urlscan.io logo urlscan.io
SecurityTrails logo

ibyt.in Open in urlscan Pro
2606:4700:3032::ac43:8ad7  Public Scan

Go To Rescan Add Verdict Report
URL: https://ibyt.in/
Submission: On November 26 via api from DO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 61 IPs in 12 countries across 53 domains to perform 238 HTTP transactions. The main IP is 2606:4700:3032::ac43:8ad7, located in United States and belongs to CLOUDFLARENET, US. The main domain is ibyt.in.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 10th 2022. Valid for: a year.
This is the only time ibyt.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 10 2a02:2638:1::13 44788 (ASN-CRITE...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
7 178.250.0.157 44788 (ASN-CRITE...)
3 162.19.138.119 16276 (OVH)
2 2 23.7.155.102 16625 (AKAMAI-AS)
4 23.203.77.3 16625 (AKAMAI-AS)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
2 185.184.8.90 204995 (RTB-HOUSE...)
3 10 185.89.210.141 29990 (ASN-APPNEX)
5 35.244.159.8 15169 (GOOGLE)
5 104.18.33.19 13335 (CLOUDFLAR...)
2 2a02:2638:1::1a 44788 (ASN-CRITE...)
1 35.156.45.230 16509 (AMAZON-02)
1 147.75.85.234 54825 (PACKET)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 37.157.6.253 198622 (ADFORM)
1 37.157.6.252 198622 (ADFORM)
2 2 172.64.154.237 13335 (CLOUDFLAR...)
1 52.34.9.17 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
5 2a02:2638:1::3 44788 (ASN-CRITE...)
1 65.9.66.122 16509 (AMAZON-02)
1 18.190.65.196 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
4 69.173.144.138 26667 (RUBICONPR...)
1 3.248.128.187 16509 (AMAZON-02)
2 35.190.39.111 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 3.71.169.66 16509 (AMAZON-02)
21 2a00:1450:400... 15169 (GOOGLE)
2 3 52.94.223.167 16509 (AMAZON-02)
3 7 69.173.144.139 26667 (RUBICONPR...)
3 35.71.131.137 16509 (AMAZON-02)
2 4 52.46.130.91 16509 (AMAZON-02)
1 1 185.183.112.155 60350 (VP)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 159.65.196.12 14061 (DIGITALOC...)
14 2a00:1450:400... 15169 (GOOGLE)
2 159.89.25.223 14061 (DIGITALOC...)
4 2a00:1450:400... 15169 (GOOGLE)
4 12 142.250.184.194 15169 (GOOGLE)
1 11 185.80.39.216 27381 (CASALE-MEDIA)
15 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.98 15169 (GOOGLE)
2 2 37.157.4.25 198622 (ADFORM)
1 1 2600:9000:205... 16509 (AMAZON-02)
1 52.193.245.250 16509 (AMAZON-02)
1 1 35.205.207.25 396982 (GOOGLE-CL...)
2 2 64.74.236.95 22075 (AS-OUTBRAIN)
1 1 35.208.249.213 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 172.64.151.162 13335 (CLOUDFLAR...)
2 151.101.129.108 54113 (FASTLY)
1 104.17.119.107 13335 (CLOUDFLAR...)
3 2a05:d018:d29... 16509 (AMAZON-02)
2 2 18.195.166.51 16509 (AMAZON-02)
1 1 141.226.228.48 200478 (TABOOLA-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 18.156.0.31 16509 (AMAZON-02)
1 1 185.89.210.20 29990 (ASN-APPNEX)
2 2 54.171.40.8 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (AMOBEE)
2 2 151.101.130.49 54113 (FASTLY)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 1 35.204.158.49 396982 (GOOGLE-CL...)
238 61
24    2606:4700:3032::ac43:8ad7 (United States)

ASN13335 (CLOUDFLARENET, US)
ibyt.in
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
13    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.ergadx.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
5    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2606:4700::6812:1e31 (United States)

ASN13335 (CLOUDFLARENET, US)
stpd.cloud
1    2606:4700:20::ac43:4651 (United States)

ASN13335 (CLOUDFLARENET, US)
cjss.enewspapr.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
955bc6770b566863296c9107f6efce14.safeframe.googlesyndication.com
90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com
8354d67ddbda37655270b91d1029e89d.safeframe.googlesyndication.com
10    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
7    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
2    23.7.155.102 (Bogotá, Colombia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-155-102.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.203.77.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-77-3.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
7    2606:4700:20::681a:9b2 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid-stag.setupad.net
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
10    185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
setupad-d.openx.net
google-bidout-d.openx.net
u.openx.net
5    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
2    2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    35.156.45.230 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-45-230.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
adx.adform.net
1    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
cm.adform.net
2    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
1    52.34.9.17 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-9-17.us-west-2.compute.amazonaws.com
id.sharedid.org
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
5    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    18.190.65.196 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-190-65-196.us-east-2.compute.amazonaws.com
prod.uidapi.com
4    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-eu.rubiconproject.com
1    3.248.128.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-128-187.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
1    3.71.169.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
21    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    52.94.223.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
7    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
4    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    85.114.159.118 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
14    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
node.setupad.com
4    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
12    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
11    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
15    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads4.g.doubleclick.net
2    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    2600:9000:2057:8a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    52.193.245.250 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-245-250.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
1    35.205.207.25 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com
ads.avads.net
2    64.74.236.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    104.17.119.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
3    2a05:d018:d29:3601:aea4:a386:c0ef:3243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    18.195.166.51 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-166-51.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
1    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
2    54.171.40.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-40-8.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
Apex Domain
Subdomains		 Transfer
40 googlesyndication.com
955bc6770b566863296c9107f6efce14.safeframe.googlesyndication.com
90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com
8354d67ddbda37655270b91d1029e89d.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
tpc.googlesyndication.com — Cisco Umbrella Rank: 182
218 KB
31 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 248
pubads.g.doubleclick.net — Cisco Umbrella Rank: 421
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
cm.g.doubleclick.net — Cisco Umbrella Rank: 271
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 356
512 KB
24 ibyt.in
ibyt.in
312 KB
19 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 434
mug.criteo.com — Cisco Umbrella Rank: 1897
bidder.criteo.com — Cisco Umbrella Rank: 814
25 KB
18 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 689
ssum.casalemedia.com — Cisco Umbrella Rank: 1863
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 705
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 562
14 KB
17 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1243
eus.rubiconproject.com — Cisco Umbrella Rank: 735
token.rubiconproject.com — Cisco Umbrella Rank: 732
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2574
pixel.rubiconproject.com — Cisco Umbrella Rank: 411
25 KB
15 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 332
76 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 276
acdn.adnxs.com — Cisco Umbrella Rank: 764
secure.adnxs.com — Cisco Umbrella Rank: 577
55 KB
7 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 914
s.amazon-adsystem.com — Cisco Umbrella Rank: 396
5 KB
7 openx.net
setupad-d.openx.net — Cisco Umbrella Rank: 52069
oajs.openx.net — Cisco Umbrella Rank: 3247
google-bidout-d.openx.net — Cisco Umbrella Rank: 3181
u.openx.net — Cisco Umbrella Rank: 978
1 KB
7 setupad.net
prebid-stag.setupad.net — Cisco Umbrella Rank: 43188
6 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 121
www.google.com — Cisco Umbrella Rank: 16
3 KB
5 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 576
ups.analytics.yahoo.com — Cisco Umbrella Rank: 373
2 KB
5 criteo.net
static.criteo.net — Cisco Umbrella Rank: 590
129 KB
5 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2541
mp.4dex.io — Cisco Umbrella Rank: 2780
48 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 219
175 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 888
cdn.indexww.com — Cisco Umbrella Rank: 2113
3 KB
4 adform.net
adx.adform.net — Cisco Umbrella Rank: 3009
cm.adform.net — Cisco Umbrella Rank: 1638
c1.adform.net — Cisco Umbrella Rank: 865
3 KB
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 554
cdn.id5-sync.com — Cisco Umbrella Rank: 1318
19 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 454
793 B
3 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5233
invstatic101.creativecdn.com — Cisco Umbrella Rank: 6240
2 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 5200
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 876
633 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 690
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1118
1 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 739
1 KB
2 setupad.com
node.setupad.com — Cisco Umbrella Rank: 44007
417 B
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 6931
238 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1438
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1200
10 KB
2 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 4842
cs.emxdgt.com — Cisco Umbrella Rank: 1375
153 B
2 stpd.cloud
stpd.cloud — Cisco Umbrella Rank: 45940
283 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1152
626 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 14654
269 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 1083
425 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 5765
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1307
178 B
1 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 5513
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 300
23 KB
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1676
450 B
1 avads.net
ads.avads.net — Cisco Umbrella Rank: 16027
439 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 3863
44 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 862
440 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2942
515 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1886
471 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1697
281 B
1 uidapi.com
prod.uidapi.com — Cisco Umbrella Rank: 3379
3 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 3470
8 KB
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 3158
904 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1193
164 B
1 enewspapr.com
cjss.enewspapr.com — Cisco Umbrella Rank: 962487
86 KB
1 gstatic.com
fonts.gstatic.com
36 KB
1 ergadx.com
cdn.ergadx.com — Cisco Umbrella Rank: 269927
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
1 KB
238 53
Domain Requested by
24 ibyt.in ibyt.in
21 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
www.googletagservices.com
15 s0.2mdn.net ibyt.in
s0.2mdn.net
14 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com
s0.2mdn.net
13 securepubads.g.doubleclick.net ibyt.in
securepubads.g.doubleclick.net
www.googletagservices.com
12 cm.g.doubleclick.net 4 redirects googleads.g.doubleclick.net
90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com
11 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
10 ib.adnxs.com 3 redirects stpd.cloud
googleads.g.doubleclick.net
acdn.adnxs.com
10 gum.criteo.com 5 redirects static.criteo.net
7 pixel.rubiconproject.com 3 redirects ibyt.in
7 prebid-stag.setupad.net stpd.cloud
ibyt.in
7 mug.criteo.com ibyt.in
5 static.criteo.net securepubads.g.doubleclick.net
stpd.cloud
static.criteo.net
5 www.googletagservices.com cdn.ergadx.com
ibyt.in
securepubads.g.doubleclick.net
90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com
4 www.google.com tpc.googlesyndication.com
90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 eus.rubiconproject.com ibyt.in
eus.rubiconproject.com
4 script.4dex.io stpd.cloud
script.4dex.io
3 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
3 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
3 match.adsrvr.org ibyt.in
ssum-sec.casalemedia.com
3 aax-eu.amazon-adsystem.com 2 redirects
3 token.rubiconproject.com eus.rubiconproject.com
ibyt.in
3 id5-sync.com stpd.cloud
cdn.id5-sync.com
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
2 sync-tm.everesttech.net 2 redirects
2 match.prod.bidr.io 2 redirects
2 cdn.indexww.com ssum-sec.casalemedia.com
2 ups.analytics.yahoo.com 2 redirects
2 pm.w55c.net 2 redirects
2 acdn.adnxs.com stpd.cloud
2 u.openx.net stpd.cloud
2 js-sec.indexww.com stpd.cloud
2 b1sync.zemanta.com 2 redirects
2 c1.adform.net 2 redirects
2 googleads4.g.doubleclick.net ibyt.in
2 googleads.g.doubleclick.net 90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com
ibyt.in
2 node.setupad.com ibyt.in
2 oajs.openx.net 1 redirects ibyt.in
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 ssum.casalemedia.com 2 redirects
2 bidder.criteo.com stpd.cloud
2 htlb.casalemedia.com stpd.cloud
2 setupad-d.openx.net stpd.cloud
2 prebid-eu.creativecdn.com stpd.cloud
2 secure-assets.rubiconproject.com 2 redirects
2 955bc6770b566863296c9107f6efce14.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 stpd.cloud ibyt.in
2 pubads.g.doubleclick.net ibyt.in
1 um.simpli.fi 1 redirects
1 euexchangesync.digitaleast.mobi 1 redirects
1 ad.turn.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 sync.taboola.com 1 redirects
1 biddr.brealtime.com stpd.cloud
1 cdnjs.cloudflare.com s0.2mdn.net
1 trace.mediago.io 1 redirects
1 ads.avads.net 1 redirects
1 cc.adingo.jp 90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com
1 s.ad.smaato.net 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 match.adsby.bidtheatre.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 sync.adotmob.com 1 redirects
1 cs.emxdgt.com stpd.cloud
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 8354d67ddbda37655270b91d1029e89d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 id.sharedid.org securepubads.g.doubleclick.net
1 cm.adform.net ibyt.in
1 adx.adform.net stpd.cloud
1 mp.4dex.io stpd.cloud
1 prebid.a-mo.net stpd.cloud
1 hb.emxdgt.com stpd.cloud
1 cjss.enewspapr.com cdn.ergadx.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.ergadx.com ibyt.in
1 fonts.googleapis.com ibyt.in
238 86

