXdWN-PgGgXNHKAsELdLUZBDGqfYHoEpPFAgu03gYYwP6fE5u6K3ugCbyZWgrZg9v8h7B3ZN-sxym7VRzBvwg Date Sat, 22 Jan 2022 01:12:05 GMT Connection keep-alive Content-Length 240 Content-Type text/html; charset=utf-8
GET H2	204	pub cs.chocolateplatform.com/ Frame A9CE	0 122 B	336ms 106ms	Image text/plain	35.212.101.174 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEOG6ssi_P33m_B7ID5NhmXI&google_cver=1&google_push=AYg5qPLe9hNOXRP_hUeH7ally0cs46r2ezezYn4lwQpcAZaIYJ0SxPPQhqn1M-wE8V0VBJcux6inmUrW8TKPnf56nAwjjhrleA Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.212.101.174 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS 174.101.212.35.bc.googleusercontent.com Software Chocolate Cookie Sync Powered by Vdopia / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:04 GMT via 1.1 google server Chocolate Cookie Sync Powered by Vdopia alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame A9CE	0 232 B	65ms 23ms	Image text/html	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IUKzmkcovyVGOjTy-jgb8qWcRBsB41_HF7tivHdGE5WTFLk_In10H5ia5XbnxoW3zJx999 Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:04 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame B064 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 16 B	68ms 44ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type text/html; charset=UTF-8 x-content-type-options nosniff date Sat, 22 Jan 2022 01:12:04 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Sat, 22 Jan 2022 01:12:04 GMT cache-control private Redirect headers location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private content-type text/html; charset=UTF-8 x-content-type-options nosniff date Sat, 22 Jan 2022 01:12:04 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H/1.1	200 OK	lcpel.go Show response g.ezoic.net/cheetah/	0 327 B	18ms 18ms	XHR text/plain	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://g.ezoic.net/cheetah/lcpel.go Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol HTTP/1.1 Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Date Sat, 22 Jan 2022 01:12:05 GMT Server nginx Vary Accept-Encoding Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin http://coinbase.in.w3snoop.com Cache-Control private, max-age=0, must-revalidate, no-cache, no-store Content-Length 0 Expires Fri, 21 Jan 2022 01:12:05 GMT
GET H/1.1	200 OK	army.gif Show response g.ezoic.net/porpoiseant/	0 380 B	16ms 16ms	XHR text/plain	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODEzODM1NzExOTYxNjExMSIsImRvbWFpbl9pZCI6Ijg2ODY4IiwidW5pdCI6Inczc25vb3BfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NDI4MTM5MjIsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImEyODdlYjBkLTkyMzctNDJlNS00ZTc1LTQ4MjI0ZjE2YzYzMCIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlsxNjAwLDEyMDBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4MTM4MzU3MTE5NjE2MTExIiwiZG9tYWluX2lkIjoiODY4NjgiLCJ1bml0IjoidzNzbm9vcF9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY0MjgxMzkyMiwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYTI4N2ViMGQtOTIzNy00MmU1LTRlNzUtNDgyMjRmMTZjNjMwIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4MTM4MzU3MTE5NjE2MTExIiwiZG9tYWluX2lkIjoiODY4NjgiLCJ1bml0IjoidzNzbm9vcF9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY0MjgxMzkyMiwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYTI4N2ViMGQtOTIzNy00MmU1LTRlNzUtNDgyMjRmMTZjNjMwIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiJ1bmRlZmluZWQifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/detroitchicago/memphis.js?gcb=195-7&cb=14 Protocol HTTP/1.1 Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:06 GMT Server nginx Vary Accept-Encoding, Accept-Encoding Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin http://coinbase.in.w3snoop.com X-Middleton-Display ezp_sol Cache-Control private, max-age=0, must-revalidate, no-cache, no-store Content-Length 0 Expires Fri, 21 Jan 2022 01:12:08 GMT
GET H2	204	g_pbto 1x1.a-mo.net/hbx/	0 89 B	311ms 100ms	Image text/plain	34.225.71.19 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1642813926164&eid=72cdcb3c908f3bc Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.225.71.19 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-225-71-19.compute-1.amazonaws.com Software MonetEngine / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:06 GMT cache-control max-age=0, private, must-revalidate server MonetEngine
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	25ms 24ms	Script application/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=coinbase.in.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 22 Jan 2022 01:12:06 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	23ms 23ms	Script application/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=coinbase.in.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 22 Jan 2022 01:12:06 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	333 B 166 B	503ms 503ms	XHR text/plain	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3803005523543764&correlator=2612292740618914&output=ldjh&impl=fifs&vrg=2022011408&ptt=17&sc=0&sfv=1-0-38&ecs=20220122&iu_parts=1254144%3A15511903%2Cw3snoop_com-box-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=3&rcs=1&prev_scp=a%3D%257C2%257C%26iid1%3D6146008105623793%26eid%3D6146008105623793%26t%3D134%26d%3D86868%26t1%3D134%26pvc%3D0%26ap%3D1136%26sap%3D1136%26as%3Drevenue%26plat%3D1%26bra%3Dmod96%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D3%26al%3D1003%26compid%3D0%26tap%3Dw3snoop_com-box-4-6146008105623793%26eb_br%3D65b2c11be72ed8610e2ac0304f3023a9%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D8925457851%26bv%3D0%26bvm%3D2%26bvr%3D1%26shp%3D1%26br1%3D1900%26br2%3D160%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C168%2C0%2C4%2C0%2C193%2C66%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C992%2C996%2C774%2C21%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D2100%26reqt%3D1642813926716&eri=1&cookie=ID%3D0691e5ac56906254%3AT%3D1642813923%3AS%3DALNI_Mbj-jnBG58jo91ABCM3_fgiS4euNQ&bc=23&abxe=1&dt=1642813926724&lmt=1642813926&dlt=1642813922259&idt=1027&frm=20&biw=1600&bih=1200&oid=2&adxs=661&adys=665&adks=3335128194&ucis=3&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=602x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1640558168.1642813923&ga_sid=1642813924&ga_hid=909859898&ga_fc=true&fws=0&ohw=0&btvi=0&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 15e0eacd133403e11f01bb648d149f3d4f30ed27a140ebd62e9522c6f2c67ce4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:07 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 137 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin http://coinbase.in.w3snoop.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	332 B 164 B	283ms 283ms	XHR text/plain	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3803005523543764&correlator=3731284810920823&output=ldjh&impl=fifs&vrg=2022011408&ptt=17&sc=0&sfv=1-0-38&ecs=20220122&iu_parts=1254144%3A15511903%2Cw3snoop_com-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&ris=3&rcs=1&prev_scp=a%3D%257C3%257C%26iid1%3D5399922209652068%26eid%3D5399922209652068%26t%3D134%26d%3D86868%26t1%3D134%26pvc%3D0%26ap%3D1121%26sap%3D1121%26as%3Drevenue%26plat%3D1%26bra%3Dmod96%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dw3snoop_com-box-3-5399922209652068%26eb_br%3D8b07bae800b215e481d05a271b3e723b%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D8925457851%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D1%26br1%3D700%26br2%3D200%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C193%2C0%2C67%2C0%2C168%2C77%2C192%2C26%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C992%2C996%2C774%2C2339%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D1200%26reqt%3D1642813926720&eri=1&cookie=ID%3D0691e5ac56906254%3AT%3D1642813923%3AS%3DALNI_Mbj-jnBG58jo91ABCM3_fgiS4euNQ&bc=23&abxe=1&dt=1642813926727&lmt=1642813926&dlt=1642813922259&idt=1027&frm=20&biw=1600&bih=1200&oid=2&adxs=661&adys=482&adks=3313998340&ucis=2&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=602x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1640558168.1642813923&ga_sid=1642813924&ga_hid=909859898&ga_fc=true&fws=0&ohw=0&btvi=0&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash c67d2794b8c0c1bda4a34499643b3d200f9c861f8d78eff7dbb2184f06d12805 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:07 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 135 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin http://coinbase.in.w3snoop.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	341 B 175 B	494ms 494ms	XHR text/plain	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3803005523543764&correlator=2116029162445875&output=ldjh&impl=fifs&vrg=2022011408&ptt=17&sc=0&sfv=1-0-38&ecs=20220122&iu_parts=1254144%3A15511903%2Cw3snoop_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ris=3&rcs=1&prev_scp=a%3D%257C251%257C%26iid1%3D4024909493590809%26eid%3D4024909493590809%26t%3D134%26d%3D86868%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod96%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dw3snoop_com-medrectangle-2-4024909493590809%26eb_br%3D90c3c48d0172916d27c102ea4aa9d49c%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D8925457851%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D1%26br1%3D300%26br2%3D140%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C168%2C0%2C4%2C0%2C193%2C20%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C2339%2C992%2C996%2C774%2C2310%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D600%26reqt%3D1642813926729&eri=1&cookie=ID%3D0691e5ac56906254%3AT%3D1642813923%3AS%3DALNI_Mbj-jnBG58jo91ABCM3_fgiS4euNQ&bc=23&abxe=1&dt=1642813926733&lmt=1642813926&dlt=1642813922259&idt=1027&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=1200&adks=881660063&ucis=4&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=1600x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1640558168.1642813923&ga_sid=1642813924&ga_hid=909859898&ga_fc=true&fws=512&ohw=0&btvi=2&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 146a92f92372558d7ce765d2f4096d0539fcad30ec75cb3a0ccec874cd0c0461 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:07 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 146 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin http://coinbase.in.w3snoop.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	333 B 166 B	478ms 478ms	XHR text/plain	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3803005523543764&correlator=2720474516405794&output=ldjh&impl=fifs&vrg=2022011408&ptt=17&sc=0&sfv=1-0-38&ecs=20220122&iu_parts=1254144%3A15511903%2Cw3snoop_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=3&rcs=1&prev_scp=a%3D%257C5%257C%26iid1%3D1263870067619118%26eid%3D1263870067619118%26t%3D134%26d%3D86868%26t1%3D134%26pvc%3D0%26ap%3D1142%26sap%3D1142%26as%3Drevenue%26plat%3D1%26bra%3Dmod96%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dw3snoop_com-box-2-1263870067619118%26eb_br%3Dc16fac08e79a971524b1c6834f5caad3%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D8925457851%26bv%3D0%26bvm%3D4%26bvr%3D4%26shp%3D1%26br1%3D280%26br2%3D200%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C168%2C0%2C67%2C0%2C193%2C66%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C2339%2C992%2C996%2C774%2C20%2C2310%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26hb_bidder%3Drubicon%26hb_adid%3D7193ad78fe32da4%26hb_pb%3D0.21%26hb_format%3Dbanner%26hb_ssid%3D10063%26hb_opt%3D0.21%26hb_rt%3Dclient%26lb%3D550%26reqt%3D1642813926728&eri=1&cookie=ID%3D0691e5ac56906254%3AT%3D1642813923%3AS%3DALNI_Mbj-jnBG58jo91ABCM3_fgiS4euNQ&bc=23&abxe=1&dt=1642813926735&lmt=1642813926&dlt=1642813922259&idt=1027&frm=20&biw=1600&bih=1200&oid=2&adxs=650&adys=2&adks=3539511386&ucis=1&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=300x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1640558168.1642813923&ga_sid=1642813924&ga_hid=909859898&ga_fc=true&fws=0&ohw=0&btvi=0&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 6d6360f9e0e75c7ffa4cc5afc53d329bfd9a3fd6205bf6a29da509fd872dd3c2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:07 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 137 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin http://coinbase.in.w3snoop.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	remote.js Show response pm.berush.com/source/widgets-legacy/js/ Redirect Chain https://www.berush.com/static/webpack_bundles/remote.js?v=9 https://pm.berush.com/source/widgets-legacy/js/remote.js?v=9	3 KB 1 KB	31ms 16ms	Script text/javascript	34.120.116.101