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-10 -
2023-03-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.stpd.cloud
E1		 2022-10-28 -
2023-01-26		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
id.sharedid.org
Amazon		 2022-11-08 -
2023-12-07		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2022-10-06 -
2023-01-04		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2022-11-02 -
2023-01-31		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.uidapi.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2022-11-23 -
2023-02-21		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
node.setupad.com
R3		 2022-10-29 -
2023-01-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-06 -
2023-04-14		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh

This page contains 37 frames:

Primary Page: https://ibyt.in/
Frame ID: 7AEF5CACD4625E39753F174318259034
Requests: 49 HTTP requests in this frame

Frame: https://ibyt.in/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1669464000
Frame ID: AB8102485F754E584D5BE9CCE98D5F9B
Requests: 3 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: B2D82C78BF080D4602A66FF14CAFA001
Requests: 30 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: 029038F5197BE13B57F13D77E8228782
Requests: 26 HTTP requests in this frame

Frame: https://955bc6770b566863296c9107f6efce14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E48BE07C89D537806ECDF9937CC6541E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: B969A829F833B6FDCF9BB2538080D9EA
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 352B8A95BCEA1161E83C4A4D7FB541FE
Requests: 12 HTTP requests in this frame

Frame: https://955bc6770b566863296c9107f6efce14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 75625DE614CC5F37F66B1A51CEBCF5AD
Requests: 1 HTTP requests in this frame

Frame: https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: E53DCF1854112672829B1D50F8017DD6
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibyt.in
Frame ID: 32597678178AB822F5C65F72700A373A
Requests: 2 HTTP requests in this frame

Frame: https://8354d67ddbda37655270b91d1029e89d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 588CFCBDAD48AEDC856EE378D29F3D4B
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Frame ID: FDBE2B9164B55AA1E17042775AAA7C7A
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 34DA89522A8B5EA9E410A1B884F8E157
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_vTjx5D1jqK5yIJkr5rbI22Fmh99wSbtab9Q-YGvshdEjxStnjwE6SI06PYNgPUFT70XgnCkHjiotQrNXB_nB6qDtPP0anNvvamPX9-Ny5zn4-lmJcNv64rAIwcL6dKS1gPrH_kFeVm-O8cM4ED3kllJTZrvKfwnvC5GoeB_tYtA0FyjGkR16-z-zWQP5vLM3qBO2bc0k-xQuIH4g-HdLhShkkixNMIxcrT7s7LI7GvWLkj5Z8JpDKKV_yZLGVP-mtSaNocQHaoOzgDnnB-NMRw0Jo47FSCF7t_Zmyd0qpV4vw_09IG13vGhok-5X6L6QJCXVb3KxSfVr&sai=AMfl-YQQ0JtoNrtoeT2l7p-Y0bhUaa7dzouXSrwdAQVV1pNIouznv7PeoHQjwgAeqIY3TC9TYEzfVCG8Ki8Ar5M0-GnGkejIDCpfAbWmlAVilRUshG1ACoUCIelmhJRgQa-VIg&sig=Cg0ArKJSzFByhzJ0JIOcEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B36E43A008D5BD033ABD577CE914BCAC
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F65BD91A3B02D990DEBCD9B3C71F3E28
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9B2114E511B73339D3296BC1E35326B0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B7079A60395C125AA80B777379A3AE1D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 467D7987835DDA6EFB33B6EC0C116C16
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4A42D6729A996AF9765C9B9FCA06729C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 12A1350235DED7C0CFACD408C28A862F
Requests: 2 HTTP requests in this frame

Frame: https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 826C0E39C1359A1AFE6DAAF3F53E0B32
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhiM59DZATAB&v=APEucNVvjGyMRIcF1m4ptZ-FDQLj3YIzhfISj_t9HG04BGdFYevDTFcDTO8c5GzajjnGyqMa0M0iQ4CMfjlv1N5_AGcI03m-6EGOv7HSRd7gzEI6GNvW3WGmyKocnXao0lHRF4EXbm4n9xpP3UtwSKaRnthyIjHKg63gm1jX-G2GscMmRiNGsVcGAVuMk6-dkGR5t7_jX5r-dZ9dotgkOc3CnjIC2J-EYg
Frame ID: 1FB7AAADBC1652EE2FA5B7333A3B87FF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5611F1BDFE5DEAD2014CBD4FCDF2DBBB
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 691C9FCDBD94840EB1A6E2D256509FA5
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
Frame ID: 3E0C7908EDF5E2202F86F084330EBD72
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Frame ID: B96870598457DBEC004A79FF63B7868A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ibyt.in
Frame ID: 897621B5082117BEF6B0619212B5E81D
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ibyt.in
Frame ID: A29C55348C056A9D7F8CF7B3B66143B4
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: B618B9D5F1F8AA27DFB0DB2274A7C846
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 620E7B09FEEA9A35177B1DEB9EBC38E6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F6026DFD7371418F6888E7193BF3474E
Requests: 3 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: B9460E7BFC01541C515DA02730491491
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 8BAD773639758E249934272C640CE82E
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EC28297BF7F0D66E80FCF829AC3B5CE1
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 8B7719693F6DF2F6C680DFFA43932E2D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 100041A6C4CCD1992BA171CEF8E63BC9
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 4FC188F266A4F53A04928C69FEA9349B
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

IBYT.IN – TECH AND CRICKET WORLD

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

238
Requests

86 %
HTTPS

37 %
IPv6

53
Domains

86
Subdomains

61
IPs

12
Countries

2080 kB
Transfer

5540 kB
Size

38
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fibyt.in%2F&domain=ibyt.in&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=skEFg3xLK2RpSGF1cnY2VVlramlNRmp2U0dJeklnNnEzTFJ2UWU1NTJCR3RlNHdkOGRVbWVkQ0IrQmN4anFsb3lXVGNzcnFHeUg0K3d4SnYwUDhEMkdSbWwwQThRM2FhMHNGcDZodEhnbWxsNmIrVys1RE1KczhRMzd2L3oxM2NCOUVPekhuQWVRQW5nRGJuOEwxeXRrQU9OV3lLMG9TZEFmNjhxMlhnMFJ2OWJaY2JQRVY0MWx4cGVta2hBWlRuczZBVGJHMzA5NkN0b01VOHZGUUtUV3I0Vy9mOGhNVzNQUG1kVlNGT25qbVFjMjc4PXw&cppv=2
Request Chain 44
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 47
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fibyt.in%2F&domain=ibyt.in&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=p9SHYXxzcHhiZnhIenBjbVJXOTJkK0xXcGN6QTdEYkQyTlRXNy9TSTVlalJOc3FsOG85Q1ZrUHZVMHN3OWs3YVBjTTR4RDhzMDdRWmZnTUZySll2c1c2UlNMaG9JSXM1M0l3SXpPRWZnMnNua1V0YytNSXZkL2o3RHExVEhiVXh6ZGZJYmhwc2VQZ2pDOGxLMWNiUE0zdC9vNHNXWEdkdlNYQmdubFlpaWVGK0ZyUTA2M29RMTdiNU1tZGJ3NTltYWNGUVN6V3R6YTZXcjV2MGpkajhXN1hSRXlmMm13OE5CRHFEMVFuZS8wN2ZEVkl3PXw&cppv=2
Request Chain 50
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 77
  • https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D&gdpr=&gdpr_consent=&s=194962&us_privacy=&C=1 HTTP 302
  • https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=Y4IC74CYDYWqBhvvNmCcvQAA%265134
Request Chain 96
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=2849534791382142345
Request Chain 100
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fibyt.in%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fibyt.in%2F&rid=esp&cc=1
Request Chain 107
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=ibyt.in&sn=ChromeSyncframe&so=3&topUrl=ibyt.in&bundle=SRl97F9rajRHZ0pERkl0RTRWbXQ3aUVaZ3dqb3JERmYxeFp0UGk2bCUyQnJyNnhqdGdmbThXbW56Yk1YWHpCVXI3dWhQbkt6WFJDRFJ5UVlzNmRSN1JFV0FydFFIa2lVOSUyQk42akl2YmhEaGpvT0glMkJwNCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=3AHEf3xEK2hnMnVuWWg4NWRyWDMxUlRVSDVoZjdwMVpsWnJPdHYyL2pOeFR5OTZPRmlUT2R6VFI1ckR1dzlTVGxtY3ZrcjA2SzE3dUZDWS9OU0RsNlI3cUsxL21vcG9LVEU3VVlsN1daT3Zkc3lwL3lxcHRGcHI1dXA5YUltb2I5RVBRc1Z4dk9PSm11WXo4T0tQV0FoczRwQmNCNG9PTUhaY2VTNXcvbnRueU5BVnpObzZsMjVnZW1XbXprbHN3UWppenhhY2JXWUt5RUhocUZ5Qi9IaTdUczV5RnJqMXlyVWdDWGlPSHplK0FSUkR5VS9Qa0xpbE0zQ1d0bld5am1qNmhQM21YOUtSSkFrL2paa0V6dThUWnlSVGNqVko4VDZmMjk0dElEcVU2QWRPOD18&cppv=2
Request Chain 110
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=2849534791382142345
Request Chain 112
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=j13Rbnf6SieqQgjSSo-Nfw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=j13Rbnf6SieqQgjSSo-Nfw
Request Chain 114
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ocDgxT2eT36pjqGobwe2iw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ocDgxT2eT36pjqGobwe2iw
Request Chain 116
  • https://sync.adotmob.com/cookie/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=123034&nid=3956&put=%7Bamob_user_id%7D&expires=1
Request Chain 117
  • https://dsp.adfarm1.adition.com/cookie/?ssp=7 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7170296786547177618&expires=730
Request Chain 119
  • https://match.adsby.bidtheatre.com/rubiconmatch HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=ff7276e4-19e5-421f-97a7-2ee381b3b73c
Request Chain 154
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWg-Qf7HpfDMFMmoWR52T4&google_cver=1
Request Chain 155
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4IC74CYDYWqBhvvNmCcvQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWg-Qf7HpfDMFMmoWR52T4&google_cver=1
Request Chain 156
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEB11I-nesOh8ww2iMJ1ql1w&google_cver=1
Request Chain 157
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjg0OTUzNDc5MTM4MjE0MjM0NQ%3D%3D
Request Chain 167
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELM3wHqCe7jPXs5xUilV2hY&google_cver=1&google_push=ASkJ3FbSXo5pJDgUmu-FfflfjwG2pMki2_FjKcbOw6YUuCHfaAg4vtWTOUsQIzv5HawU9LA0pGz6LeZYvwdZoB9ZjbXWMqqxJA HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELM3wHqCe7jPXs5xUilV2hY&google_cver=1&google_push=ASkJ3FbSXo5pJDgUmu-FfflfjwG2pMki2_FjKcbOw6YUuCHfaAg4vtWTOUsQIzv5HawU9LA0pGz6LeZYvwdZoB9ZjbXWMqqxJA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM2NzkzNjk1MTA2OTcxNDk0OA&google_push=ASkJ3FbSXo5pJDgUmu-FfflfjwG2pMki2_FjKcbOw6YUuCHfaAg4vtWTOUsQIzv5HawU9LA0pGz6LeZYvwdZoB9ZjbXWMqqxJA
Request Chain 168
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPPswNaFmLEuQS16NDWBT5g&google_cver=1&google_push=ASkJ3FakeLgm88Ib2_Y4ulVo_bRTcsqLBKlpAKQodN9voVpbuIlEVczf2-0WC58DrzPwf1mX_19PQn-BrrfAlJFNFvioIzxSzg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFYVzhYRlQtNi05MTcx&google_push=ASkJ3FakeLgm88Ib2_Y4ulVo_bRTcsqLBKlpAKQodN9voVpbuIlEVczf2-0WC58DrzPwf1mX_19PQn-BrrfAlJFNFvioIzxSzg
Request Chain 169
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELRrCEOHMeFQPhX0K33PqRw&google_cver=1&google_push=ASkJ3FY_atm1fNKQKUbstGcGFr8ZQKD6pB5c2LFtfeNk4IJyIS5lf8-wYMIqiIoQe_qGkBcZKCw_1Pb9BLcTcSPHqKYCWNclfos HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FY_atm1fNKQKUbstGcGFr8ZQKD6pB5c2LFtfeNk4IJyIS5lf8-wYMIqiIoQe_qGkBcZKCw_1Pb9BLcTcSPHqKYCWNclfos
Request Chain 171
  • https://ads.avads.net/sync/ggl?google_gid=CAESEFOIzlcy096XuqogqxOsPYs&google_cver=1&google_push=ASkJ3Fb-wzPJONSo7nMl-NCGbzQ--C2YWsoC444adkOxm8XAEuU7z79KdyXDSI0wcLMqYYoBZC0dP_oVjnbKi60rNGJcluLh-Mba HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NThlNGE2YjAtOTBmMi00ZDlhLWE2NGYtNTJlYzQyY2U2OWU2&google_push=ASkJ3Fb-wzPJONSo7nMl-NCGbzQ--C2YWsoC444adkOxm8XAEuU7z79KdyXDSI0wcLMqYYoBZC0dP_oVjnbKi60rNGJcluLh-Mba
Request Chain 172
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEKtBwfuJn_ggojnAYYEn_ac&google_cver=1&google_push=ASkJ3FaV851dtO8hWGxIKNvwV2-hhYxH4wW_4TdrDULC71G72uhzfKBZ9xq2kYzJCqYwHXVbPGy1qqCxcokHDAJAx80CAODX5qI HTTP 302
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEKtBwfuJn_ggojnAYYEn_ac&google_push=ASkJ3FaV851dtO8hWGxIKNvwV2-hhYxH4wW_4TdrDULC71G72uhzfKBZ9xq2kYzJCqYwHXVbPGy1qqCxcokHDAJAx80CAODX5qI&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FaV851dtO8hWGxIKNvwV2-hhYxH4wW_4TdrDULC71G72uhzfKBZ9xq2kYzJCqYwHXVbPGy1qqCxcokHDAJAx80CAODX5qI&google_hm=bEs1cElHbFh0U1JfWV9rSVp3SWc=
Request Chain 173
  • https://trace.mediago.io/cs/google?google_gid=CAESELM4Cam7MNeHUe_tqibihG0&google_cver=1&google_push=ASkJ3FYcs8_fiM_m64Rc-5Cj4RaLfDotiMZtEvr62Usfy8rkhh9t44HhqJwICrw8GOyT9HrVH8tq-CBAnABVUNQBmJq2D2Kp9CIW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ASkJ3FYcs8_fiM_m64Rc-5Cj4RaLfDotiMZtEvr62Usfy8rkhh9t44HhqJwICrw8GOyT9HrVH8tq-CBAnABVUNQBmJq2D2Kp9CIW&google_hm=7d7078a378e188442eb433cb63e726c5
Request Chain 203
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ibyt.in&sn=ChromeSyncframe&so=3&topUrl=ibyt.in&bundle=SRl97F9rajRHZ0pERkl0RTRWbXQ3aUVaZ3dqb3JERmYxeFp0UGk2bCUyQnJyNnhqdGdmbThXbW56Yk1YWHpCVXI3dWhQbkt6WFJDRFJ5UVlzNmRSN1JFV0FydFFIa2lVOSUyQk42akl2YmhEaGpvT0glMkJwNCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=g2urBHxGSmI3WU9OOVhFMzh0dWM2UklrdEdJR1hDSUdvem1Fc3lTcERrUzVSd082YldGTkxCaHg0cWt5dVdxQWZWczZTb3o3Mi85YUxlWlpkMnFhNFlSck1Dd0RodVQ3d1d4V1MvbTlIeUZUa09Ua3hnNFJzTnp5UmZ5SnpkTHFxdm9pSkExSjNyQlQ4VGJhdXRacnl3TEZ6bEVpOCsrcG15bWc2bXdCazFPNmVwbU5LM2orRzBXQU1wWmprL2ZmZzhYTlg5cWtJRktjSC9RK1VCTU9kb1NBMncvZ0ZYNzJvenNXQTdQSzBTMWZxZmoyRHVkdHdMQnVybnR0ZWMvMVZSK3NieEc1UmlsNDMrZUJtOVdwcWVqcTBFb25xZXVCcGs3UEg0Y1VNYWMzRkhLbz18&cppv=2
Request Chain 206
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ibyt.in&sn=ChromeSyncframe&so=3&topUrl=ibyt.in&bundle=SRl97F9rajRHZ0pERkl0RTRWbXQ3aUVaZ3dqb3JERmYxeFp0UGk2bCUyQnJyNnhqdGdmbThXbW56Yk1YWHpCVXI3dWhQbkt6WFJDRFJ5UVlzNmRSN1JFV0FydFFIa2lVOSUyQk42akl2YmhEaGpvT0glMkJwNCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=20X0QHxtczZVRzFaZHZqWHcwZDYzQytBOElTdDNMeldvSG1jNEdjb2JRK2FZMGVOd1F4Q24zN1ZReDltdmx3aDNnaXV4RG1OQ291M2grQmt2NmRQT01lR2t1VVNRT2diUHBRUmd2MXNwMkhyWkVldXU0b0lEYzVJd1Y2QTlZT3o2S3ZuQ2tRKzNSTllMMk9wMVRGa3hXdmg4NGNUSzdVbUIrcStRUmZNcjcyOGNKUXhENmZLSzRhSU8xQVdyTVNXTjNJMlAwMGh6Z1pMd2NFKzdKOU5lV0FWNFJidWZQT0FaekVsUi9nd3BUY0gyMjE4ODhYb1B5MVh6MWQyTG5MRXNldHNxUnBhSjV5VzNtR3J2OW5Gb24xUU8yL25HelNQM2J1dE1CK2JPT2krbDkxND18&cppv=2
Request Chain 218
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4IC74CYDYWqBhvvNmCcvQAAFA4AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBkL46w5GsEZeNJseUk7__w&google_cver=1
Request Chain 221
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=SwKjCoDm1OYU3U5
Request Chain 222
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y4IC74CYDYWqBhvvNmCcvQAA%265134 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=20713924-312c-491e-8202-787606247721-tucta7b8872
Request Chain 224
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y4IC74CYDYWqBhvvNmCcvQAAFA4AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y4IC74CYDYWqBhvvNmCcvQAAFA4AAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y4IC74CYDYWqBhvvNmCcvQAAFA4AAAIB
Request Chain 228
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2849534791382142345
Request Chain 229
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGR1E7HBAYAACBS9-4MfA&expiration=1670674419
Request Chain 230
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3512167959563824868
Request Chain 231
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y4IC8wALAyPi0gAO HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4IC8wALAyPi0gAO&_test=Y4IC8wALAyPi0gAO
Request Chain 232
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=afff3fb9-7917-4040-9daa-792b02f6e099
Request Chain 233
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=1ABBD7D608CA48369D6D7B44B5CE8278