General Check archive.org Show headers Download Go to Full URL https://pm.berush.com/source/widgets-legacy/js/remote.js?v=9 Protocol H2 Server 34.120.116.101 -, , ASN (), Reverse DNS Software / Resource Hash 8a59343fc50e3ea3cb6a73b74984ad593a135cea6e9f44eb399baeffc4651c66 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding br age 1929 x-guploader-uploadid ADPycdvimcsBOSdW857hjFQ-X3XS_h8Ibv7t58-E9grvyjKc3FVhFNdQFtid60LovakR617Vo-bvGgyJwjCA_6IzdF_LyFxLrg x-goog-storage-class STANDARD x-goog-metageneration 2 date Sat, 22 Jan 2022 00:55:12 GMT x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 896 last-modified Wed, 01 Apr 2020 12:48:31 GMT etag W/"29923cdb61df9555beae06866f13e646" vary Accept-Encoding, Origin x-goog-hash crc32c=smJtVA==, md5=KZI822HflVW+rgaGbxPmRg== x-goog-generation 1585745311419229 via 1.1 google cache-control public, max-age=3600 x-goog-stored-content-length 2765 content-type text/javascript expires Sat, 22 Jan 2022 01:23:03 GMT Redirect headers location https://pm.berush.com/source/widgets-legacy/js/remote.js?v=9 date Sat, 22 Jan 2022 01:12:08 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 166 strict-transport-security max-age=15724800; includeSubDomains content-type text/html
GET H2	200	app.js Show response coinbase.in.w3snoop.com/ezossp/https/w3snoop.com/js/	505 KB 152 KB	889ms 888ms	Script application/javascript	18.158.98.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coinbase.in.w3snoop.com/ezossp/https/w3snoop.com/js/app.js?screx=1&sxcb=5a&v=6 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/tardisrocinante/screx.js?gcb=7&cb=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-98-109.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash fed504d9671b26c22c17ae8c8bbaa874b70b2aa579473b5ba9deed05db44ab26 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:09 GMT content-encoding br x-content-type-options nosniff display staticcontent_sol x-middleton-display staticcontent_sol x-middleton-response 200 x-xss-protection 1; mode=block response 200 last-modified Fri, 21 Jan 2022 15:11:36 GMT server nginx x-frame-options SAMEORIGIN etag W/"5ebe3a4d-7e222-gzip-gzip" vary Accept-Encoding, Accept-Encoding,Origin content-type application/javascript; charset=utf-8 cache-control max-age=259200 x-ez-minify-js 0.00% 516735 / 516738 expires Tue, 25 Jan 2022 01:12:08 GMT
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	24ms 24ms	Script application/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=coinbase.in.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 22 Jan 2022 01:12:08 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	25ms 24ms	Script application/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=coinbase.in.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 22 Jan 2022 01:12:08 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	332 B 164 B	288ms 287ms	XHR text/plain	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3803005523543764&correlator=3354189027743394&output=ldjh&impl=fifs&vrg=2022011408&ptt=17&sc=0&sfv=1-0-38&ecs=20220122&iu_parts=1254144%3A15511903%2Cw3snoop_com-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&ris=2&rcs=2&prev_scp=a%3D%257C3%257C%26iid1%3D5399922209652068%26eid%3D5399922209652068%26t%3D134%26d%3D86868%26t1%3D134%26pvc%3D0%26ap%3D1121%26sap%3D1121%26as%3Drevenue%26plat%3D1%26bra%3Dmod96%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dw3snoop_com-box-3-5399922209652068%26eb_br%3D5f2b94bb26a5aa9b1a00e66d30cfd5ec%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D8925457851%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D1%26br1%3D500%26br2%3D200%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C193%2C0%2C67%2C0%2C168%2C77%2C192%2C26%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C992%2C996%2C774%2C2339%2C2339%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D700%26reqt%3D1642813927228&eri=1&cookie=ID%3D0691e5ac56906254%3AT%3D1642813923%3AS%3DALNI_Mbj-jnBG58jo91ABCM3_fgiS4euNQ&bc=23&abxe=1&dt=1642813928234&lmt=1642813928&dlt=1642813922259&idt=1027&frm=20&biw=1600&bih=1200&oid=2&adxs=661&adys=482&adks=3313998340&ucis=2&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=602x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1640558168.1642813923&ga_sid=1642813924&ga_hid=909859898&ga_fc=true&fws=0&ohw=0&btvi=0&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash cee07645746832ebeb2e5eb3c737c622d9f0fed34129cfc7ab22914d194dbe47 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:08 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 135 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin http://coinbase.in.w3snoop.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	25ms 24ms	Script application/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=coinbase.in.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 22 Jan 2022 01:12:08 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	25ms 25ms	Script application/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=coinbase.in.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 22 Jan 2022 01:12:08 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	333 B 166 B	305ms 304ms	XHR text/plain	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3803005523543764&correlator=1797069017295319&output=ldjh&impl=fifs&vrg=2022011408&ptt=17&sc=0&sfv=1-0-38&ecs=20220122&iu_parts=1254144%3A15511903%2Cw3snoop_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=2&rcs=2&prev_scp=a%3D%257C5%257C%26iid1%3D1263870067619118%26eid%3D1263870067619118%26t%3D134%26d%3D86868%26t1%3D134%26pvc%3D0%26ap%3D1142%26sap%3D1142%26as%3Drevenue%26plat%3D1%26bra%3Dmod96%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dw3snoop_com-box-2-1263870067619118%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D8925457851%26bv%3D0%26bvm%3D4%26bvr%3D4%26shp%3D1%26br1%3D140%26br2%3D200%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C168%2C0%2C67%2C0%2C193%2C66%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C2339%2C992%2C996%2C774%2C20%2C2310%2C17%2C20%2C608%2C2310%2C2351%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26hb_bidder%3Drubicon%26hb_adid%3D7193ad78fe32da4%26hb_pb%3D0.21%26hb_format%3Dbanner%26hb_ssid%3D10063%26hb_opt%3D0.21%26hb_rt%3Dclient%26lb%3D280%26reqt%3D1642813927306&eri=1&cookie=ID%3D0691e5ac56906254%3AT%3D1642813923%3AS%3DALNI_Mbj-jnBG58jo91ABCM3_fgiS4euNQ&bc=23&abxe=1&dt=1642813928313&lmt=1642813928&dlt=1642813922259&idt=1027&frm=20&biw=1600&bih=1200&oid=2&adxs=650&adys=2&adks=3539511386&ucis=1&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=300x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1640558168.1642813923&ga_sid=1642813924&ga_hid=909859898&ga_fc=true&fws=0&ohw=0&btvi=0&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash ae27578b01d24bfbc9c93aa603f3ae83b33dfa3a82b2277ffc656e2a9f73a9f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:08 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 137 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin http://coinbase.in.w3snoop.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	19 KB 10 KB	332ms 332ms	XHR text/plain	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3803005523543764&correlator=3372154033004519&output=ldjh&impl=fifs&vrg=2022011408&ptt=17&sc=0&sfv=1-0-38&ecs=20220122&iu_parts=1254144%3A15511903%2Cw3snoop_com-box-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=2&rcs=2&prev_scp=a%3D%257C2%257C%26iid1%3D6146008105623793%26eid%3D6146008105623793%26t%3D134%26d%3D86868%26t1%3D134%26pvc%3D0%26ap%3D1136%26sap%3D1136%26as%3Drevenue%26plat%3D1%26bra%3Dmod96%26ic%3D3%26at%3Dbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D3%26al%3D1003%26compid%3D0%26tap%3Dw3snoop_com-box-4-6146008105623793%26eb_br%3Dzero%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D8925457851%26bv%3D0%26bvm%3D2%26bvr%3D1%26shp%3D1%26br1%3D0%26br2%3D160%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C168%2C0%2C4%2C0%2C193%2C66%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C992%2C996%2C774%2C21%2C17%2C18%2C19%2C20%2C21%2C601%2C608%2C619%2C1428%2C2310%2C2339%2C2351%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D1900%26reqt%3D1642813927323%26ss38%3D1%26ss9%3D1&eri=1&cookie=ID%3D0691e5ac56906254%3AT%3D1642813923%3AS%3DALNI_Mbj-jnBG58jo91ABCM3_fgiS4euNQ&bc=23&abxe=1&dt=1642813928341&lmt=1642813928&dlt=1642813922259&idt=1027&frm=20&biw=1600&bih=1200&oid=2&adxs=661&adys=665&adks=3335128194&ucis=3&ifi=12&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=602x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1640558168.1642813923&ga_sid=1642813924&ga_hid=909859898&ga_fc=true&fws=0&ohw=0&btvi=0&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 3f77559206e753369558978a7b3e467f60c7440d98ff8f880d450d835cabfb21 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:08 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10337 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin http://coinbase.in.w3snoop.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	341 B 176 B	266ms 266ms	XHR text/plain	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3803005523543764&correlator=2314955888201310&output=ldjh&impl=fifs&vrg=2022011408&ptt=17&sc=0&sfv=1-0-38&ecs=20220122&iu_parts=1254144%3A15511903%2Cw3snoop_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ris=2&rcs=2&prev_scp=a%3D%257C251%257C%26iid1%3D4024909493590809%26eid%3D4024909493590809%26t%3D134%26d%3D86868%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod96%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dw3snoop_com-medrectangle-2-4024909493590809%26eb_br%3D43aa1607a0c08c74b14a9039e7b909b4%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D8925457851%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D1%26br1%3D220%26br2%3D140%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C168%2C0%2C4%2C0%2C193%2C20%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C2339%2C992%2C996%2C774%2C2310%2C20%2C2310%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D300%26reqt%3D1642813927322&eri=1&cookie=ID%3D0691e5ac56906254%3AT%3D1642813923%3AS%3DALNI_Mbj-jnBG58jo91ABCM3_fgiS4euNQ&bc=23&abxe=1&dt=1642813928345&lmt=1642813928&dlt=1642813922259&idt=1027&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=1200&adks=881660063&ucis=4&ifi=13&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=1600x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1640558168.1642813923&ga_sid=1642813924&ga_hid=909859898&ga_fc=true&fws=512&ohw=0&btvi=3&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 519502f922954ffaf4496c2bbb17561db584efe3e47820f5e437e6c00fd25f45 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:08 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 147 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin http://coinbase.in.w3snoop.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response pm.berush.com/widgets/traffic-analytics/ Frame 86A6 Redirect Chain http://www.berush.com/en/promo/widget-iframe-traffic-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en https://www.berush.com/en/promo/widget-iframe-traffic-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en https://pm.berush.com/widgets/traffic-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en	2 KB 628 B	133ms 133ms	Document text/html	34.120.116.101
General Check archive.org Show headers Download Go to Full URL https://pm.berush.com/widgets/traffic-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en Requested by Host: www.berush.com URL: https://www.berush.com/static/webpack_bundles/remote.js?v=9 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.116.101 -, , ASN (), Reverse DNS Software / Resource Hash 79a940041c794d797dcf19f6c10866017bad7de3cbb111c4b8dfed3cdef85da9 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ Response headers date Sat, 22 Jan 2022 01:12:08 GMT content-type text/html; charset=utf-8 vary Accept-Encoding Origin strict-transport-security max-age=15724800; includeSubDomains content-encoding br via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Redirect headers date Sat, 22 Jan 2022 01:12:08 GMT content-type text/html content-length 166 location https://pm.berush.com/widgets/traffic-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en strict-transport-security max-age=15724800; includeSubDomains via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	/ Show response pm.berush.com/widgets/backlink-analytics/ Frame AAD4 Redirect Chain http://www.berush.com/en/promo/widget-iframe-backlink/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en https://www.berush.com/en/promo/widget-iframe-backlink/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en https://pm.berush.com/widgets/backlink-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en	2 KB 564 B	128ms 127ms	Document text/html	34.120.116.101