238 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ibyt.in/ 		58 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07b29610732b2d6eaa976ca7017a051b3252acda106a6f12e96ed991d21d2786

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
770289f09aeb9b22-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 26 Nov 2022 12:13:34 GMT
link
<https://ibyt.in/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1y3JmGYkN23smLvNnqk%2FBTfCovDPH7Xi0HG3xT9AePkPuLRnXsR7l7l13gfDaEHpSKNVDn1ZX7JtiYReWPYzHD8zlzDDySVrNlWdG5RxIAidn0FOurlSu%2BKPzuKAaEadUZC9cqS"}],"group":"cf-nel","max_age":604800}
server
cloudflare
style.min.css
ibyt.in/wp-includes/css/dist/block-library/ 		93 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 15 Nov 2022 22:12:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZAFVXZk6vJFqXuMOa3SERdzPwXQxzEy%2BiFzvCShAhVAf0vWAI6eK3LA%2FeRETnWyxumW4m6WSsyPVoIUkF3bLHrwG%2BIWo2jIYeWOqcNOIYX%2FBuRozcXNkdM37HbH0w0JrLHz2gZA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
770289f19cf79b22-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
classic-themes.min.css
ibyt.in/wp-includes/css/ 		217 B
439 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 02 Nov 2022 10:12:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7102
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FVRzAevbs3PIVxn5hW%2BdyZmLBjVuNTCC2KmW1y%2FKtpkdcfWwqCRTsy4IZEMjYKRdKaAY0EbVRWt97NG5VGVCtnuPj3AJauzmXiHaVrxMDPjOpJTcEmfw2Erd6cdLgRnKcG%2BI7z2"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
770289f19cfb9b22-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C300%26subset%3Dlatin%2C
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d384e7e41b82cb578964bead5c6774f433306485ac5cf75b6c3fa0ededbb5302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 26 Nov 2022 12:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 26 Nov 2022 12:13:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 26 Nov 2022 12:13:34 GMT
style.css
ibyt.in/wp-content/themes/superfast/ 		67 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/wp-content/themes/superfast/style.css?ver=6.1.1
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bdf97b0b9f407b3db28d1e7540070425a68d18e65c6a480abaf7665cc03849e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 12 Jun 2022 07:49:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OA97V5PRqdHvzAuPVmAuHdVbFW7Dl%2F4Kffn68dyRRsJ3nx6WjAqE5xlkAucuzeg%2FIyPBLdSGdx08Vt%2Fhli3fcZSKVcWyhzO7lSqWkUHcGPsZgquBuvAqfsWZjVKP5BKiWiCDxOFh"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
770289f19cff9b22-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
ibyt.in/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 02 Nov 2022 10:12:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4352
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hqGXrvhw5IaUIEWWCa2CqnpY13571GISV3k0yQrdpagz%2FjxDYIjtAFPP4TtyKRxletgWUxVqO%2BfKdBFqDjcuZARvQEWTeEd8EBzF8GwZWW87L1c4OiFXI6vA9vYCPxn0gcfFREl1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
770289f19d009b22-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-migrate.min.js
ibyt.in/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Nov 2020 14:36:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3160
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUwcf9BqW%2FYXzTtBD1CATc0yoiwBURRbLpRetqdGMWQljBSYJU30uD7wFjqcRJAaL6yN%2BXugfVUpRsft2rpdLdPBN8NstGgyPn5k3g5FPZYCxjjZ58jF4pFfZWBXvv1XIGWgisBv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
770289f19d039b22-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27210
x-xss-protection
0
server
sffe
etag
"1403 / 338 of 1000 / last-modified: 1669244741"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 26 Nov 2022 12:13:34 GMT
afac917bf94a622b609d468bb003a34d_original-300x225.png
ibyt.in/wp-content/uploads/2022/05/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibyt.in/wp-content/uploads/2022/05/afac917bf94a622b609d468bb003a34d_original-300x225.png
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58171b988255633696c0ad836249a7b0dde4ab005b8e951770bdc25fb3dd08fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 09 May 2022 09:17:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GK4JaIas1rbq7CDXbUv8HlvJ16EnCdaurFOhsOLj6JCABz%2BQU7j69VTWbkm1%2BXty8wr0y0ePZf653BX%2Fn5%2BtLlN3dhjAKnIOaaZ0GYMWG9Yg2HrpT%2F16ILwcIUa1U4JRts7aIJux"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
770289f2aa775b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5164
ads.js
cdn.ergadx.com/js/2266/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ergadx.com/js/2266/ads.js
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49930f364eda6d795fa66a38cd5dbd521983ad2814698262da8bdece001d1173

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1650
cf-polished
origSize=31921
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 29 Apr 2022 11:19:29 GMT
server
cloudflare
etag
W/"7cb1-5ddc9374996f0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xcE4wCM3Ki1IXth4RWUfZmIfXf5cG%2FUMKbtXF7A8RGtWwZpBi6mvh1I41XDvZ%2ByiurlVYm0O%2Fujt8Tm2Q33HKPflKl2ZKzUIdTlGw9as2K%2BepAvxPrOPRgN05vatcJtGzE8%2BE7N6ZhW22837jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
770289f2c99a9b31-FRA
jquery.sidr.min.js
ibyt.in/wp-content/themes/superfast/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/wp-content/themes/superfast/js/jquery.sidr.min.js?ver=6.1.1
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a65a90d45e96a839c51c415245fdd88b0bebcdf8b4dc7faafd4d914b82cde215

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 12 Jun 2022 07:49:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4351
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Q9czERibaaQqnpbRfdEqec9w9%2Flnr7zaHvWsmsfosGJjsblKIr6Jqhj9arrhoMz10TIinH5Q4dgfBBDcxhcBGqouC7aN26AxiFgrFfVkRzkrAqvIZK42JkIzm3DAuKo8Sd5fjz4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
770289f29a505b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
customscript.js
ibyt.in/wp-content/themes/superfast/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/wp-content/themes/superfast/js/customscript.js?ver=6.1.1
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be06ffb2cd06a02216ca9a5e16cecf8009507b74105774aedd0617ddaa8b8cbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 12 Jun 2022 07:49:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4351
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=448NO2rGUlfl%2Bm8cT11%2FR4p3lgHmRjA5Sz0QiNvyIZ2XQtIwkkC5bW1NjFywSgupPDAFlbwoCR%2FSBfEUWnXCzX28YnM1mNjFhJjD1Z99KK9Yma0lbz5kkfgkz65w%2Fi6Afu9KS388"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
770289f2aa765b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-emoji-release.min.js
ibyt.in/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 May 2022 22:13:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4353
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4lBE055OZuZ6kIUTJbZMqwFf66cS%2FEwGiuhhMGDHJSb9%2BTcx70Di%2Fy%2BssKQE62fH0VNyAlWNnJMGpaVF5blYp8x%2FMQ83XRqrsygeeeHWgswfsmC6CjIRqo3f%2FRsGq76acyyPFq0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
770289f2aa7a5b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
ibyt.in/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibyt.in/
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmL8Vm1BzONCjBAbhHa75YLRM%2BCPxdsc6RpbeydRSmgE0vGcyc4RIpSnVIS5Qp6ovYYmR0KOm7%2FN0uwunYm7z18J9dYh6E1ClW%2FDE7tuPJW4VrstiuHhTiB1YK0piLUCXaPZz04y"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
770289f2aa7e5b6e-FRA
link
<https://ibyt.in/wp-json/>; rel="https://api.w.org/"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ElegantIcons.woff
ibyt.in/wp-content/themes/superfast/fonts/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/wp-content/themes/superfast/fonts/ElegantIcons.woff
Requested by
Host: ibyt.in
URL: https://ibyt.in/wp-content/themes/superfast/style.css?ver=6.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae

Request headers

Referer
https://ibyt.in/wp-content/themes/superfast/style.css?ver=6.1.1
Origin
https://ibyt.in
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
cf-cache-status
HIT
last-modified
Sun, 12 Jun 2022 07:49:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4351
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEUyUYV%2Be0PpD%2FAIytcXSa9AOy3fSniO6%2B%2FFLCpgpY6zcw6bNGWRxa4%2FEbxbG80INCEEQRiBctc%2FxzIkFIhBftQKRMsU2GIfbjRqcmBbIz2IDA%2Fx0y6PSfBVYkGe2ZMF4dX5M8P0"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
770289f2aa7f5b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
63664
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C300%26subset%3Dlatin%2C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ibyt.in
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 21:06:32 GMT
x-content-type-options
nosniff
age
400022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35904
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:34:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Nov 2023 21:06:32 GMT
b8de9d5251611192975f1aca30505603_original-300x225.jpg
ibyt.in/wp-content/uploads/2022/05/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibyt.in/wp-content/uploads/2022/05/b8de9d5251611192975f1aca30505603_original-300x225.jpg
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d50b5b8c23d54e1ea0bc7cd6167153a7410f73d0fa5a95b942894d9614b57e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 11 May 2022 09:18:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzEuiSk2j3Y93lJB88DtA16ZTwhqWgfeU29SPKw2UM%2FUXLhTjGO0PX2MerPx5LBZk%2B8k3KNtitJWF7ol0bjJNnevu7j%2FXjlOFuYfbzR27gMJbkrfdwV09uMsEviiyDSeLVLb917T"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
770289f2caaa5b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8148
adx
pubads.g.doubleclick.net/gampad/ 		56 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22463069023/ibyt.in_300x250_4_DFP&sz=300x250%7C250x250&t=Placement_type%3Dserving&1669464814535
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e3558b0e96fbe0efb2daadbf74dc44d914ac0a0423b66f81f0a4201c3b241ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13224
x-xss-protection
0
google-lineitem-id
5874818303
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138377433874
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
9f8b06c772ab919897e6385f2692a8d8_original-300x225.png
ibyt.in/wp-content/uploads/2022/05/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibyt.in/wp-content/uploads/2022/05/9f8b06c772ab919897e6385f2692a8d8_original-300x225.png
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3219f1d97e20926e8434a1e77930f333499d6397f004d9f3304b28dde531e391

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 03 May 2022 09:13:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulap8HSFqyU7R8JntsBA3eXJbuvisIhwc3pz%2Fj5t3Er4NmoN0bVhXwhp8mQgsmjDLu8lMYtDBAt5sxUgt1y1JVFhTYE2taDzcTLTGIxXuVl4ubJLtlKt6%2BJXFxkTIv3yYiNDN0vL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
770289f2eb005b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9856
bc34579610117ceccfc6c4552dd53801_original-300x225.png
ibyt.in/wp-content/uploads/2022/04/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibyt.in/wp-content/uploads/2022/04/bc34579610117ceccfc6c4552dd53801_original-300x225.png
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0553bb739f1686e2e458b4f583ea068710e42e6e676b9e099f00aa56217151c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 29 Apr 2022 09:06:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2riBXTsBUUGs%2B8ufYqDGWCvP6g6GfH3RYiPa9CfGw3sZAJMSgp6D1Xe268hHqgB34Wsnm2cxyR98OpDY7PIB8DpTcfpUc5wWrBuS2FodbuUVijaQD3wcZNqY4boeTUb8r%2FA%2BieY"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
770289f2eb035b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14088
0fb921bd5b131f78ed72ab5aaa22f440_original-300x225.jpg
ibyt.in/wp-content/uploads/2022/04/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibyt.in/wp-content/uploads/2022/04/0fb921bd5b131f78ed72ab5aaa22f440_original-300x225.jpg
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1292ba4d41b1720bce8abcf19fa19704cb6d95b0f3c904535972e8746730b009

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 27 Apr 2022 09:05:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOW9jbmwQeb4J%2B1l4fh%2Fdjapt%2BJtKj99Vz8ex83274YpRjLKhlFlO0x5Rb8uBnygX5CKWDtu3FHo7%2F0Y8%2F7k%2BKJnpSsiEDg0FnMDL6Ouj0BlGoyg%2B%2FwzBED1MrT38RZRdXXggQcR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
770289f2eb055b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5186
adx
pubads.g.doubleclick.net/gampad/ 		56 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22463069023/ibyt.in_320x100_mobile_sticky_DFP&sz=320x100%7C320x50&t=Placement_type%3Dserving&1669464814567
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc6ec2e00d176abcceaf82c19bfbe79fa952a69ded0c0a3dfee6011499487348
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13223
x-xss-protection
0
google-lineitem-id
5882711945
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138377521829
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
2a82d976c36bcbf05dfd6c2ba86387b7_original-300x225.png
ibyt.in/wp-content/uploads/2022/05/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibyt.in/wp-content/uploads/2022/05/2a82d976c36bcbf05dfd6c2ba86387b7_original-300x225.png
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13545cec095c1bc6dcc3af6ca0920ac82f5be96cb39595675820ce7c7f9153ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 01 May 2022 09:08:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYpOuouW8%2Bc4lAi%2BBc7GuP0K7FJJsOzMltztw9Nkr1cgtvGbwK9ojG59ksozGPfcxoT5bWnNBfbZgINPYqoj%2BT49fDvZdl7jmo3z1pYg7YLqo8KAVUiebZQoF9%2BOUcB7HyLdmva7"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
770289f34bb55b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6818
b27bcdb3a6ecc1cac3b577208c73f445_original-300x225.gif
ibyt.in/wp-content/uploads/2022/01/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibyt.in/wp-content/uploads/2022/01/b27bcdb3a6ecc1cac3b577208c73f445_original-300x225.gif
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1c6a13df2fa2f0e99384ac1fde844d3ff6338971fbabcb9ec95194cf5b99ce2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 04 Jan 2022 03:37:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXyyUOI8liOOkcEnpIShWkxzi7k%2FzkbgTy92AUHckDxJibUpDMGDs%2FRQVEVzbasH%2BhSfiWrCJ33voIOMzi8QHOwjGOSksW59GwK6joza%2FPzE9VMV6zI7Tsvp2xvfxxq59R8t6NEc"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
770289f34bbb5b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9080
5a06feabcb063b368a9c57814b77663c_original-300x219.png
ibyt.in/wp-content/uploads/2022/01/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibyt.in/wp-content/uploads/2022/01/5a06feabcb063b368a9c57814b77663c_original-300x219.png
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5733ae1deefd76f002f873d813dcb95334490adf102d4ad33f7905da607c2bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 01 Jan 2022 03:36:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xabhG%2Biqv0%2FoeqLL%2BSEyIPBgX1QMUp0hhF%2BvB2MRBP%2FpRfsmBmOm37ITcw%2BvTiFRl3JNB4zfIsHpgYRWJ3bANgRK24DavxsMA6B96wCvstfl9UnuHbYtq2rZddbrbDN1E4dY74vN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
770289f34bbc5b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9705
e9fc9f609392ed8e627cbc030e95519c_original-300x225.png
ibyt.in/wp-content/uploads/2022/01/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibyt.in/wp-content/uploads/2022/01/e9fc9f609392ed8e627cbc030e95519c_original-300x225.png
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3fe3edff39be8fdcb0d19b6cda5deffb4ae75c3e8605c14a9113eec57da555b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 01 Jan 2022 04:27:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RoGXPMiVDirS2PHC0wJyAJvXnrWVZWapGTbUSSSvwZ%2FuNoNu66epbnBS8T%2FMmubQ2fNetrMi0N8my4rNicFWCDB%2BNRp4PUwnJFyv6IV9ieXmEXo%2F18wiCbA0UYlSSiqZfJY6d864"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
770289f34bbd5b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2732
4eb2a1d4b3d3603f5f70eab66a7ac534_original-300x225.png
ibyt.in/wp-content/uploads/2021/12/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibyt.in/wp-content/uploads/2021/12/4eb2a1d4b3d3603f5f70eab66a7ac534_original-300x225.png
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b12e35c0f7f1219bc6fc0c5843f10412d1e91c409a8700da0c926e3283df1463