General Check archive.org Show headers Download Go to Full URL https://pm.berush.com/widgets/backlink-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en Requested by Host: www.berush.com URL: https://www.berush.com/static/webpack_bundles/remote.js?v=9 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.116.101 -, , ASN (), Reverse DNS Software / Resource Hash 113b0884200a7319de6c61881a2c982393bd1cc9df1e6d3a543639a815fcbbf1 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ Response headers date Sat, 22 Jan 2022 01:12:08 GMT content-type text/html; charset=utf-8 vary Accept-Encoding Origin strict-transport-security max-age=15724800; includeSubDomains content-encoding br via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Redirect headers date Sat, 22 Jan 2022 01:12:08 GMT content-type text/html content-length 166 location https://pm.berush.com/widgets/backlink-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en strict-transport-security max-age=15724800; includeSubDomains via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	css fonts.googleapis.com/ Frame AAD4	4 KB 568 B	26ms 26ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Ubuntu:400,700&display=block Requested by Host: pm.berush.com URL: https://pm.berush.com/widgets/backlink-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6a6d1bdf8cb19876bc4f583412cb8d03bc8653b5e0238f84986d9ecd5087ce8b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pm.berush.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 22 Jan 2022 01:12:08 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sat, 22 Jan 2022 01:12:08 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 22 Jan 2022 01:12:08 GMT
GET H3	200	widget_backlink_QpR92oo.css pm.berush.com/source/widgets/backlink-analytics/ Frame AAD4	4 KB 2 KB	16ms 15ms	Stylesheet text/css	34.120.116.101
General Check archive.org Show headers Download Go to Full URL https://pm.berush.com/source/widgets/backlink-analytics/widget_backlink_QpR92oo.css Requested by Host: pm.berush.com URL: https://pm.berush.com/widgets/backlink-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.116.101 -, , ASN (), Reverse DNS Software / Resource Hash d1ea4432c22652085a5ec8e3341a4028e7805638845b16400963211d4727f807 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://pm.berush.com/widgets/backlink-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding br age 3530 x-guploader-uploadid ADPycdt63EfL-oKw_0iK1Fjc1CILwwyoCUjg496QuE1jWH4SjbUrGFtcO-3SrxLfXoQ7ZoYccCWZEG705HZ5Nh2JuEPrHMATaw x-goog-storage-class STANDARD x-goog-metageneration 2 date Sat, 22 Jan 2022 00:13:18 GMT x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1619 last-modified Wed, 01 Apr 2020 12:48:34 GMT etag W/"a11eede3c7368966e7d63bca5471fa42" vary Accept-Encoding, Origin x-goog-hash crc32c=cfltEA==, md5=oR7t48c2iWbn1jvKVHH6Qg== x-goog-generation 1585745314274186 via 1.1 google cache-control public, max-age=3600 x-goog-stored-content-length 4194 content-type text/css expires Sat, 22 Jan 2022 00:41:23 GMT
GET H3	200	index.js Show response pm.berush.com/source/widgets/backlink-analytics/ Frame AAD4	1 KB 579 B	17ms 16ms	Script application/javascript	34.120.116.101
General Check archive.org Show headers Download Go to Full URL https://pm.berush.com/source/widgets/backlink-analytics/index.js Requested by Host: pm.berush.com URL: https://pm.berush.com/widgets/backlink-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.116.101 -, , ASN (), Reverse DNS Software / Resource Hash b86789a8c1629f6fe6df02ab7a1a93e4765332749305bb3884054c7e86292c26 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://pm.berush.com/widgets/backlink-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding br age 2945 x-guploader-uploadid ADPycdu7XAYy5rRuRfQNCcOTt8pYZxSuea8K7VsJRozbwvXGvBow_EItxRY2XsrKGScjI1lwaCO1UAvs3LSbKkz6qvC48mIRQQ x-goog-storage-class STANDARD x-goog-metageneration 2 date Sat, 22 Jan 2022 00:23:03 GMT x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 549 last-modified Wed, 01 Apr 2020 12:48:30 GMT etag W/"6b39ccbf73b05cc1844fd1d3800cd52a" vary Accept-Encoding, Origin x-goog-hash crc32c=pupGMA==, md5=aznMv3OwXMGET9HTgAzVKg== x-goog-generation 1585745310584122 via 1.1 google cache-control public, max-age=3600 x-goog-stored-content-length 1371 content-type application/javascript expires Sat, 22 Jan 2022 00:25:11 GMT
GET H3	200	css fonts.googleapis.com/ Frame 86A6	4 KB 568 B	26ms 25ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Ubuntu:400,700&display=block Requested by Host: pm.berush.com URL: https://pm.berush.com/widgets/traffic-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6a6d1bdf8cb19876bc4f583412cb8d03bc8653b5e0238f84986d9ecd5087ce8b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pm.berush.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 22 Jan 2022 01:04:16 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sat, 22 Jan 2022 01:12:08 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 22 Jan 2022 01:12:08 GMT
GET H3	200	widget_traffic_analytics_sps3xf7.css pm.berush.com/source/widgets/traffic-analytics/ Frame 86A6	4 KB 2 KB	16ms 16ms	Stylesheet text/css	34.120.116.101
General Check archive.org Show headers Download Go to Full URL https://pm.berush.com/source/widgets/traffic-analytics/widget_traffic_analytics_sps3xf7.css Requested by Host: pm.berush.com URL: https://pm.berush.com/widgets/traffic-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.116.101 -, , ASN (), Reverse DNS Software / Resource Hash 10b0b629508beb4e1c838040bbf6f62b2a73fa6c39a9e87c7e0f2ce66ae11b1c Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://pm.berush.com/widgets/traffic-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding br age 2769 x-guploader-uploadid ADPycduqgIpe1dv9klV4emtwRsRthLxLUwVdLGNHoZ5a11yk0goN5AII5CbZAxR9fBsQsvJUSFSM8s8ydX4ZgEcxvL074Z4z9g x-goog-storage-class STANDARD x-goog-metageneration 2 date Sat, 22 Jan 2022 00:25:59 GMT x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1546 last-modified Wed, 01 Apr 2020 12:48:30 GMT etag W/"f6ad3767e04871aa85d8e6cb1426cfda" vary Accept-Encoding, Origin x-goog-hash crc32c=al6N5g==, md5=9q03Z+BIcaqF2ObLFCbP2g== x-goog-generation 1585745310465392 via 1.1 google cache-control public, max-age=3600 x-goog-stored-content-length 3845 content-type text/css expires Sat, 22 Jan 2022 01:13:46 GMT
GET H3	200	index.js Show response pm.berush.com/source/widgets/traffic-analytics/ Frame 86A6	1 KB 582 B	17ms 16ms	Script text/javascript	34.120.116.101
General Check archive.org Show headers Download Go to Full URL https://pm.berush.com/source/widgets/traffic-analytics/index.js Requested by Host: pm.berush.com URL: https://pm.berush.com/widgets/traffic-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.116.101 -, , ASN (), Reverse DNS Software / Resource Hash 5ea3d3c10a013e25fcaf662418cd14ec1f11a4bce10f1fbfe2de8d7bb462699e Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://pm.berush.com/widgets/traffic-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding br age 2161 x-guploader-uploadid ADPycdtbaQB6HKLFCfEmXUie5E0dI8q13PR3clpOFVaJj9GbaCKTpA05hrXYDekUche6Daf7gSQ5dsZto8kfT1DholABV40oTQ x-goog-storage-class STANDARD x-goog-metageneration 2 date Sat, 22 Jan 2022 00:40:29 GMT x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 552 last-modified Wed, 01 Apr 2020 12:48:33 GMT etag W/"0df5c4145c2fc6ad59a0ea633414109a" vary Accept-Encoding, Origin x-goog-hash crc32c=XxJCOw==, md5=DfXEFFwvxq1ZoOpjNBQQmg== x-goog-generation 1585745313064503 via 1.1 google cache-control public, max-age=3600 x-goog-stored-content-length 1387 content-type text/javascript expires Sat, 22 Jan 2022 01:04:28 GMT
GET H3	200	widget-traffic-analytics-bg.png pm.berush.com/source/widgets/traffic-analytics/ Frame 86A6	139 KB 139 KB	17ms 16ms	Image image/png	34.120.116.101
General Check archive.org Show headers Download Go to Show image Full URL https://pm.berush.com/source/widgets/traffic-analytics/widget-traffic-analytics-bg.png Requested by Host: pm.berush.com URL: https://pm.berush.com/source/widgets/traffic-analytics/widget_traffic_analytics_sps3xf7.css Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.116.101 -, , ASN (), Reverse DNS Software / Resource Hash 9c7db4c3d4af24078024cd3e223ec8cbf8a3fd82eda9bbc544823915ec3ed461 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://pm.berush.com/source/widgets/traffic-analytics/widget_traffic_analytics_sps3xf7.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains via 1.1 google age 848 x-guploader-uploadid ADPycdtO1qr9AxJacw7gXKcRI1hzU8L_c6-n-ZEmgvJsk3tIBvjSEtiwYJbW7o8SIlG2ajugv8NLqJRtj38-CoGTOWw5uPOGAw x-goog-storage-class STANDARD x-goog-metageneration 2 date Sat, 22 Jan 2022 00:58:00 GMT x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 142066 last-modified Wed, 01 Apr 2020 12:48:33 GMT etag "3054cc43eace31ab1d888549e41d0d2c" vary Origin x-goog-hash crc32c=vv/WoA==, md5=MFTMQ+rOMasdiIVJ5B0NLA== x-goog-generation 1585745313444876 cache-control public, max-age=3600 x-goog-stored-content-length 142066 accept-ranges bytes content-type image/png expires Sat, 22 Jan 2022 01:06:14 GMT
GET DATA	200 OK	truncated / Frame 86A6	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash dc0b77ebc0250cbdcf372faf69258f945f7337508ca0de017a3a9e04552b6133 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H3	200	4iCv6KVjbNBYlgoCxCvjsGyN.woff2 fonts.gstatic.com/s/ubuntu/v15/ Frame 86A6	28 KB 28 KB	42ms 18ms	Font font/woff2	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Ubuntu:400,700&display=block Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pm.berush.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 18 Jan 2022 14:26:25 GMT x-content-type-options nosniff age 297943 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28968 x-xss-protection 0 last-modified Thu, 10 Sep 2020 17:03:43 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 18 Jan 2023 14:26:25 GMT
GET H3	200	4iCs6KVjbNBYlgoKfw72.woff2 fonts.gstatic.com/s/ubuntu/v15/ Frame 86A6	33 KB 33 KB	54ms 30ms	Font font/woff2	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Ubuntu:400,700&display=block Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pm.berush.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 03:02:30 GMT x-content-type-options nosniff age 252578 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34260 x-xss-protection 0 last-modified Thu, 10 Sep 2020 17:02:57 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 19 Jan 2023 03:02:30 GMT
GET H3	200	widget-backlink-bg.png pm.berush.com/source/widgets/backlink-analytics/ Frame AAD4	17 KB 17 KB	23ms 22ms	Image image/png	34.120.116.101
General Check archive.org Show headers Download Go to Show image Full URL https://pm.berush.com/source/widgets/backlink-analytics/widget-backlink-bg.png?v=1 Requested by Host: pm.berush.com URL: https://pm.berush.com/source/widgets/backlink-analytics/widget_backlink_QpR92oo.css Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.116.101 -, , ASN (), Reverse DNS Software / Resource Hash 588d668fc5334c96f5c78aac855cd07c5485ab014a678eb2a93c4c367ae96426 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://pm.berush.com/source/widgets/backlink-analytics/widget_backlink_QpR92oo.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains via 1.1 google age 4416 x-guploader-uploadid ADPycdtkI8qMfRMZ5hxeteWLCEF_dqjVPKCka4WuWDSOO1Yr3GqrKkskjGuSc3qEm2jEN2GWljMSkVuJOhYc4yG9D0ww_hKp0A x-goog-storage-class STANDARD x-goog-metageneration 2 date Fri, 21 Jan 2022 23:58:32 GMT x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17218 last-modified Wed, 01 Apr 2020 12:48:33 GMT etag "eee2da804fed0b5f76684b6471575aff" vary Origin x-goog-hash crc32c=9UITug==, md5=7uLagE/tC192aEtkcVda/w== x-goog-generation 1585745313996725 cache-control public, max-age=3600 x-goog-stored-content-length 17218 accept-ranges bytes content-type image/png expires Sat, 22 Jan 2022 00:35:50 GMT
GET DATA	200 OK	truncated / Frame AAD4	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash dc0b77ebc0250cbdcf372faf69258f945f7337508ca0de017a3a9e04552b6133 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H3	200	4iCv6KVjbNBYlgoCxCvjsGyN.woff2 fonts.gstatic.com/s/ubuntu/v15/ Frame AAD4	28 KB 28 KB	43ms 22ms	Font font/woff2	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Ubuntu:400,700&display=block Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pm.berush.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 18 Jan 2022 14:26:25 GMT x-content-type-options nosniff age 297943 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28968 x-xss-protection 0 last-modified Thu, 10 Sep 2020 17:03:43 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 18 Jan 2023 14:26:25 GMT
GET H3	200	4iCs6KVjbNBYlgoKfw72.woff2 fonts.gstatic.com/s/ubuntu/v15/ Frame AAD4	33 KB 33 KB	56ms 35ms	Font font/woff2	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Ubuntu:400,700&display=block Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pm.berush.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 03:02:30 GMT x-content-type-options nosniff age 252578 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34260 x-xss-protection 0 last-modified Thu, 10 Sep 2020 17:02:57 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 19 Jan 2023 03:02:30 GMT