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 30 Dec 2021 04:26:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s9H2ps1wmQgn%2Bwkz9I8nAiWf0HhsefsHSMSFJ9UdgbtB9zD3ETpttHo2xszovOfUwkaM110USPqtoPGPkbz%2FjFeRsUSvjuQB1uKk%2FRnAm3DoQX8PN89jXfvpqJEvzRwUZNvcbHOw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
770289f34bbf5b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6832
gpt.js
www.googletagservices.com/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cdn.ergadx.com
URL: https://cdn.ergadx.com/js/2266/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27210
x-xss-protection
0
server
sffe
etag
"1403 / 645 of 1000 / last-modified: 1669244741"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 26 Nov 2022 12:13:34 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:59:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
869
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 26 Nov 2023 11:59:05 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		268 B
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ibyt.in
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3457b3f987722f23c52744418be5651c20ffa901a76cadcab134995584c0327d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128
x-xss-protection
0
expires
Sat, 26 Nov 2022 12:13:34 GMT
invisible.js
ibyt.in/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame AB81 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1669464000
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb2f2ce84fab7729345064f53a65b0a2392e1a26dcb09d1c23e37408c332ba33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVi8ZmGHDa2%2BfDLU3kXqTLf1PkVFaAdEyIzHHSYYKuSeMrP8hZIAQGcl3LYwlywCfG27AOgYzUZhL%2FMgOywa%2FC25UWeHdvtRwdLznTZ5aDMfHEKP%2BRnXhKxgoHIhGEXKRM3CstO3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
770289f39c3c5b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
stpd201221.js
stpd.cloud/assets/postbid/ Frame B2D8 		461 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/assets/postbid/stpd201221.js
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f5083c8eb8bc90cd7ba3358c406ddb6e8c6bb989b014ac7521f09e7e28946ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 26 Nov 2022 12:13:34 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
/FnTyG7mivuubIGMmM4B7Q==
age
2776
x-ms-lease-status
unlocked
last-modified
Fri, 18 Nov 2022 20:55:06 GMT
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
76ddb271-601e-0057-4fd1-0051a4000000
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
770289f499df9a23-FRA
expires
Sat, 26 Nov 2022 16:13:34 GMT
stpd201221.js
stpd.cloud/assets/postbid/ Frame 0290 		461 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/assets/postbid/stpd201221.js
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f5083c8eb8bc90cd7ba3358c406ddb6e8c6bb989b014ac7521f09e7e28946ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 26 Nov 2022 12:13:34 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
/FnTyG7mivuubIGMmM4B7Q==
age
2776
x-ms-lease-status
unlocked
last-modified
Fri, 18 Nov 2022 20:55:06 GMT
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
76ddb271-601e-0057-4fd1-0051a4000000
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
770289f499e19a23-FRA
expires
Sat, 26 Nov 2022 16:13:34 GMT
prebid4.20.4.js
cjss.enewspapr.com/prebid/ 		282 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cjss.enewspapr.com/prebid/prebid4.20.4.js
Requested by
Host: cdn.ergadx.com
URL: https://cdn.ergadx.com/js/2266/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d3190617c56f16492c6b990d538fdae11393678a616c6e85845d02c67cf871d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4411
cf-polished
origSize=288635
cf-bgj
minify
last-modified
Mon, 05 Jul 2021 04:15:48 GMT
server
cloudflare
etag
W/"4677b-5c6588f59c500-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Mw%2BXKuzRTLfHLLht4Mh6ajnf6bkLTXpAImFFW5mfF1hCwfpwDJt5FCvnVSqtenPjZ%2F9iCo2P33tScP0XpNSX0oJyYeJ6vqMP74NVKUEMiSSdeZLSbwsleYXd6l4EZ%2FqcrProwXNtCWDwAFIa41eFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
x-varnish
180617222 173179495
cache-control
public, max-age=2678400
cf-ray
770289f4aed08fd6-FRA
pica.js
ibyt.in/cdn-cgi/challenge-platform/h/b/scripts/ Frame AB81 		27 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e544b270d1d302d50c4350bb12e448a368f8a6fa1a480a68c1911d5cb018b9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWKwCPEktBzCMeZoeJ7nXTHeWTncP2MRBvtAVk3mdCZHle5WgcwMpPiEFJ2b2VqHxbp6Ac%2B%2FUVDuS80KWIpNtUs4lvWzzjqgi60n4wvyv2tord4BiwIFOTmHk5er8mLs%2Bs7d%2FmxW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
770289f45da25b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ibyt.in
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ibyt.in
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1012180065589750&correlator=2496320867847629&eid=31070872&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=147246189%3A22463069023%2Cibyt.in_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=3284457678&didk=1730563965&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1669464814819&lmt=1669464814&dlt=1669464814283&idt=482&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fibyt.in%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1403447753.1669464815&ga_sid=1669464815&ga_hid=226629087&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
602a8c42ddadb2bad6f59454779da873d1a92e991918b7c945ad45af304dad84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
713
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
955bc6770b566863296c9107f6efce14.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E48B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://955bc6770b566863296c9107f6efce14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 12:13:34 GMT
expires
Sun, 26 Nov 2023 12:13:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022111501.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03d35c1ff8a01dabf5d312f47b641d0dc6ad96b102f0b095e6af937881901757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 15:38:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
246906
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13838
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Nov 2023 15:38:28 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fibyt.in%2F&domain=ibyt.in&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ibyt.in
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 26 Nov 2022 12:13:34 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
256882
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
localstore.js
script.4dex.io/ Frame 0290 		483 B
769 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 23 Nov 2022 15:43:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
243744
etag
W/"922cffdd75f7192f75231d92684885aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vNDWrcABZQ6R%2Bw8VjjsIEjGBBg0%2BvZiamXmUO%2FQwr1KtbTV5t2UxJ9eG9GPQNX8Bpmk5OseeBPs%2FSuqnpH9m9zxSfQpbpGZi2LV1ENPT4qcFgntkf2ZzV%2FB0YAheI5HnWUGnw6V%2FQRg58w8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
770289f62ad9912a-FRA
sid
mug.criteo.com/ Frame 0290
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fibyt.in%2F&domain=ibyt.in&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=skEFg3xLK2RpSGF1cnY2VVlramlNRmp2U0dJeklnNnEzTFJ2UWU1NTJCR3RlNHdkOGRVbWVkQ0IrQmN4anFsb3lXVGNzcnFHeUg0K3d4SnYwUDhEMkdSbWwwQThRM2FhMHNGcDZodEhnbWxsNmIrVys1RE1KczhRMzd2L3...
333 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=skEFg3xLK2RpSGF1cnY2VVlramlNRmp2U0dJeklnNnEzTFJ2UWU1NTJCR3RlNHdkOGRVbWVkQ0IrQmN4anFsb3lXVGNzcnFHeUg0K3d4SnYwUDhEMkdSbWwwQThRM2FhMHNGcDZodEhnbWxsNmIrVys1RE1KczhRMzd2L3oxM2NCOUVPekhuQWVRQW5nRGJuOEwxeXRrQU9OV3lLMG9TZEFmNjhxMlhnMFJ2OWJaY2JQRVY0MWx4cGVta2hBWlRuczZBVGJHMzA5NkN0b01VOHZGUUtUV3I0Vy9mOGhNVzNQUG1kVlNGT25qbVFjMjc4PXw&cppv=2
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8425219362308d38570c256ace8d66fca41731c0d79017d29bcafe195927c6b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:34 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1554341
expires
0

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=skEFg3xLK2RpSGF1cnY2VVlramlNRmp2U0dJeklnNnEzTFJ2UWU1NTJCR3RlNHdkOGRVbWVkQ0IrQmN4anFsb3lXVGNzcnFHeUg0K3d4SnYwUDhEMkdSbWwwQThRM2FhMHNGcDZodEhnbWxsNmIrVys1RE1KczhRMzd2L3oxM2NCOUVPekhuQWVRQW5nRGJuOEwxeXRrQU9OV3lLMG9TZEFmNjhxMlhnMFJ2OWJaY2JQRVY0MWx4cGVta2hBWlRuczZBVGJHMzA5NkN0b01VOHZGUUtUV3I0Vy9mOGhNVzNQUG1kVlNGT25qbVFjMjc4PXw&cppv=2
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
460044
content-length
0
expires
0
481.json
id5-sync.com/g/v2/ Frame 0290 		216 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/481.json
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
cb80ca4dfe5956e4ba2c737e0b25fb90d9151e5150884b5ac9be8b05abac8d71
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ibyt.in
date
Sat, 26 Nov 2022 12:13:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
gpt.js
www.googletagservices.com/tag/js/ Frame 0290 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27210
x-xss-protection
0
server
sffe
etag
"1403 / 872 of 1000 / last-modified: 1669244741"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 26 Nov 2022 12:13:35 GMT
usync.html
eus.rubiconproject.com/ Frame B969
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 26 Nov 2022 12:13:35 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 26 Nov 2022 12:13:35 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server
AkamaiGHost
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fibyt.in%2F&domain=ibyt.in&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ibyt.in
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 26 Nov 2022 12:13:34 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
495457
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
localstore.js
script.4dex.io/ Frame B2D8 		483 B
545 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 23 Nov 2022 15:43:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
243744
etag
W/"922cffdd75f7192f75231d92684885aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLsmcUnjLIPIUIk7IfQQl%2BFZg5z2EwoYBUvTX7xGCWNOmainiYWezlraSxRMXnWiCdTqv%2FtvA%2FN13ROrQd6CGsORe3EFZvEoMg5v5ckzCwUt1K3PiyJ3Ge0zSStvtscK6hx0pyvRHV3sCaNX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
770289f66b6c912a-FRA
sid
mug.criteo.com/ Frame B2D8
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fibyt.in%2F&domain=ibyt.in&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=p9SHYXxzcHhiZnhIenBjbVJXOTJkK0xXcGN6QTdEYkQyTlRXNy9TSTVlalJOc3FsOG85Q1ZrUHZVMHN3OWs3YVBjTTR4RDhzMDdRWmZnTUZySll2c1c2UlNMaG9JSXM1M0l3SXpPRWZnMnNua1V0YytNSXZkL2o3RHExVE...
330 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=p9SHYXxzcHhiZnhIenBjbVJXOTJkK0xXcGN6QTdEYkQyTlRXNy9TSTVlalJOc3FsOG85Q1ZrUHZVMHN3OWs3YVBjTTR4RDhzMDdRWmZnTUZySll2c1c2UlNMaG9JSXM1M0l3SXpPRWZnMnNua1V0YytNSXZkL2o3RHExVEhiVXh6ZGZJYmhwc2VQZ2pDOGxLMWNiUE0zdC9vNHNXWEdkdlNYQmdubFlpaWVGK0ZyUTA2M29RMTdiNU1tZGJ3NTltYWNGUVN6V3R6YTZXcjV2MGpkajhXN1hSRXlmMm13OE5CRHFEMVFuZS8wN2ZEVkl3PXw&cppv=2
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
17d8d88bbda37857092433d87e0ca9f3a96d93c15d39e6cc3f476931c8fc6982
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:35 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1577276
expires
0