GET H3	200	container.html Show response 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3F72	6 KB 3 KB	15ms 15ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 x-content-type-options nosniff server sffe x-xss-protection 0 date Sat, 22 Jan 2022 01:12:03 GMT expires Sun, 22 Jan 2023 01:12:03 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT content-type text/html age 5 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	army.gif Show response g.ezoic.net/porpoiseant/	0 380 B	17ms 17ms	XHR text/plain	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjE0NjAwODEwNTYyMzc5MyIsImRvbWFpbl9pZCI6Ijg2ODY4IiwidW5pdCI6ImRpdi1ncHQtYWQtdzNzbm9vcF9jb20tYm94LTQtMCIsInRfZXBvY2giOjE2NDI4MTM5MjIsImFkX3Bvc2l0aW9uIjoxMTM2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImEyODdlYjBkLTkyMzctNDJlNS00ZTc1LTQ4MjI0ZjE2YzYzMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NzE2MTQzOTQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM4MTQsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjE0NjAwODEwNTYyMzc5MyIsImRvbWFpbl9pZCI6Ijg2ODY4IiwidW5pdCI6ImRpdi1ncHQtYWQtdzNzbm9vcF9jb20tYm94LTQtMCIsInRfZXBvY2giOjE2NDI4MTM5MjIsImFkX3Bvc2l0aW9uIjoxMTM2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImEyODdlYjBkLTkyMzctNDJlNS00ZTc1LTQ4MjI0ZjE2YzYzMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NzE2MTQzOTQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM4MTQsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiJ6ZXJvIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2MTQ2MDA4MTA1NjIzNzkzIiwiZG9tYWluX2lkIjoiODY4NjgiLCJ1bml0IjoiZGl2LWdwdC1hZC13M3Nub29wX2NvbS1ib3gtNC0wIiwidF9lcG9jaCI6MTY0MjgxMzkyMiwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAuMDAwMDAyLCJhZF9wb3NpdGlvbiI6MTEzNiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDAyLCJiaWRfZmxvb3JfcHJldiI6MC4wMTksInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImEyODdlYjBkLTkyMzctNDJlNS00ZTc1LTQ4MjI0ZjE2YzYzMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NzE2MTQzOTQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM4MTQsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2MTQ2MDA4MTA1NjIzNzkzIiwiZG9tYWluX2lkIjoiODY4NjgiLCJ1bml0IjoiZGl2LWdwdC1hZC13M3Nub29wX2NvbS1ib3gtNC0wIiwidF9lcG9jaCI6MTY0MjgxMzkyMiwiYWRfcG9zaXRpb24iOjExMzYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYTI4N2ViMGQtOTIzNy00MmU1LTRlNzUtNDgyMjRmMTZjNjMwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo3MTYxNDM5NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzgxNCwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDQzODE0In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2MTQ2MDA4MTA1NjIzNzkzIiwiZG9tYWluX2lkIjoiODY4NjgiLCJ1bml0IjoiZGl2LWdwdC1hZC13M3Nub29wX2NvbS1ib3gtNC0wIiwidF9lcG9jaCI6MTY0MjgxMzkyMiwiYWRfcG9zaXRpb24iOjExMzYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYTI4N2ViMGQtOTIzNy00MmU1LTRlNzUtNDgyMjRmMTZjNjMwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo3MTYxNDM5NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzgxNCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNzE2MTQzOTQifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/detroitchicago/memphis.js?gcb=195-7&cb=14 Protocol HTTP/1.1 Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:08 GMT Server nginx Vary Accept-Encoding, Accept-Encoding Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin http://coinbase.in.w3snoop.com X-Middleton-Display ezp_sol Cache-Control private, max-age=0, must-revalidate, no-cache, no-store Content-Length 0 Expires Fri, 21 Jan 2022 01:12:07 GMT
GET H/1.1	200 OK	71614394 Show response go.ezodn.com/dac/	0 748 B	59ms 43ms	XHR text/plain	2606:4700:3031::6815:496e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://go.ezodn.com/dac/71614394 Requested by Host: go.ezodn.com URL: http://go.ezodn.com/porpoiseant/banger.js?cb=195-7&bv=95&v=57&PageSpeed=off Protocol HTTP/1.1 Server 2606:4700:3031::6815:496e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:08 GMT CF-Cache-Status MISS Last-Modified Sat, 22 Jan 2022 01:12:08 GMT Server cloudflare vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHkgEBCXiOrpbxPB5aSDDFbSUBWqv6EwoQh5bsYlJYG42AhwrmAj097LePHexB1o9rIHVoq2GJxsGT7CPDOrtB2BdWZJTNl6aptKtRtmv%2FZ5ePZUt%2BP1vCSyyPfed5dWo6c1DVIF7nq7XZs%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/plain access-control-allow-origin * cache-control public, max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6d14e98e8a0f4e50-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 0
GET H/1.1	200 OK	army.gif Show response g.ezoic.net/porpoiseant/	0 380 B	18ms 18ms	XHR text/plain	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjE0NjAwODEwNTYyMzc5MyIsImRvbWFpbl9pZCI6Ijg2ODY4IiwidW5pdCI6ImRpdi1ncHQtYWQtdzNzbm9vcF9jb20tYm94LTQtMCIsInRfZXBvY2giOjE2NDI4MTM5MjIsImFkX3Bvc2l0aW9uIjoxMTM2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImEyODdlYjBkLTkyMzctNDJlNS00ZTc1LTQ4MjI0ZjE2YzYzMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NzE2MTQzOTQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM4MTQsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIyLTAxLTIyIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI2In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/detroitchicago/memphis.js?gcb=195-7&cb=14 Protocol HTTP/1.1 Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:08 GMT Server nginx Vary Accept-Encoding, Accept-Encoding Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin http://coinbase.in.w3snoop.com X-Middleton-Display ezp_sol Cache-Control private, max-age=0, must-revalidate, no-cache, no-store Content-Length 0 Expires Fri, 21 Jan 2022 01:12:07 GMT
GET H/1.1	200 OK	army.gif Show response g.ezoic.net/porpoiseant/	0 380 B	32ms 17ms	XHR text/plain	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNjE0NjAwODEwNTYyMzc5MyIsImRvbWFpbl9pZCI6Ijg2ODY4IiwidW5pdCI6ImRpdi1ncHQtYWQtdzNzbm9vcF9jb20tYm94LTQtMCIsInRfZXBvY2giOjE2NDI4MTM5MjIsImF1Y3Rpb25fZXBvY2giOjE2NDI4MTM5MjksImFkX3Bvc2l0aW9uIjoxMTM2LCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYTI4N2ViMGQtOTIzNy00MmU1LTRlNzUtNDgyMjRmMTZjNjMwIiwiYmlkX2Zsb29yX2luaXRpYWwiOjIxMDAsImJpZF9mbG9vcl9wcmV2IjoxOTAwLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJhdWN0aW9uX2NvdW50IjozLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjozNTcsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6NzE2MTQzOTR9XQ== Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/detroitchicago/memphis.js?gcb=195-7&cb=14 Protocol HTTP/1.1 Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:08 GMT Server nginx Vary Accept-Encoding, Accept-Encoding Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin http://coinbase.in.w3snoop.com X-Middleton-Display ezp_sol Cache-Control private, max-age=0, must-revalidate, no-cache, no-store Content-Length 0 Expires Fri, 21 Jan 2022 01:12:07 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame DD3B	624 B 297 B	26ms 26ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNX4_2-wtIffszyP32ITaiAREuSIX6qniFw8ANbLstRoU6Qykvo3hbhf7G5gYK22Oc6H-VzIa9dnA67oY_0NlLEi7tmmjlAE4bVgxDegHn6HQT3TBQTXY0ABY6GKcbbI3x5iZSQgeSeQKRQ8yyvfYLbXDkGTX5j5ZoExL8JOnx1nJ9UehbjOI9Am-iYiSt9Wsxx9mwK_NIDtCfEpzBNvZLkbnUsocg Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Sat, 22 Jan 2022 01:12:08 GMT server cafe cache-control private content-length 276 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 3F72	24 KB 14 KB	52ms 52ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DZGo6aha12I6tvNxu0dTgZZzf2osZw35e2R3Uq87l4lGRU7OLOjlAqQarXbMUihisUDn-g4RIe6R3ivhGfsCqpAXlg1GXzWgawPiBaByI3qsncb6amXRvu3_4q9I0XoMSCiwcVSVM8hNxRlblXY2eOHHkjXw&cry=1&dbm_d=AKAmf-CLtsCEpYj_8DhUted8JXeATVZmJSnejS0BDrnqsuBlbtvcrRfcswv4OSMQBTyMe5uGjUhBuAeyS2bgTG_ATVIukCvyq_7xgy6GQgDxm9s0Q54CDvU-9spqCwE_Jq4bYCigzetp9-noEy_fngXZZuddkecVRR3N-AmcdkS_saTbXE0M75QKW5X1aVXtTNLzIZGnLAdqFpxteZQ_fkrNmP86kImrHaZKeDQ4eOiVAIN7gHulTrtKNvg6Hox1lVvAtA4XSBvLTmzY8GGTyMFzaqhORd1ckBhHTk5R_GRjS1cIxOmYmF18rhw5EUqG68wp3Jbed860xrZBalrGZ32kEgraN475yZcEWYvcOGVKXR-q9obnzSup4eNZZiReW4XeL5w5JXmUXqpvvBMaF6KxPnY0qmWWNGG1SZEgwGV05r2u63VynSJQsEfNFIi1Rj_jKK8XoaTfx7hFx3MwlrTjcnng17_YShm6AAC5N69Jj4EQk31NyzntWgdbqRnkPHsO2hBBlzDZu1NJjCpGE6KinDhy2GLIkigLe-J-yW1fCLQUqi53IX7LwOnLLVEM2QXGsW0G6Z5JWqsKQOKYiX1dMyzcPN92SxnGnqOQb-G5DPM311GAzoZN1qpX-cbhYxCzwqGxm7SG4DUKLhjIHFQV3OlZ8nKDGp5EFFO-2ZWcZV2ODxewDy6JuguXPSmjy74m4CpFsekfRbT4lL-eDkIgAgQKwewX_-Y31VQ_FhU5PzdpaHV3LJNJMn1YwC-5_QV7UYZNOUXDyIT1XgBRQ31RbxEO7pag5eqMv5rk-9dDJdV0uhOxYdG8TgAM_tbNzrZXts9o5TUhK60MYtzpouEXIJG48hbkWdQp5MFW11VQlZ8BGYDK_oV12a2A7ppyFsJQOBe2-7ZlS92-ublELSFF871Fa8pYypRtTJixvVbgqS7JOIDqJU_KO3sc7yrjQACTnqTuea8biwr5fBQrGZBll551iLPwFzQxGzrCjc_bf4mQXjMjQ1pcEIiDXuEBoLvKeSGfxe-zyafclKrJpOCCN8MjpPU8KKxz5LWoiJa1anKFJZ_7sTyEMNagmwTmyCyhI-hqL54xT-9NGUXePBPm5TznBpaRybpzfLsEL-AlApu-m0SAPBtIDPrXbKL4BqBJNFhxX04oQNXvolo9qy2nQg5mdFTsCPYDiLwshmiI0gYXrggWUR5PQyaGn1i8belDWeDvhElJK--62ILWT9ZgtdOXFnBl66S3BPj_OnoO_Dwfsa5HQBnTmqgNb1MsmARtAPlszQVHMwYEqeYLO1PaP5TZMS_wDIgLB_yHBZ25XqHOZ9FQDO8OMJpk2VBctpIt92OehQ2byZmF_DRruUWnSpklqUs6UiTq2-Rpy61PC3MRfLRzgOz1XwHVij5_BRA33bFxYqcIsc0XtJYUhYEZAFVqZYyXufP09e_X_yI9e-UAtAoeZHmPsddI-7iJU-gPloqd28MJP0BE5WDygHb641bUoFLV5bc_U3ASTdJ8Bb7hqmDeqFaZU8zjrkCfbVOG_Dwi0BefUTJbHrsbCGmP_zuLqvYtIWER1hhTbErI3Y8LTpJX3JxCYQvQOXRowJ6cX37m3IryypuHO-8iDDu6tXAR-SCLC1UyPXnlzTxq_oW93yJ_8ZfLRPYH81ZQaX3zWRhivrq-5UhCFFqJjLMeqmqidi8AlYtvK_P1Dxf1WLLZj5MNbgveqsoaV-f4iTg-U7gMpIWl5dQDT1y6iZtbDNFFLCwxgRc1SdI_BOz08QQigV_vHcom3boW8iTWrtQ90vevSXHBQ8PreM-2wNqxt42qjxdCTuq8HRy3h-hWnnRnlcuTFf7LErYCY8CBO5IrswoPcIBUOzttspV96RL9mlqvfcHqzblZhESWvhUUsQU3E76NnsWGftMN6PkOUS246zNVU4lnbiECAuzrr6Fqjq-iOW9O274GeKVNdJCRZQNnPdtZ8YY8yV13wLpA9mU1Tkr-Hot4-1IExCvJgWbHLKnlu7_6LAL7PZgFizz7vCpz9Wr9Hb-4iuTPTbRI44JODeOFYbewI4bnYqWPU94rue7acycsRJt0PBYlOVVr_4HsZk-lXqgGWR5Nad3NWZTHy1uaM_DmMOUWeVmp1pqzDnmYc4G7lGH29hCCZDp8Rajdzntrz0uf3Ur0NlExIG77lfi_oYcNzCym2ghIn-f_ymiCxn9RkPy2x7D0SbJrz9sAOpaNuVZM-z-uZ94k8z8xaLDrL6My1PUHSvMeUXrB3LHcYHUjcRoAqKZ4v3Br-LlDl4OCL-CPUQ0bxBAOHjlIQG9szBmubpN2jCLIy8c6Z5fK3VkgKkdMJTqlKl_KjiT7m5MDb_qyHb9_7iWsQ2naK7ILPZ0xCvtjkkCOk9Y4_MVDzfQ0i84jkYy1ee8RB__DTsj9kjG8gjptyFHTDw7BxOwGUByvqFai-81G7nQW8s0B6oVhZVRmUkAVi3fKWNmpKBC_y5y_N9tl9OMo7-niW4Ma6m5kqkCccisOk_H2vj2fdBPhTMuYfB5xCK9lgekOhyZ4-yxz_CTK43V5fbIdlkPQhuPwFuLVXR7GnvD0OvdwsQ2mZN8Nzu0ewyyS0i5LIez9krcKawsRB3EiYDFOUi4IqMLp7FxYKUtwffXNg8nxrPxNofEke-EEQpiDlbbBONLGGDernfCfYsfC3faZTNgQETL_Cx2F8pB5GuHaJTrgtODGGOXHWa8mybec-VsCyrI03aybjy8zaaJZCOTyrcA3RUuewOfoZVswixVRH3tAdG7dtz7q2aKegavwVOXsT4lvIk-ODRMtFPAv8kNYh3mbnJRuqvMiLSpaMAWPEVO3HgPWhY1rSc8Td6_oL8sJJkSkUCI0DIWNPt_OyZK7ImcqGnGZFagp8yus6L1mPYHhnZmv8W_InB1b2hMrKggStcWfGpBkNfQaOgLpND10RphZWMC-U4YJk404PL0FNRLQLxbC8qQUrWhUQpu38T5AkExVx0pN3xeXFAmNMoKARl3u8NmF6LSsV0kzEVIMr1xV0aupgZL4SZvGURsz2Je40VQnQPAwacdKoVx5oUPBrgKv1avYVDv8N_oh17BXcAtVPwyeWkLUmw5E5n_DMuk8CPp0p5JwMPrZJVk2S2GyrQrgoYWbpvVHQn89QdhhrlEehbffhbkDNNKttlDU3F8KRvbFJ77MVyHwG0_a8h2uZo-4CE83jHOqTe1PIMn-38PQB9ghkvpmKbQSzYPHSfK8HLmhdwvQNhlU1Q49uK4lzkh6zDSD&cid=CAASEuRoZ7DYsobHvq8UG5i5on6Arg&rfl=1%2Chttp%253A%252F%252Fcoinbase.in.w3snoop.com%252F%240 Requested by Host: coinbase.in.w3snoop.com URL: http://coinbase.in.w3snoop.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3e120a1aa78e7aec0709a3a74d150c57b456813a19d373bf045e713ccaddcb3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 22 Jan 2022 01:12:08 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14525 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 3F72	42 B 63 B	49ms 48ms	Image image/gif	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DlC3XyeJyKy6AYX_yvLyD2vvtClAxqYMHVxpcU5Fzo2ScyIjhexIbRw-6pXoh2eQJ3tMZpSkeR6_cebWjxkRJcHGu3oR0EBMUPIPQs4RaNdnpwk4o Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 22 Jan 2022 01:12:08 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame 3F72	2 KB 1 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/window_focus_fy2019.js Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:06:42 GMT content-encoding gzip x-content-type-options nosniff age 326 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1205 x-xss-protection 0 server cafe etag 18074202747124231361 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 05 Feb 2022 01:06:42 GMT
GET H3	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame 3F72	15 KB 6 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 00:56:18 GMT content-encoding gzip x-content-type-options nosniff age 950 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6473 x-xss-protection 0 server cafe etag 5124071950003790117 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 05 Feb 2022 00:56:18 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 3F72	0 0	24ms 23ms	Image text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3dKryqcUemIRj7H8-8PoWtT6bZf-O0o2rCojLlu_6r1sUKwu59XWb-e5QThdb8f8lFhWkrgKb8yrE3n_9jmpr5nPKKA Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 3F72	122 KB 37 KB	29ms 28ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software sffe / Resource Hash 425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:08 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38060 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1642595990432946" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 22 Jan 2022 01:12:08 GMT