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:35 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=p9SHYXxzcHhiZnhIenBjbVJXOTJkK0xXcGN6QTdEYkQyTlRXNy9TSTVlalJOc3FsOG85Q1ZrUHZVMHN3OWs3YVBjTTR4RDhzMDdRWmZnTUZySll2c1c2UlNMaG9JSXM1M0l3SXpPRWZnMnNua1V0YytNSXZkL2o3RHExVEhiVXh6ZGZJYmhwc2VQZ2pDOGxLMWNiUE0zdC9vNHNXWEdkdlNYQmdubFlpaWVGK0ZyUTA2M29RMTdiNU1tZGJ3NTltYWNGUVN6V3R6YTZXcjV2MGpkajhXN1hSRXlmMm13OE5CRHFEMVFuZS8wN2ZEVkl3PXw&cppv=2
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
539976
content-length
0
expires
0
481.json
id5-sync.com/g/v2/ Frame B2D8 		216 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/481.json
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
135ac5454406c76d8960e10b6c602e80ea370da1b35f514f75bcb97d7311a74e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ibyt.in
date
Sat, 26 Nov 2022 12:13:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
gpt.js
www.googletagservices.com/tag/js/ Frame B2D8 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27210
x-xss-protection
0
server
sffe
etag
"1403 / 75 of 1000 / last-modified: 1669244741"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 26 Nov 2022 12:13:35 GMT
usync.html
eus.rubiconproject.com/ Frame 352B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 26 Nov 2022 12:13:35 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 26 Nov 2022 12:13:35 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server
AkamaiGHost
cookie_sync
prebid-stag.setupad.net/ Frame 0290 		528 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/cookie_sync
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
682bc6fde60036f3f9c58cf68ec07b0aa148ed4c2314088f348f2d55ca8894af

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qScEIKIQqzRmOoZupRrfZjzaQJsyfBzklZd9JhkGwHps2Yi09lxJ9ncAYuBcoJwBLnFbRoJtjt%2BFFThjeOStDLtKilP8Gu0z%2BpdmAzgthEVg2hWS7t6EGo2Z2HReiYSZDXx5wY0N6xM83jyoNqeVvVt9XH8"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
770289f7dcba9b52-FRA
expires
0
auction
prebid-stag.setupad.net/openrtb2/ Frame 0290 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b969ce4f1aaa86fab56e574f25bf55786c869fadfaad45707abe8f15033e501

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-prebid
pbs-go/0.209.0-2-g4a3c5ecc
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PcEKwCH4%2FsurPPATkHnWQZcCxMNzr7mJjomUu7i6D1se%2FmBYx9Fgj0TdeSZQ3XVwZ1h9yAlyqb7ueXw8XLJK8cedTFgqS6KkwXN0tI8jsfOctp0fnTsCOBXcXLx8EMNLZw4vCy0fDdmGrQjxEXPAsw31VTn"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
770289f7dcbe9b52-FRA
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 0290 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ibyt.in
date
Sat, 26 Nov 2022 12:13:35 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame 0290 		137 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a34d6e2b7f2fc60ae507f83ba217d6938945ad99158f9597cd673073fb41a8a7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:35 GMT
AN-X-Request-Uuid
61ab2aaf-3a22-4e5a-a238-e2245ba21fba
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ibyt.in
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
137
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
setupad-d.openx.net/w/1.0/ Frame 0290 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fibyt.in%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=41982432-61c4-49fb-853f-7af4d686423f&nocache=1669464815188&pubcid=22c6936a-18e7-4449-b488-1fbb0003c70f&schain=1.0%2C1!setupad.com%2C897%2C1%2C%2C%2C&aus=320x100%2C320x50&divIds=div-custom-ad-1669464814749-0&auid=556539115
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
cb928c1556113a8771f2308ed1a0b26909e1bb8cab0d13c1c439e55be3f59402

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:35 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ibyt.in
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 0290 		37 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=764373&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211ed3d202d7d69e%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fibyt.in%2F%22%2C%22page%22%3A%22https%3A%2F%2Fibyt.in%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22setupad.com%22%2C%22sid%22%3A%22897%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212f7fb65cd3f415%22%2C%22ext%22%3A%7B%22siteID%22%3A%22764373%22%2C%22sid%22%3A%22ibyt.in_320x100_mobile_sticky%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2213e5ce9ffe11ae8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22764373%22%2C%22sid%22%3A%22ibyt.in_320x100_mobile_sticky%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc864e8ad7ef123f9a5e38648177347eb304202b5485c5e61ba30640f3a9304f

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ECMFA6lIzg%2FCwxCZ6uM6DXjJOBazA9t4tyPSicsXGvaOtwowdtAlgdcXDyk1387RW46kvI2GrLVtlD7jwBOfqkuMdMxAc0jvPAgL1lEbB0ow03AKHJhj1aapXylR5txMb0yVkIk"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ibyt.in
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
770289f7dc3a9025-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ Frame 0290 		18 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=43930716102
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ibyt.in
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
cookie_sync
prebid-stag.setupad.net/ Frame B2D8 		1 KB
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/cookie_sync
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b292f327a3992e63294a2fd23c19aa90762bcb9fbca550eb5ceac5368b1b37f

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fa8uwftPYLlkaiUzUHLBJXNd%2BcxtbUNXbXIb3waWprwQzG2jWwhj3zVxzlBfOKysb6ueLu22wP9%2FsIWmxTHJBamNt6CAeHbR89ZRgkf3X4NdCfnZF9PQFRkP1FgnKng61Qx4n6gdZOoQaJkpf%2FtR8xTchy3b"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
770289f7dcc09b52-FRA
expires
0
auction
prebid-stag.setupad.net/openrtb2/ Frame B2D8 		282 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7594577b0f82e8417202e17c1674327162b71f434206cde37e141f4cca94081b

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-prebid
pbs-go/0.209.0-2-g4a3c5ecc
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fmwFbVu4XsPG%2BvWNHJRTlcUhKuA8%2FfBvNslpAb82ZSwOqK3%2B8EjzOj3WBxVPrL7%2FM3cM%2FdHXGG4Pfd0UDCb%2FUpB2BgBpqHkat8SxY074YBGH5K2a2CfiW7nWGt3%2FVrPchNMOz%2Ba6eRB48kTKoLfl5Np6wmtV"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
770289f7dcc29b52-FRA
expires
0
/
hb.emxdgt.com/ Frame B2D8 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1669464815274&src=pbjs
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.45.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-45-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ibyt.in
date
Sat, 26 Nov 2022 12:13:35 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
c
prebid.a-mo.net/a/ Frame B2D8 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Sat, 26 Nov 2022 12:13:35 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://ibyt.in
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame B2D8 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ibyt.in
date
Sat, 26 Nov 2022 12:13:35 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
mp.4dex.io/ Frame B2D8 		114 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba7e5415dd99578e911122e008ce5f2b291069fb9c6e72149244cf4f995485a7

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:35 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
770289f7ffee5c02-FRA
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame B2D8 		20 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
716555eb87cff13e6097d28830daf4d2ce8e85153a55ce7ae0c69105f414b2c1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 26 Nov 2022 12:13:35 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ef303cd5-7ae1-442f-88dc-94662265611b
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ibyt.in
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
setupad-d.openx.net/w/1.0/ Frame B2D8 		73 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fibyt.in%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a8035173-3523-45e0-8af8-fe5810ec7620&nocache=1669464815299&pubcid=22c6936a-18e7-4449-b488-1fbb0003c70f&schain=1.0%2C1!setupad.com%2C897%2C1%2C%2C%2C&aus=300x250%2C250x250&divIds=div-custom-ad-1669464814728-0&auid=556539117
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
947a0bf2395ddfe0c2dc6d79a1ea2eda2f61fd8edb081e03f9fb395c76c74309

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:35 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ibyt.in
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ Frame B2D8 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEyNzg3NTAmdHJhbnNhY3Rpb25JZD1hODAzNTE3My0zNTIzLTQ1ZTAtOGFmOC1mZTU4MTBlYzc2MjA%3D&pt=gross&stid=da33fe60-b42b-4b59-871b-8309f8272bcf&fd=1&eids=eyJwdWJjaWQub3JnIjp7IjIyYzY5MzZhLTE4ZTctNDQ0OS1iNDg4LTFmYmIwMDAzYzcwZiI6WzFdfX0%3D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
4a8f12143b569b8ea4f6d2dfbd7430ad0566982d866f3953d3338b050d93775c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
https://ibyt.in
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame B2D8 		18 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=62345117308
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 26 Nov 2022 12:13:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ibyt.in
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
cygnus
htlb.casalemedia.com/ Frame B2D8 		37 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=764373&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2225a8b8355710c64%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fibyt.in%2F%22%2C%22page%22%3A%22https%3A%2F%2Fibyt.in%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22setupad.com%22%2C%22sid%22%3A%22897%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2226919647d60197d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22764373%22%2C%22sid%22%3A%22ibyt.in_300x250_4%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22277185c29157594%22%2C%22ext%22%3A%7B%22siteID%22%3A%22764373%22%2C%22sid%22%3A%22ibyt.in_300x250_4%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfda9cbf989f6a8d969c5560b689e0d725cb1ba2b1a9109e5dbac752f85e621f