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	24ms 24ms	Script application/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=coinbase.in.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 22 Jan 2022 01:12:08 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	24ms 24ms	Script application/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=coinbase.in.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 22 Jan 2022 01:12:08 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	332 B 165 B	476ms 475ms	XHR text/plain	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3803005523543764&correlator=2710981792524098&output=ldjh&impl=fifs&vrg=2022011408&ptt=17&sc=0&sfv=1-0-38&ecs=20220122&iu_parts=1254144%3A15511903%2Cw3snoop_com-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&ris=1&rcs=3&prev_scp=a%3D%257C3%257C%26iid1%3D5399922209652068%26eid%3D5399922209652068%26t%3D134%26d%3D86868%26t1%3D134%26pvc%3D0%26ap%3D1121%26sap%3D1121%26as%3Drevenue%26plat%3D1%26bra%3Dmod96%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dw3snoop_com-box-3-5399922209652068%26eb_br%3D76163170a8636ae5b88417f095893e08%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D8925457851%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D1%26br1%3D400%26br2%3D200%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C193%2C0%2C67%2C0%2C168%2C77%2C192%2C26%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C992%2C996%2C774%2C2339%2C2339%2C2339%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D500%26reqt%3D1642813928739&eri=1&cookie=ID%3D0691e5ac56906254%3AT%3D1642813923%3AS%3DALNI_Mbj-jnBG58jo91ABCM3_fgiS4euNQ&bc=23&abxe=1&dt=1642813928744&lmt=1642813928&dlt=1642813922259&idt=1027&frm=20&biw=1600&bih=1200&oid=2&adxs=661&adys=482&adks=3313998340&ucis=2&ifi=14&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=602x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1640558168.1642813923&ga_sid=1642813924&ga_hid=909859898&ga_fc=true&fws=0&ohw=0&btvi=0&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 80c3c3e74ed839bb285258605469a4cf3da8e1384db6f2ecb222e76e63a3d1d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:09 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 136 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin http://coinbase.in.w3snoop.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame DD3B Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGp5clLsjIpE7Ru1rPNBUfU&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGp5clLsjIpE7Ru1rPNBUfU&google_cver=1&C=1	43 B 1014 B	22ms 22ms	Image image/gif	2.18.234.21
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGp5clLsjIpE7Ru1rPNBUfU&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNX4_2-wtIffszyP32ITaiAREuSIX6qniFw8ANbLstRoU6Qykvo3hbhf7G5gYK22Oc6H-VzIa9dnA67oY_0NlLEi7tmmjlAE4bVgxDegHn6HQT3TBQTXY0ABY6GKcbbI3x5iZSQgeSeQKRQ8yyvfYLbXDkGTX5j5ZoExL8JOnx1nJ9UehbjOI9Am-iYiSt9Wsxx9mwK_NIDtCfEpzBNvZLkbnUsocg Protocol HTTP/1.1 Server 2.18.234.21 -, , ASN (), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Sat, 22 Jan 2022 01:12:08 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Sat, 22 Jan 2022 01:12:08 GMT Redirect headers Pragma no-cache Date Sat, 22 Jan 2022 01:12:08 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGp5clLsjIpE7Ru1rPNBUfU&google_cver=1&C=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 308 Expires Sat, 22 Jan 2022 01:12:08 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame DD3B Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YetZ6CdVgAXS6ZCv9sOtSwAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGp5clLsjIpE7Ru1rPNBUfU&google_cver=1	43 B 894 B	21ms 21ms	Image image/gif	2.18.234.21
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGp5clLsjIpE7Ru1rPNBUfU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNX4_2-wtIffszyP32ITaiAREuSIX6qniFw8ANbLstRoU6Qykvo3hbhf7G5gYK22Oc6H-VzIa9dnA67oY_0NlLEi7tmmjlAE4bVgxDegHn6HQT3TBQTXY0ABY6GKcbbI3x5iZSQgeSeQKRQ8yyvfYLbXDkGTX5j5ZoExL8JOnx1nJ9UehbjOI9Am-iYiSt9Wsxx9mwK_NIDtCfEpzBNvZLkbnUsocg Protocol HTTP/1.1 Server 2.18.234.21 -, , ASN (), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Sat, 22 Jan 2022 01:12:08 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Sat, 22 Jan 2022 01:12:08 GMT Redirect headers pragma no-cache date Sat, 22 Jan 2022 01:12:08 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGp5clLsjIpE7Ru1rPNBUfU&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame DD3B Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEHF3cm6iLGC0qGTsQSafzZ4&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHF3cm6iLGC0qGTsQSafzZ4%26google_cver%3D1	43 B 1 KB	15ms 15ms	Image image/gif	37.252.173.22
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHF3cm6iLGC0qGTsQSafzZ4%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNX4_2-wtIffszyP32ITaiAREuSIX6qniFw8ANbLstRoU6Qykvo3hbhf7G5gYK22Oc6H-VzIa9dnA67oY_0NlLEi7tmmjlAE4bVgxDegHn6HQT3TBQTXY0ABY6GKcbbI3x5iZSQgeSeQKRQ8yyvfYLbXDkGTX5j5ZoExL8JOnx1nJ9UehbjOI9Am-iYiSt9Wsxx9mwK_NIDtCfEpzBNvZLkbnUsocg Protocol HTTP/1.1 Server 37.252.173.22 -, , ASN (), Reverse DNS Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Sat, 22 Jan 2022 01:12:08 GMT X-Proxy-Origin 84.19.175.184; 84.19.175.184; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 9ceb22bb-de20-4135-a8ee-380efcd6b7cb Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Sat, 22 Jan 2022 01:12:08 GMT X-Proxy-Origin 84.19.175.184; 84.19.175.184; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 03711016-e9d9-4614-8cfc-9fcc7ff259c6 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHF3cm6iLGC0qGTsQSafzZ4%26google_cver%3D1 Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame DD3B Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk3MTU5NjY2NDM3MTY1Mjg0Mg%3D%3D	170 B 188 B	31ms 31ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk3MTU5NjY2NDM3MTY1Mjg0Mg%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNX4_2-wtIffszyP32ITaiAREuSIX6qniFw8ANbLstRoU6Qykvo3hbhf7G5gYK22Oc6H-VzIa9dnA67oY_0NlLEi7tmmjlAE4bVgxDegHn6HQT3TBQTXY0ABY6GKcbbI3x5iZSQgeSeQKRQ8yyvfYLbXDkGTX5j5ZoExL8JOnx1nJ9UehbjOI9Am-iYiSt9Wsxx9mwK_NIDtCfEpzBNvZLkbnUsocg Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 22 Jan 2022 01:12:08 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Sat, 22 Jan 2022 01:12:08 GMT X-Proxy-Origin 84.19.175.184; 84.19.175.184; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 93659728-26b4-4544-bdc2-c9f3a73b029a Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk3MTU5NjY2NDM3MTY1Mjg0Mg%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/ Frame 3F72	24 KB 9 KB	17ms 17ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DZGo6aha12I6tvNxu0dTgZZzf2osZw35e2R3Uq87l4lGRU7OLOjlAqQarXbMUihisUDn-g4RIe6R3ivhGfsCqpAXlg1GXzWgawPiBaByI3qsncb6amXRvu3_4q9I0XoMSCiwcVSVM8hNxRlblXY2eOHHkjXw&cry=1&dbm_d=AKAmf-CLtsCEpYj_8DhUted8JXeATVZmJSnejS0BDrnqsuBlbtvcrRfcswv4OSMQBTyMe5uGjUhBuAeyS2bgTG_ATVIukCvyq_7xgy6GQgDxm9s0Q54CDvU-9spqCwE_Jq4bYCigzetp9-noEy_fngXZZuddkecVRR3N-AmcdkS_saTbXE0M75QKW5X1aVXtTNLzIZGnLAdqFpxteZQ_fkrNmP86kImrHaZKeDQ4eOiVAIN7gHulTrtKNvg6Hox1lVvAtA4XSBvLTmzY8GGTyMFzaqhORd1ckBhHTk5R_GRjS1cIxOmYmF18rhw5EUqG68wp3Jbed860xrZBalrGZ32kEgraN475yZcEWYvcOGVKXR-q9obnzSup4eNZZiReW4XeL5w5JXmUXqpvvBMaF6KxPnY0qmWWNGG1SZEgwGV05r2u63VynSJQsEfNFIi1Rj_jKK8XoaTfx7hFx3MwlrTjcnng17_YShm6AAC5N69Jj4EQk31NyzntWgdbqRnkPHsO2hBBlzDZu1NJjCpGE6KinDhy2GLIkigLe-J-yW1fCLQUqi53IX7LwOnLLVEM2QXGsW0G6Z5JWqsKQOKYiX1dMyzcPN92SxnGnqOQb-G5DPM311GAzoZN1qpX-cbhYxCzwqGxm7SG4DUKLhjIHFQV3OlZ8nKDGp5EFFO-2ZWcZV2ODxewDy6JuguXPSmjy74m4CpFsekfRbT4lL-eDkIgAgQKwewX_-Y31VQ_FhU5PzdpaHV3LJNJMn1YwC-5_QV7UYZNOUXDyIT1XgBRQ31RbxEO7pag5eqMv5rk-9dDJdV0uhOxYdG8TgAM_tbNzrZXts9o5TUhK60MYtzpouEXIJG48hbkWdQp5MFW11VQlZ8BGYDK_oV12a2A7ppyFsJQOBe2-7ZlS92-ublELSFF871Fa8pYypRtTJixvVbgqS7JOIDqJU_KO3sc7yrjQACTnqTuea8biwr5fBQrGZBll551iLPwFzQxGzrCjc_bf4mQXjMjQ1pcEIiDXuEBoLvKeSGfxe-zyafclKrJpOCCN8MjpPU8KKxz5LWoiJa1anKFJZ_7sTyEMNagmwTmyCyhI-hqL54xT-9NGUXePBPm5TznBpaRybpzfLsEL-AlApu-m0SAPBtIDPrXbKL4BqBJNFhxX04oQNXvolo9qy2nQg5mdFTsCPYDiLwshmiI0gYXrggWUR5PQyaGn1i8belDWeDvhElJK--62ILWT9ZgtdOXFnBl66S3BPj_OnoO_Dwfsa5HQBnTmqgNb1MsmARtAPlszQVHMwYEqeYLO1PaP5TZMS_wDIgLB_yHBZ25XqHOZ9FQDO8OMJpk2VBctpIt92OehQ2byZmF_DRruUWnSpklqUs6UiTq2-Rpy61PC3MRfLRzgOz1XwHVij5_BRA33bFxYqcIsc0XtJYUhYEZAFVqZYyXufP09e_X_yI9e-UAtAoeZHmPsddI-7iJU-gPloqd28MJP0BE5WDygHb641bUoFLV5bc_U3ASTdJ8Bb7hqmDeqFaZU8zjrkCfbVOG_Dwi0BefUTJbHrsbCGmP_zuLqvYtIWER1hhTbErI3Y8LTpJX3JxCYQvQOXRowJ6cX37m3IryypuHO-8iDDu6tXAR-SCLC1UyPXnlzTxq_oW93yJ_8ZfLRPYH81ZQaX3zWRhivrq-5UhCFFqJjLMeqmqidi8AlYtvK_P1Dxf1WLLZj5MNbgveqsoaV-f4iTg-U7gMpIWl5dQDT1y6iZtbDNFFLCwxgRc1SdI_BOz08QQigV_vHcom3boW8iTWrtQ90vevSXHBQ8PreM-2wNqxt42qjxdCTuq8HRy3h-hWnnRnlcuTFf7LErYCY8CBO5IrswoPcIBUOzttspV96RL9mlqvfcHqzblZhESWvhUUsQU3E76NnsWGftMN6PkOUS246zNVU4lnbiECAuzrr6Fqjq-iOW9O274GeKVNdJCRZQNnPdtZ8YY8yV13wLpA9mU1Tkr-Hot4-1IExCvJgWbHLKnlu7_6LAL7PZgFizz7vCpz9Wr9Hb-4iuTPTbRI44JODeOFYbewI4bnYqWPU94rue7acycsRJt0PBYlOVVr_4HsZk-lXqgGWR5Nad3NWZTHy1uaM_DmMOUWeVmp1pqzDnmYc4G7lGH29hCCZDp8Rajdzntrz0uf3Ur0NlExIG77lfi_oYcNzCym2ghIn-f_ymiCxn9RkPy2x7D0SbJrz9sAOpaNuVZM-z-uZ94k8z8xaLDrL6My1PUHSvMeUXrB3LHcYHUjcRoAqKZ4v3Br-LlDl4OCL-CPUQ0bxBAOHjlIQG9szBmubpN2jCLIy8c6Z5fK3VkgKkdMJTqlKl_KjiT7m5MDb_qyHb9_7iWsQ2naK7ILPZ0xCvtjkkCOk9Y4_MVDzfQ0i84jkYy1ee8RB__DTsj9kjG8gjptyFHTDw7BxOwGUByvqFai-81G7nQW8s0B6oVhZVRmUkAVi3fKWNmpKBC_y5y_N9tl9OMo7-niW4Ma6m5kqkCccisOk_H2vj2fdBPhTMuYfB5xCK9lgekOhyZ4-yxz_CTK43V5fbIdlkPQhuPwFuLVXR7GnvD0OvdwsQ2mZN8Nzu0ewyyS0i5LIez9krcKawsRB3EiYDFOUi4IqMLp7FxYKUtwffXNg8nxrPxNofEke-EEQpiDlbbBONLGGDernfCfYsfC3faZTNgQETL_Cx2F8pB5GuHaJTrgtODGGOXHWa8mybec-VsCyrI03aybjy8zaaJZCOTyrcA3RUuewOfoZVswixVRH3tAdG7dtz7q2aKegavwVOXsT4lvIk-ODRMtFPAv8kNYh3mbnJRuqvMiLSpaMAWPEVO3HgPWhY1rSc8Td6_oL8sJJkSkUCI0DIWNPt_OyZK7ImcqGnGZFagp8yus6L1mPYHhnZmv8W_InB1b2hMrKggStcWfGpBkNfQaOgLpND10RphZWMC-U4YJk404PL0FNRLQLxbC8qQUrWhUQpu38T5AkExVx0pN3xeXFAmNMoKARl3u8NmF6LSsV0kzEVIMr1xV0aupgZL4SZvGURsz2Je40VQnQPAwacdKoVx5oUPBrgKv1avYVDv8N_oh17BXcAtVPwyeWkLUmw5E5n_DMuk8CPp0p5JwMPrZJVk2S2GyrQrgoYWbpvVHQn89QdhhrlEehbffhbkDNNKttlDU3F8KRvbFJ77MVyHwG0_a8h2uZo-4CE83jHOqTe1PIMn-38PQB9ghkvpmKbQSzYPHSfK8HLmhdwvQNhlU1Q49uK4lzkh6zDSD&cid=CAASEuRoZ7DYsobHvq8UG5i5on6Arg&rfl=1%2Chttp%253A%252F%252Fcoinbase.in.w3snoop.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:04:41 GMT content-encoding gzip x-content-type-options nosniff age 447 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9544 x-xss-protection 0 server cafe etag 6261108306223674270 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 05 Feb 2022 01:04:41 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 3F72	41 KB 15 KB	15ms 15ms	Script text/javascript	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DZGo6aha12I6tvNxu0dTgZZzf2osZw35e2R3Uq87l4lGRU7OLOjlAqQarXbMUihisUDn-g4RIe6R3ivhGfsCqpAXlg1GXzWgawPiBaByI3qsncb6amXRvu3_4q9I0XoMSCiwcVSVM8hNxRlblXY2eOHHkjXw&cry=1&dbm_d=AKAmf-CLtsCEpYj_8DhUted8JXeATVZmJSnejS0BDrnqsuBlbtvcrRfcswv4OSMQBTyMe5uGjUhBuAeyS2bgTG_ATVIukCvyq_7xgy6GQgDxm9s0Q54CDvU-9spqCwE_Jq4bYCigzetp9-noEy_fngXZZuddkecVRR3N-AmcdkS_saTbXE0M75QKW5X1aVXtTNLzIZGnLAdqFpxteZQ_fkrNmP86kImrHaZKeDQ4eOiVAIN7gHulTrtKNvg6Hox1lVvAtA4XSBvLTmzY8GGTyMFzaqhORd1ckBhHTk5R_GRjS1cIxOmYmF18rhw5EUqG68wp3Jbed860xrZBalrGZ32kEgraN475yZcEWYvcOGVKXR-q9obnzSup4eNZZiReW4XeL5w5JXmUXqpvvBMaF6KxPnY0qmWWNGG1SZEgwGV05r2u63VynSJQsEfNFIi1Rj_jKK8XoaTfx7hFx3MwlrTjcnng17_YShm6AAC5N69Jj4EQk31NyzntWgdbqRnkPHsO2hBBlzDZu1NJjCpGE6KinDhy2GLIkigLe-J-yW1fCLQUqi53IX7LwOnLLVEM2QXGsW0G6Z5JWqsKQOKYiX1dMyzcPN92SxnGnqOQb-G5DPM311GAzoZN1qpX-cbhYxCzwqGxm7SG4DUKLhjIHFQV3OlZ8nKDGp5EFFO-2ZWcZV2ODxewDy6JuguXPSmjy74m4CpFsekfRbT4lL-eDkIgAgQKwewX_-Y31VQ_FhU5PzdpaHV3LJNJMn1YwC-5_QV7UYZNOUXDyIT1XgBRQ31RbxEO7pag5eqMv5rk-9dDJdV0uhOxYdG8TgAM_tbNzrZXts9o5TUhK60MYtzpouEXIJG48hbkWdQp5MFW11VQlZ8BGYDK_oV12a2A7ppyFsJQOBe2-7ZlS92-ublELSFF871Fa8pYypRtTJixvVbgqS7JOIDqJU_KO3sc7yrjQACTnqTuea8biwr5fBQrGZBll551iLPwFzQxGzrCjc_bf4mQXjMjQ1pcEIiDXuEBoLvKeSGfxe-zyafclKrJpOCCN8MjpPU8KKxz5LWoiJa1anKFJZ_7sTyEMNagmwTmyCyhI-hqL54xT-9NGUXePBPm5TznBpaRybpzfLsEL-AlApu-m0SAPBtIDPrXbKL4BqBJNFhxX04oQNXvolo9qy2nQg5mdFTsCPYDiLwshmiI0gYXrggWUR5PQyaGn1i8belDWeDvhElJK--62ILWT9ZgtdOXFnBl66S3BPj_OnoO_Dwfsa5HQBnTmqgNb1MsmARtAPlszQVHMwYEqeYLO1PaP5TZMS_wDIgLB_yHBZ25XqHOZ9FQDO8OMJpk2VBctpIt92OehQ2byZmF_DRruUWnSpklqUs6UiTq2-Rpy61PC3MRfLRzgOz1XwHVij5_BRA33bFxYqcIsc0XtJYUhYEZAFVqZYyXufP09e_X_yI9e-UAtAoeZHmPsddI-7iJU-gPloqd28MJP0BE5WDygHb641bUoFLV5bc_U3ASTdJ8Bb7hqmDeqFaZU8zjrkCfbVOG_Dwi0BefUTJbHrsbCGmP_zuLqvYtIWER1hhTbErI3Y8LTpJX3JxCYQvQOXRowJ6cX37m3IryypuHO-8iDDu6tXAR-SCLC1UyPXnlzTxq_oW93yJ_8ZfLRPYH81ZQaX3zWRhivrq-5UhCFFqJjLMeqmqidi8AlYtvK_P1Dxf1WLLZj5MNbgveqsoaV-f4iTg-U7gMpIWl5dQDT1y6iZtbDNFFLCwxgRc1SdI_BOz08QQigV_vHcom3boW8iTWrtQ90vevSXHBQ8PreM-2wNqxt42qjxdCTuq8HRy3h-hWnnRnlcuTFf7LErYCY8CBO5IrswoPcIBUOzttspV96RL9mlqvfcHqzblZhESWvhUUsQU3E76NnsWGftMN6PkOUS246zNVU4lnbiECAuzrr6Fqjq-iOW9O274GeKVNdJCRZQNnPdtZ8YY8yV13wLpA9mU1Tkr-Hot4-1IExCvJgWbHLKnlu7_6LAL7PZgFizz7vCpz9Wr9Hb-4iuTPTbRI44JODeOFYbewI4bnYqWPU94rue7acycsRJt0PBYlOVVr_4HsZk-lXqgGWR5Nad3NWZTHy1uaM_DmMOUWeVmp1pqzDnmYc4G7lGH29hCCZDp8Rajdzntrz0uf3Ur0NlExIG77lfi_oYcNzCym2ghIn-f_ymiCxn9RkPy2x7D0SbJrz9sAOpaNuVZM-z-uZ94k8z8xaLDrL6My1PUHSvMeUXrB3LHcYHUjcRoAqKZ4v3Br-LlDl4OCL-CPUQ0bxBAOHjlIQG9szBmubpN2jCLIy8c6Z5fK3VkgKkdMJTqlKl_KjiT7m5MDb_qyHb9_7iWsQ2naK7ILPZ0xCvtjkkCOk9Y4_MVDzfQ0i84jkYy1ee8RB__DTsj9kjG8gjptyFHTDw7BxOwGUByvqFai-81G7nQW8s0B6oVhZVRmUkAVi3fKWNmpKBC_y5y_N9tl9OMo7-niW4Ma6m5kqkCccisOk_H2vj2fdBPhTMuYfB5xCK9lgekOhyZ4-yxz_CTK43V5fbIdlkPQhuPwFuLVXR7GnvD0OvdwsQ2mZN8Nzu0ewyyS0i5LIez9krcKawsRB3EiYDFOUi4IqMLp7FxYKUtwffXNg8nxrPxNofEke-EEQpiDlbbBONLGGDernfCfYsfC3faZTNgQETL_Cx2F8pB5GuHaJTrgtODGGOXHWa8mybec-VsCyrI03aybjy8zaaJZCOTyrcA3RUuewOfoZVswixVRH3tAdG7dtz7q2aKegavwVOXsT4lvIk-ODRMtFPAv8kNYh3mbnJRuqvMiLSpaMAWPEVO3HgPWhY1rSc8Td6_oL8sJJkSkUCI0DIWNPt_OyZK7ImcqGnGZFagp8yus6L1mPYHhnZmv8W_InB1b2hMrKggStcWfGpBkNfQaOgLpND10RphZWMC-U4YJk404PL0FNRLQLxbC8qQUrWhUQpu38T5AkExVx0pN3xeXFAmNMoKARl3u8NmF6LSsV0kzEVIMr1xV0aupgZL4SZvGURsz2Je40VQnQPAwacdKoVx5oUPBrgKv1avYVDv8N_oh17BXcAtVPwyeWkLUmw5E5n_DMuk8CPp0p5JwMPrZJVk2S2GyrQrgoYWbpvVHQn89QdhhrlEehbffhbkDNNKttlDU3F8KRvbFJ77MVyHwG0_a8h2uZo-4CE83jHOqTe1PIMn-38PQB9ghkvpmKbQSzYPHSfK8HLmhdwvQNhlU1Q49uK4lzkh6zDSD&cid=CAASEuRoZ7DYsobHvq8UG5i5on6Arg&rfl=1%2Chttp%253A%252F%252Fcoinbase.in.w3snoop.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 08:48:02 GMT content-encoding gzip x-content-type-options nosniff age 231846 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 19 Jan 2023 08:48:02 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 66F9	22 KB 8 KB	17ms 16ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 x-content-type-options nosniff server sffe x-xss-protection 0 date Wed, 19 Jan 2022 08:48:03 GMT expires Thu, 19 Jan 2023 08:48:03 GMT cache-control public, max-age=31536000 last-modified Tue, 03 Mar 2020 20:15:00 GMT content-type text/html age 231845 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	npoee1nv94vs Show response hal9000.redintelligence.net/zone/ Frame 3F72	11 KB 4 KB	81ms 26ms	Script text/html	46.4.10.47
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/npoee1nv94vs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrXQV6FnrYdnCGMvs3wP6qKz4DrXN-YNXzN65q-UM8C4QASD0-cYlYJXKpYKwB8gBCakCfPp161YIsz6oAwGqBO4BT9DpbdQr7qyhz3f1Bg8APDlWA7qLuWj6b88iWk97sgV74gw9CVGU3cvgYuFsgY9n_j5h9rRvvZEkWbwG9GzZtFOrXy2Flhil0tSwOfQyNt1kNE5RB9MTtymGKYPaMwS4hYo4OQgsxbEP_Jzsxq-IQEsyC-1X0sr_NtEoOd6hyBpuKx3q9eDJY1FjobYQoUOjdX-TYImlXh8MBZvmMmti0wx2aYe0zisV9OxtHjGl5ewSq2WwdkRUVsA3U3UQU9ylYPOly6dMhJPfIMjjLeVpuai3YaJ8hjk-MjwA3lZ6nNpubFFstva-Rn-RRY7-uMAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi00MTgwODMzNTg1MjA4NzEygAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoZ7DYsobHvq8UG5i5on6Arg%26sig%3DAOD64_0EBxUZK00kFDZCrsg9BQ8Ywv4y6g%26client%3Dca-pub-6396844742497208%26dbm_c%3DAKAmf-BLk6F_JEwDE0WGVopwcQkCvlf6k1AjL0yt3-Gt3jruqMq4subF0r7duwtjibP0GSqNBRzIX53MCvETx6W8lPvtdR6lsUzv9byOzkGW7_yTluWWmNQWIKYgGj1J6k74aZmg9-2PoodeDidWxkDO1GZY2kDlCw%26cry%3D1%26dbm_d%3DAKAmf-DPVX7PzsHegb8HCg2rk__6PJy6yBw1IYQ7qeMDMVXUy04XJuycZErmKPRTXSIPPhRgps12_v4Ge9QxG6R8c6kWddbK9frlmja4a46vqen1K8_wuH8k3FHChi_eg7_J1BwYlkpqZxeuNa_PO4MRzzHVP5qfmL8W-U5SOUSvOwUrMPNU5M27Mzp7Corjm50WpHe-pR7qbkHCLqFcI58Fi5Oeydmxw928dlH0kzv2UnFLhochTXhRK3VcvhRz0OfUUcecS37dz5SNGn75XvofhUKQDQ-qYbHpmlwYspRHSiLAFk0UVmGBMZNeeF-j_yQ0z4kUnkEmFOIDDzMNi90g3xh5GUqYL4qptf3L_6oewadeexHAIhOql2ul32ZbMMH0Er66AIDeQNOjbqtOgjTkeOd_HklGHP16pyLYg0LZWAMUaACXxqa7DUHsjaJt0r_tpXSgm5YZ9-RgN5CkaCMDd8KGv0PG3w%26adurl%3D Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 46.4.10.47 -, , ASN (), Reverse DNS Software Apache / Resource Hash 2062bf15dd9e7b6dc7a22b96f386d17ff0c3d6e4b9db563144b209f573b6a376 Request headers Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:08 GMT Content-Encoding gzip Server Apache Connection close Content-Length 3949 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	25ms 25ms	Script application/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=coinbase.in.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 22 Jan 2022 01:12:08 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	24ms 24ms	Script application/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=coinbase.in.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 22 Jan 2022 01:12:08 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	333 B 166 B	314ms 313ms	XHR text/plain	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3803005523543764&correlator=3695064708196936&output=ldjh&impl=fifs&vrg=2022011408&ptt=17&sc=0&sfv=1-0-38&ecs=20220122&iu_parts=1254144%3A15511903%2Cw3snoop_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=3&prev_scp=a%3D%257C5%257C%26iid1%3D1263870067619118%26eid%3D1263870067619118%26t%3D134%26d%3D86868%26t1%3D134%26pvc%3D0%26ap%3D1142%26sap%3D1142%26as%3Drevenue%26plat%3D1%26bra%3Dmod96%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dw3snoop_com-box-2-1263870067619118%26eb_br%3D947f1d5169cc7d0f997560e34838fb04%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D8925457851%26bv%3D0%26bvm%3D4%26bvr%3D4%26shp%3D1%26br1%3D42%26br2%3D200%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C168%2C0%2C67%2C0%2C193%2C66%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C2339%2C992%2C996%2C774%2C20%2C2310%2C17%2C20%2C608%2C2310%2C2351%2C17%2C19%2C20%2C608%2C2310%2C2351%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26hb_bidder%3Drubicon%26hb_adid%3D7193ad78fe32da4%26hb_pb%3D0.21%26hb_format%3Dbanner%26hb_ssid%3D10063%26hb_opt%3D0.21%26hb_rt%3Dclient%26lb%3D140%26reqt%3D1642813928822&eri=1&cookie=ID%3D0691e5ac56906254%3AT%3D1642813923%3AS%3DALNI_Mbj-jnBG58jo91ABCM3_fgiS4euNQ&bc=23&abxe=1&dt=1642813928827&lmt=1642813928&dlt=1642813922259&idt=1027&frm=20&biw=1600&bih=1200&oid=2&adxs=650&adys=2&adks=3539511386&ucis=1&ifi=15&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=300x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1640558168.1642813923&ga_sid=1642813924&ga_hid=909859898&ga_fc=true&fws=0&ohw=0&btvi=0&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash a48763d0a397b19bc4d18d514e4ca82a90e092a552aee2e96d6be8c40e7ec9b4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:09 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 137 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin http://coinbase.in.w3snoop.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js Show response pagead2.googlesyndication.com/bg/ Frame 66F9	35 KB 13 KB	17ms 16ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5584809aa902aaa236a75bc6ecdd04661304da64818f8ec3b3c23a9c884398fe Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 00:04:59 GMT content-encoding br x-content-type-options nosniff age 4029 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13526 x-xss-protection 0 last-modified Wed, 12 Jan 2022 16:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 22 Jan 2023 00:04:59 GMT
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	25ms 25ms	Script application/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=coinbase.in.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 22 Jan 2022 01:12:08 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	28ms 28ms	Script application/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=coinbase.in.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 22 Jan 2022 01:12:08 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	341 B 175 B	267ms 267ms	XHR text/plain	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3803005523543764&correlator=3352663601008060&output=ldjh&impl=fifs&vrg=2022011408&ptt=17&sc=0&sfv=1-0-38&ecs=20220122&iu_parts=1254144%3A15511903%2Cw3snoop_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ris=1&rcs=3&prev_scp=a%3D%257C251%257C%26iid1%3D4024909493590809%26eid%3D4024909493590809%26t%3D134%26d%3D86868%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod96%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dw3snoop_com-medrectangle-2-4024909493590809%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D8925457851%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D1%26br1%3D140%26br2%3D140%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C168%2C0%2C4%2C0%2C193%2C20%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C2339%2C992%2C996%2C774%2C2310%2C20%2C2310%2C17%2C20%2C608%2C2310%2C2351%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D220%26reqt%3D1642813928855&eri=1&cookie=ID%3D0691e5ac56906254%3AT%3D1642813923%3AS%3DALNI_Mbj-jnBG58jo91ABCM3_fgiS4euNQ&bc=23&abxe=1&dt=1642813928862&lmt=1642813928&dlt=1642813922259&idt=1027&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=1200&adks=881660063&ucis=4&ifi=16&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=1600x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1640558168.1642813923&ga_sid=1642813924&ga_hid=909859898&ga_fc=true&fws=512&ohw=0&btvi=4&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 8713d6e9df29d6ba7db90b712416c4b0a6ef8e89fddd0000a737356eb5e2a080 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:09 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 146 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin http://coinbase.in.w3snoop.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	request.php Show response hal900029.redintelligence.net/ Frame 3F72 Redirect Chain https://hal900029.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=df0c66ed79&subid=&uid=e722c7fbe22ce224&screenSize=1600x1200&screenSizeAvail=1600x1200&cl... https://hal900029.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=df0c66ed79&subid=&uid=e722c7fbe22ce224&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...	4 KB 2 KB	146ms 105ms	Script application/x-javascript	88.99.219.174
General Check archive.org Show headers Download Go to Full URL https://hal900029.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=df0c66ed79&subid=&uid=e722c7fbe22ce224&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrXQV6FnrYdnCGMvs3wP6qKz4DrXN-YNXzN65q-UM8C4QASD0-cYlYJXKpYKwB8gBCakCfPp161YIsz6oAwGqBO4BT9DpbdQr7qyhz3f1Bg8APDlWA7qLuWj6b88iWk97sgV74gw9CVGU3cvgYuFsgY9n_j5h9rRvvZEkWbwG9GzZtFOrXy2Flhil0tSwOfQyNt1kNE5RB9MTtymGKYPaMwS4hYo4OQgsxbEP_Jzsxq-IQEsyC-1X0sr_NtEoOd6hyBpuKx3q9eDJY1FjobYQoUOjdX-TYImlXh8MBZvmMmti0wx2aYe0zisV9OxtHjGl5ewSq2WwdkRUVsA3U3UQU9ylYPOly6dMhJPfIMjjLeVpuai3YaJ8hjk-MjwA3lZ6nNpubFFstva-Rn-RRY7-uMAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi00MTgwODMzNTg1MjA4NzEygAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoZ7DYsobHvq8UG5i5on6Arg%26sig%3DAOD64_0EBxUZK00kFDZCrsg9BQ8Ywv4y6g%26client%3Dca-pub-6396844742497208%26dbm_c%3DAKAmf-BLk6F_JEwDE0WGVopwcQkCvlf6k1AjL0yt3-Gt3jruqMq4subF0r7duwtjibP0GSqNBRzIX53MCvETx6W8lPvtdR6lsUzv9byOzkGW7_yTluWWmNQWIKYgGj1J6k74aZmg9-2PoodeDidWxkDO1GZY2kDlCw%26cry%3D1%26dbm_d%3DAKAmf-DPVX7PzsHegb8HCg2rk__6PJy6yBw1IYQ7qeMDMVXUy04XJuycZErmKPRTXSIPPhRgps12_v4Ge9QxG6R8c6kWddbK9frlmja4a46vqen1K8_wuH8k3FHChi_eg7_J1BwYlkpqZxeuNa_PO4MRzzHVP5qfmL8W-U5SOUSvOwUrMPNU5M27Mzp7Corjm50WpHe-pR7qbkHCLqFcI58Fi5Oeydmxw928dlH0kzv2UnFLhochTXhRK3VcvhRz0OfUUcecS37dz5SNGn75XvofhUKQDQ-qYbHpmlwYspRHSiLAFk0UVmGBMZNeeF-j_yQ0z4kUnkEmFOIDDzMNi90g3xh5GUqYL4qptf3L_6oewadeexHAIhOql2ul32ZbMMH0Er66AIDeQNOjbqtOgjTkeOd_HklGHP16pyLYg0LZWAMUaACXxqa7DUHsjaJt0r_tpXSgm5YZ9-RgN5CkaCMDd8KGv0PG3w%26adurl%3D&documentReferer=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&ancestorOrigins=http%3A%2F%2Fcoinbase.in.w3snoop.com&random=1469920006777&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Server 88.99.219.174 -, , ASN (), Reverse DNS Software Apache / Resource Hash f44155435730d42f3914e7e115bf9d50875e31c1b2ef5369eced65c56df04f7e Request headers Accept-Language de-DE,de;q=0.9 Referer https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Sat, 22 Jan 2022 01:12:09 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 23135900016096500710616011847029 Connection close Content-Type application/x-javascript; charset=utf-8 Content-Length 1215 Expires Sat, 22 Jan 2022 01:12:09 +0100 Redirect headers Pragma no-cache Date Sat, 22 Jan 2022 01:12:08 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=df0c66ed79&subid=&uid=e722c7fbe22ce224&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrXQV6FnrYdnCGMvs3wP6qKz4DrXN-YNXzN65q-UM8C4QASD0-cYlYJXKpYKwB8gBCakCfPp161YIsz6oAwGqBO4BT9DpbdQr7qyhz3f1Bg8APDlWA7qLuWj6b88iWk97sgV74gw9CVGU3cvgYuFsgY9n_j5h9rRvvZEkWbwG9GzZtFOrXy2Flhil0tSwOfQyNt1kNE5RB9MTtymGKYPaMwS4hYo4OQgsxbEP_Jzsxq-IQEsyC-1X0sr_NtEoOd6hyBpuKx3q9eDJY1FjobYQoUOjdX-TYImlXh8MBZvmMmti0wx2aYe0zisV9OxtHjGl5ewSq2WwdkRUVsA3U3UQU9ylYPOly6dMhJPfIMjjLeVpuai3YaJ8hjk-MjwA3lZ6nNpubFFstva-Rn-RRY7-uMAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi00MTgwODMzNTg1MjA4NzEygAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoZ7DYsobHvq8UG5i5on6Arg%26sig%3DAOD64_0EBxUZK00kFDZCrsg9BQ8Ywv4y6g%26client%3Dca-pub-6396844742497208%26dbm_c%3DAKAmf-BLk6F_JEwDE0WGVopwcQkCvlf6k1AjL0yt3-Gt3jruqMq4subF0r7duwtjibP0GSqNBRzIX53MCvETx6W8lPvtdR6lsUzv9byOzkGW7_yTluWWmNQWIKYgGj1J6k74aZmg9-2PoodeDidWxkDO1GZY2kDlCw%26cry%3D1%26dbm_d%3DAKAmf-DPVX7PzsHegb8HCg2rk__6PJy6yBw1IYQ7qeMDMVXUy04XJuycZErmKPRTXSIPPhRgps12_v4Ge9QxG6R8c6kWddbK9frlmja4a46vqen1K8_wuH8k3FHChi_eg7_J1BwYlkpqZxeuNa_PO4MRzzHVP5qfmL8W-U5SOUSvOwUrMPNU5M27Mzp7Corjm50WpHe-pR7qbkHCLqFcI58Fi5Oeydmxw928dlH0kzv2UnFLhochTXhRK3VcvhRz0OfUUcecS37dz5SNGn75XvofhUKQDQ-qYbHpmlwYspRHSiLAFk0UVmGBMZNeeF-j_yQ0z4kUnkEmFOIDDzMNi90g3xh5GUqYL4qptf3L_6oewadeexHAIhOql2ul32ZbMMH0Er66AIDeQNOjbqtOgjTkeOd_HklGHP16pyLYg0LZWAMUaACXxqa7DUHsjaJt0r_tpXSgm5YZ9-RgN5CkaCMDd8KGv0PG3w%26adurl%3D&documentReferer=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&ancestorOrigins=http%3A%2F%2Fcoinbase.in.w3snoop.com&random=1469920006777&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Type text/html; charset=UTF-8 Content-Length 0 Expires Sat, 22 Jan 2022 01:12:08 +0100
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 66F9	0 20 B	52ms 51ms	Image image/gif	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwZKS6FnrYZTKLZjJ7_UP_bOm-A0AAAAAOAHgBAI&bg=!VValVhLNAAZ_DxPPfw87ACkAdvg8WmRmKZpfB_ALP_IATuAMtbKVpq34PAgns-8DU_UU4Mh5MprGrwIAAABWUgAAAAJoAQeZAw-LqENtTVJai9wmcRF8i023IvHMR6i5pFWdv2FsyM6EKZDBddkFxIxSoRcjFomS25Ofk9OSZflrE7imZ_MxXXOSS2ma2XNPlI8De5fiBOBUh2RdPVYvkp7ZHaYRPLsRwdaZ4Wu_DsKtPBcEG1e54aGmeBPtWmWNh351CHPvHKHWTyJMqHO1o81zMMQQg3dN_FBWkquv1o8NuTD1uV8kgV8Vc7y10rfi71kTSu_JaHZ9LHSIbl1oBJgmXUH0VMqjO7PtFyQF5axclYnWbRuzgq5A6TbiOKCRPcJRrqmD29uf01vFmlfCQ3kmaMZdjEBFuRtxccA0RZTQPKfQIugySxIM-rFDhnRkVvIGxgBABrRVjfqFG8z_58xpDzXsPwC3j6DiKYt4KJ5yno2Wp7ERlSMXNgyuXmdz16Ky5w-lKKaFuwMTDQXBKjO7pSz7XHisplCa1M8OJq-9gT1ofmr0eI27wmDHK_Q4-hY7eefLlBYT7YJt1vuSQmM3EIPeHTlB6XHvuox-_g-RvA8rw6EJekStQqxxbhlMmqrPP4pXtRdyP-iDo8-JqEUTWHF4_AtBuOZnkuWss0MAOyXUyCX6-F0R0UkJXY2GxCmd4cgZTxMkpFggJBtLcsoYnFUT09jz_iozo-KQyngLHYY3YzxwaLaTeJpJ5Yil2SpKZfNdoXtdmR27tb3d4A_0gmtyQjvjObwu354nlO_Pfl9t6rXDnHuEiBlXx8QvImI8Abs81eokHCzR9pgamPg-HF-2GBWbctKJm89I9DwEav2axQmLiqOTt9GkTDXa23yh6yarXbG_xesmA5AWF310x1W4wKmMhkKry9B3zRSOSz3MsfhCM3wStN3hx0L-yCr8p2tSum4veSQjS-M5bpC71RhCy7wamWipccQFWjLnFFzGaawyjZKH7lE0rP3yrwMDiaN8mllG6AkdR3saqyko435Hna3SvMUuSxa-8OCNF1cd9ifhczdZgx0koH994aHz8M-SN2uWDKrHfqWNzqkXD-QZYV5RiOYKlhPh3v4eNbo1IpuxEEc Requested by Host: 06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com URL: https://06dcf82e0f438ec20fad169eb01785a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 22 Jan 2022 01:12:08 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		view.aspx pb.media01.eu/ Frame 04F1 Redirect Chain https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=23135900016096500710616011847029&t=htlp https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=23135900016096500710616011847029&actionid=879111&produktid=ratenkredit&dt_url=	0 0
GET		link.html track.webgains.com/ Frame 3F72	0 0
GET		native.png ad-server.eu/wm/pb/ Frame 3F72 Redirect Chain https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=23135900016096500710616011847029 https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=23135900016096500710616011847029 https://ad-server.eu/wm/pb/native.png	0 0
GET		cshow.php www.awin1.com/ Frame 3F72	0 0
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	25ms 25ms	Script application/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=coinbase.in.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 22 Jan 2022 01:12:09 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	23ms 23ms	Script application/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=coinbase.in.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 22 Jan 2022 01:12:09 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
POST		check coinbase.in.w3snoop.com/permissions/	0 0
POST		check coinbase.in.w3snoop.com/search/	0 0
GET		attention.png w3snoop.com/images/icons/	0 0
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	94ms 30ms	Preflight application/json	2a02:2638::1c
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&domain=coinbase.in.w3snoop.com&cw=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::1c -, , ASN (), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin http://coinbase.in.w3snoop.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 access-control-allow-origin http://coinbase.in.w3snoop.com access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1657 date Sat, 22 Jan 2022 01:12:08 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip vary Accept-Encoding
GET		json gum.criteo.com/sid/	0 0
POST H/1.1	200	457.json Show response id5-sync.com/g/v2/	213 B 540 B	17ms 17ms	XHR application/json	51.89.21.10 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/457.json Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.89.21.10 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS p24.id5-sync.com Software / Resource Hash 5d45adbd73a2f18174b7ea8f978b1185af70251b17e156855d3182dcd21bd34d Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin http://coinbase.in.w3snoop.com Date Sat, 22 Jan 2022 01:12:08 GMT Access-Control-Allow-Credentials true Vary Origin Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains; preload Content-Type application/json;charset=UTF-8
GET H2	200	/ Show response id.a-mx.com/sync/	122 B 710 B	104ms 54ms	XHR application/json	2606:4700:3031::6815:29fd
General Check archive.org Show headers Download Go to Full URL https://id.a-mx.com/sync/?tagId=&ref=http://coinbase.in.w3snoop.com/&u=http://coinbase.in.w3snoop.com/&v=6.0.0&vg=epbjs&us_privacy=null&gdpr=0&gdpr_consent= Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:29fd -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 1f5fcf1a55c213cfc07af924c7cf148055cb8ff625b2afc244a10c77ed248ef2 Request headers Referer http://coinbase.in.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers date Sat, 22 Jan 2022 01:12:09 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8isn31qdo2LNR%2BaUw%2BFeJ0vXK85Mpwc4TrYbuV%2FoiQDveq6n7Q8dGzcXK34OdfGsC7Q2K4tXvHev9fPUgMmukT2aAtuFwa2yVbc%2FlIsozrKR7fQKjB18m%2FKb7AuDt8cXu7Mc7sWP0XT1vQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control private,max-age=3600 access-control-allow-credentials true cf-ray 6d14e991faed7057-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	204 No Content	beacon ap.lijit.com/ Frame 5D7F	0 0	22ms 21ms	Document text/plain	216.52.2.19 AS-INAPCDN-OCY
General Check archive.org Show headers Download Go to Full URL https://ap.lijit.com/beacon?informer=8711458 Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US), Reverse DNS Software nginx / raptor Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ Response headers Server nginx Date Sat, 22 Jan 2022 01:12:09 GMT Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 Pragma no-cache Expires Fri, 20 Mar 2009 00:00:00 GMT P3P CP="CUR ADM OUR NOR STA NID" X-Powered-By raptor X-Sovrn-Pod ad_ap4ams1
GET H/1.1	200 OK	ixmatch.html Show response js-sec.indexww.com/um/ Frame 7484	2 KB 1 KB	69ms 20ms	Document text/html	2.18.234.21
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/um/ixmatch.html Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 -, , ASN (), Reverse DNS Software Apache / Resource Hash 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ Response headers Server Apache Last-Modified Thu, 11 Feb 2021 16:12:45 GMT ETag "e20015-90b-5bb11ca420f07" Accept-Ranges bytes P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Content-Encoding gzip Content-Length 1151 Date Sat, 22 Jan 2022 01:12:09 GMT Connection keep-alive
GET H2	200	/ Show response onetag-sys.com/usync/ Frame F920	2 KB 814 B	17ms 15ms	Document text/html	51.38.120.206 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?cb=1642813923234 Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.38.120.206 , France, ASN16276 (OVH, FR), Reverse DNS ip206.ip-51-38-120.eu Software / Resource Hash 37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ Response headers content-type text/html cache-control no-transform, no-cache content-encoding gzip content-length 731 strict-transport-security max-age=15552000
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame A186	14 KB 5 KB	67ms 23ms	Document text/html	2.21.141.175
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983 Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.21.141.175 -, , ASN (), Reverse DNS Software Apache/2.2.15 (CentOS) / Resource Hash 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ Response headers last-modified Tue, 15 Jun 2021 06:08:03 GMT etag "1300708-3945-5c4c7cc02bd56" server Apache/2.2.15 (CentOS) accept-ranges bytes content-encoding gzip p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 5054 content-type text/html; charset=UTF-8 cache-control max-age=96472 expires Sun, 23 Jan 2022 04:00:01 GMT date Sat, 22 Jan 2022 01:12:09 GMT vary Accept-Encoding
GET H2	200	/ Show response csync.smilewanted.com/ Frame 52BA	6 KB 2 KB	45ms 37ms	Document text/html	104.22.69.131 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://csync.smilewanted.com/ Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3f74bcdd8682ee845b1b8e2f18241792c5d53d95cf4e34b3e27b7f2ac96ae9a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ Response headers date Sat, 22 Jan 2022 01:12:09 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding access-control-allow-credentials true access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6d14e991babc4309-FRA content-encoding gzip
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 3153	281 B 554 B	66ms 24ms	Document text/html	23.79.143.124
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html Requested by Host: go.ezodn.com URL: http://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,rubicon,sharethrough,smilewanted,sovrn,yahoossp,yieldmo&cb=195-7-33 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.79.143.124 -, , ASN (), Reverse DNS Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://coinbase.in.w3snoop.com/ Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 14 Dec 2021 23:07:59 GMT ETag "402b2-119-5d32342a551c0" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Sat, 22 Jan 2022 01:12:09 GMT Connection keep-alive Vary Accept-Encoding
GET		ads securepubads.g.doubleclick.net/gampad/	0 0
GET H2	200	decode_consent.js Show response static.smilewanted.com/js/decode_consent/ Frame 52BA	48 KB 12 KB	49ms 39ms	Script application/javascript	104.22.69.131 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.smilewanted.com/js/decode_consent/decode_consent.js Requested by Host: csync.smilewanted.com URL: https://csync.smilewanted.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://csync.smilewanted.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:09 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 317607 vary Accept-Encoding x-xss-protection 1; mode=block referrer-policy strict-origin last-modified Thu, 15 Apr 2021 17:11:55 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"607873db-c1ce" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript cache-control max-age=315360000 cf-ray 6d14e9922b7b4309-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 3153	32 KB 10 KB	16ms 16ms	Script text/html	23.79.143.124
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.79.143.124 -, , ASN (), Reverse DNS Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 88fc98437230e70daa16917c0885ee963bbb1657e1bc4770ecbca21124fdd061 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/usync.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 22 Jan 2022 01:12:09 GMT Content-Encoding gzip Last-Modified Wed, 15 Dec 2021 23:04:16 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=20467 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9704 Expires Sat, 22 Jan 2022 06:53:16 GMT
GET H2	200	PugMaster image6.pubmatic.com/AdServer/ Frame A186	5 KB 6 KB	63ms 21ms	Script text/html	198.47.127.19
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=805235&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.47.127.19 -, , ASN (), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 22 Jan 2022 01:12:09 GMT content-type text/html; charset=UTF-8 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET		usermatch ssum-sec.casalemedia.com/ Frame 167F	0 0
GET H2	200	drop_cookie_sw.php csync.smilewanted.com/ Frame EB91	0 0	32ms 32ms	Document text/html	104.22.69.131 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://csync.smilewanted.com/drop_cookie_sw.php Requested by Host: csync.smilewanted.com URL: https://csync.smilewanted.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://csync.smilewanted.com/ Response headers date Sat, 22 Jan 2022 01:12:09 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding access-control-allow-credentials true access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6d14e9927bfe4309-FRA content-encoding gzip
GET		setuid ib.adnxs.com/prebid/ Frame D545 Redirect Chain https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%... https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=d5aa0e1cb2521ea4c1ba15458683c951	0 0
GET		match c1.adform.net/serving/cookie/ Frame 024E	0 0
GET		pubmatic d5p.de17a.com/getuid/ Frame A639	0 0
GET		img sync.mathtag.com/sync/ Frame 617F	0 0
GET		usersync.aspx dis.criteo.com/dis/ Frame 327B	0 0
GET		/ dsp.adfarm1.adition.com/cookie/ Frame DBC9	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

hbopenbid.pubmatic.com

URL

https://hbopenbid.pubmatic.com/translator?source=prebid-client

Domain

tpc.googlesyndication.com

URL

https://tpc.googlesyndication.com/generate_204?4WY4fg

Domain

pb.media01.eu

URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=23135900016096500710616011847029&actionid=879111&produktid=ratenkredit&dt_url=

Domain

track.webgains.com

URL

https://track.webgains.com/link.html?wglinkid=723181&wgcampaignid=99582&js=1&nw=1&clickref=23135900016096500710616011847029&viewref=23135900016096500710616011847029

Domain

ad-server.eu

URL

https://ad-server.eu/wm/pb/native.png

Domain

www.awin1.com

URL

https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=23135900016096500710616011847029&pv=1

Domain

coinbase.in.w3snoop.com

URL

http://coinbase.in.w3snoop.com/permissions/check?type=all

Domain

coinbase.in.w3snoop.com

URL

http://coinbase.in.w3snoop.com/search/check?url=http:%2F%2Fcoinbase.in.w3snoop.com%2F

Domain

w3snoop.com

URL

https://w3snoop.com/images/icons/attention.png

Domain

gum.criteo.com

URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&domain=coinbase.in.w3snoop.com&cw=1&lsw=1

Domain

securepubads.g.doubleclick.net

URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3803005523543764&correlator=1110618956833048&output=ldjh&impl=fifs&vrg=2022011408&ptt=17&sc=0&sfv=1-0-38&ecs=20220122&iu_parts=1254144%3A15511903%2Cw3snoop_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=a%3D%257C2%257C%26iid1%3D8536823487622744%26eid%3D8536823487622744%26t%3D134%26d%3D86868%26t1%3D134%26pvc%3D0%26ap%3D1130%26sap%3D1130%26as%3Drevenue%26plat%3D1%26bra%3Dmod96%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dw3snoop_com-box-1-8536823487622744%26eb_br%3Da835e008e248a793da87524a4919f755%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D8925457851%26bv%3D0%26bvm%3D4%26bvr%3D4%26shp%3D1%26br1%3D2300%26br2%3D350%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C168%2C0%2C67%2C0%2C193%2C20%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C992%2C996%2C774%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&cookie=ID%3D0691e5ac56906254%3AT%3D1642813923%3AS%3DALNI_Mbj-jnBG58jo91ABCM3_fgiS4euNQ&bc=23&abxe=1&dt=1642813929221&lmt=1642813929&dlt=1642813922259&idt=1027&frm=20&biw=1600&bih=1200&oid=2&adxs=336&adys=482&adks=1565097542&ucis=6&ifi=17&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcoinbase.in.w3snoop.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=309x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1640558168.1642813923&ga_sid=1642813924&ga_hid=909859898&ga_fc=true&fws=0&ohw=0&btvi=0&nvt=1

Domain

ssum-sec.casalemedia.com

URL

https://ssum-sec.casalemedia.com/usermatch?d=http://coinbase.in.w3snoop.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Domain

ib.adnxs.com

URL

https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=d5aa0e1cb2521ea4c1ba15458683c951

Domain

c1.adform.net

URL

https://c1.adform.net/serving/cookie/match?party=14&cid=D18DD246-AE0D-43FB-AEC5-62C72123CB78

Domain

d5p.de17a.com

URL

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID

Domain

sync.mathtag.com

URL

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D

Domain

dis.criteo.com

URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Domain

dsp.adfarm1.adition.com

URL

https://dsp.adfarm1.adition.com/cookie/?ssp=9