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxHBkJLN5bbEITr1uEP8SP4QmjZ7WwqSP9bSSMHZtVkQWPhAgZq57iqqSrtbB4kRZXET3%2FfdmPb3wlDy8YvmEY5W4MXaKc4TPNO4ABNgad7hUxjdjpeKf7VHpm0GPVQJW0wfqO9H"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ibyt.in
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
770289f7dc409025-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=p9SHYXxzcHhiZnhIenBjbVJXOTJkK0xXcGN6QTdEYkQyTlRXNy9TSTVlalJOc3FsOG85Q1ZrUHZVMHN3OWs3YVBjTTR4RDhzMDdRWmZnTUZySll2c1c2UlNMaG9JSXM1M0l3SXpPRWZnMnNua1V0YytNSXZkL2o3RHExVEhiVXh6ZGZJYmhwc2VQZ2pDOGxLMWNiUE0zdC9vNHNXWEdkdlNYQmdubFlpaWVGK0ZyUTA2M29RMTdiNU1tZGJ3NTltYWNGUVN6V3R6YTZXcjV2MGpkajhXN1hSRXlmMm13OE5CRHFEMVFuZS8wN2ZEVkl3PXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 26 Nov 2022 12:13:34 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
450887
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=skEFg3xLK2RpSGF1cnY2VVlramlNRmp2U0dJeklnNnEzTFJ2UWU1NTJCR3RlNHdkOGRVbWVkQ0IrQmN4anFsb3lXVGNzcnFHeUg0K3d4SnYwUDhEMkdSbWwwQThRM2FhMHNGcDZodEhnbWxsNmIrVys1RE1KczhRMzd2L3oxM2NCOUVPekhuQWVRQW5nRGJuOEwxeXRrQU9OV3lLMG9TZEFmNjhxMlhnMFJ2OWJaY2JQRVY0MWx4cGVta2hBWlRuczZBVGJHMzA5NkN0b01VOHZGUUtUV3I0Vy9mOGhNVzNQUG1kVlNGT25qbVFjMjc4PXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 26 Nov 2022 12:13:34 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
461908
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
770289f09aeb9b22
ibyt.in/cdn-cgi/challenge-platform/h/b/cv/result/ Frame AB81 		2 B
656 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/cdn-cgi/challenge-platform/h/b/cv/result/770289f09aeb9b22
Requested by
Host: ibyt.in
URL: https://ibyt.in/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1669464000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 26 Nov 2022 12:13:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znrDTleTmLpzaQS4iDywLoWxAjgg1jszrrYEdKEgYmcJujCfn%2BDLfcgyanu7Hzj3qM0xhDaaEoYN2I603nk8UekKqca5ECoxGId5%2F0JULnD9pc%2BfF6HqmKgcFxFV5ZDt77kZn7pr"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
770289f96ebf5b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adagio.js
script.4dex.io/ Frame 0290 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
YCXP7WNWAYFTD9Z3
age
301225
x-amz-id-2
c6K/VJ0twiXfUDQfAycuDih66wwZ++Ly6tAkCXsdb0FRbp7eP9BsesY74DFS3Sl/+1pV0FEvc30=
last-modified
Tue, 22 Nov 2022 09:44:15 GMT
server
cloudflare
etag
W/"c56b6332dacf72f135afcd153ae22448"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSgJJ%2FQ1UNgOD6fTqGFdKtrdC3jb%2BIisYBThbAuz5u0AII8pwuyN0VyF6q2Mrcdzl3lDYLRzWdJeX5JI76eAXBhVipJXklgZZRXivRJ645YIfkm%2FhX73%2BSbOjbPvRoyuMNrcaBQpp0%2FblKWE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
770289f98e349174-FRA
adagio.js
script.4dex.io/ Frame B2D8 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
YCXP7WNWAYFTD9Z3
age
301225
x-amz-id-2
c6K/VJ0twiXfUDQfAycuDih66wwZ++Ly6tAkCXsdb0FRbp7eP9BsesY74DFS3Sl/+1pV0FEvc30=
last-modified
Tue, 22 Nov 2022 09:44:15 GMT
server
cloudflare
etag
W/"c56b6332dacf72f135afcd153ae22448"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h27H0TbOCrFrAowaj%2B%2FprsJjQ1SEuNBrMk2l95FgiBVrVp8MruOnGDc%2BYesaC%2BccP%2BhatgBRaBgGZSCBSbj9%2BFXAcJI%2BK8qFLRQQiI5%2BktYxjR6MzrU23Nsny80fl3ORKjomNRVMV8cKGcQC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
770289f99e379174-FRA
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ Frame B2D8 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:59:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
870
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 26 Nov 2023 11:59:05 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame B2D8 		268 B
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ibyt.in
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3457b3f987722f23c52744418be5651c20ffa901a76cadcab134995584c0327d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128
x-xss-protection
0
expires
Sat, 26 Nov 2022 12:13:35 GMT
cookie
cm.adform.net/ Frame B2D8 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:35 GMT
server
nginx
content-length
43
content-type
image/gif
setuid
prebid-stag.setupad.net/ Frame 0290
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D&gdpr=&gdpr_consent=&s=194962&us_privacy=&C=1
  • https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=Y4IC74CYDYWqBhvvNmCcvQAA%265134
86 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=Y4IC74CYDYWqBhvvNmCcvQAA%265134
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Server
2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18ZAWkGAyrYfhQx1Czq%2BGoXzY679e6QuXP7GEk9I1vsU%2B%2F3j22Pm5fLMHhHAkhfFOcvDDS4K0OXRMdZmr2FQ6v3k3EtjehRVG2hXqdtL3xABW6Cq9qEg7H7OMi1otorbplHTkdsm7IzPEOFjCOBVJXYjcnia"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
cf-ray
770289fbce749b52-FRA
content-length
86
expires
0

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X83yUp3yCTHqCoCFxvQEmi19EmUmlKx08wnXALgrLZoOdToQVMn9bNfh5WZNrzen7jpmi%2Fnj35FlyLsApB%2FY%2BeWGfAnE6fB5jHjGvvT5tMondFjXl25q10G%2BUgnj0cFx4iwYG2Q6"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=Y4IC74CYDYWqBhvvNmCcvQAA%265134
cache-control
no-cache
cf-ray
770289fb2e7b9c04-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pubcid.min.js
id.sharedid.org/lib/ 		732 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/lib/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.9.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-9-17.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:36 GMT
cache-control
public, max-age=86400
last-modified
Tue, 22 Nov 2022 19:18:19 GMT
accept-ranges
bytes
content-length
732
vary
accept-encoding
content-type
application/javascript
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 13:48:51 GMT
content-encoding
gzip
age
1203884
x-guploader-uploadid
ADPycdu3Gw5FY_q4NTn97VXYnntJVtAX26caEl7o3n1xhH_sP1GWn03HtLzXWtmuhtpWhoyqDf_pa2Sc5NeIIOZROxkPyfq5tOA6
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sun, 12 Nov 2023 13:48:51 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
BBBA0A3QDQ1HWH2T
age
2728
etag
W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
770289fa6cc4bbe5-FRA
x-amz-id-2
ifirG6OKyiUb0CDm3Pp6NFXSRsipT+RfZA795jySpk4Hznc40wDcE3MyvtCBhb4h+QHIekyQ8Ho=
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:12:44 GMT
via
1.1 google
age
51
x-guploader-uploadid
ADPycduzInZUQyFeuzc8YSrXCNA0uHv51Ck9rSOYEXj5F2Yu6nnOGODZ4tyEt-ehmwXzRf3HSc8qxWIGHHwNTHUNPnLebg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1258
last-modified
Fri, 29 Jul 2022 16:55:09 GMT
server
UploadServer
etag
"f5bc066f146e3dbb049aa6c86c7012e6"
x-goog-generation
1659113709880056
x-goog-hash
crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1258
accept-ranges
bytes
expires
Sat, 26 Nov 2022 13:12:44 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-9c1f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 27 Nov 2022 12:13:35 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 19:00:23 GMT
content-encoding
gzip
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 18:55:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
61993
x-amz-server-side-encryption
AES256
etag
W/"2c5f4a319c3d99310927955777b5abe3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
gjs0fUHRqcC1BAHSVkZwcePvrlsx4jxZNS3fyZme51AFfi4o6g0umg==
uid2-sdk-0.0.1b.js
prod.uidapi.com/static/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.65.196 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-65-196.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
76424452f8e1eb0bc7fb20f6d7fa0dcaea480d7152a74756c01e816a663c3aa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:35 GMT
cache-control
public, max-age=86400
last-modified
Mon, 31 Oct 2022 06:06:26 GMT
accept-ranges
bytes
content-length
3211
vary
accept-encoding
content-type
application/javascript
container.html
955bc6770b566863296c9107f6efce14.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7562 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://955bc6770b566863296c9107f6efce14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 12:13:34 GMT
expires
Sun, 26 Nov 2023 12:13:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ Frame 0290 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:59:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
870
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 26 Nov 2023 11:59:05 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 0290 		268 B
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ibyt.in
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3457b3f987722f23c52744418be5651c20ffa901a76cadcab134995584c0327d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128
x-xss-protection
0
expires
Sat, 26 Nov 2022 12:13:35 GMT
usync.js
eus.rubiconproject.com/ Frame 352B 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5867306246bce7f6894f17fd7bfadbf448e1f554facecc2831793a090a5c08c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sat, 26 Nov 2022 12:13:35 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Nov 2022 10:32:10 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=80243
Connection
keep-alive
Content-Length
10066
Expires
Sun, 27 Nov 2022 10:30:58 GMT
usync.js
eus.rubiconproject.com/ Frame B969 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5867306246bce7f6894f17fd7bfadbf448e1f554facecc2831793a090a5c08c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sat, 26 Nov 2022 12:13:35 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Nov 2022 10:32:10 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=80243
Connection
keep-alive
Content-Length
10066
Expires
Sun, 27 Nov 2022 10:30:58 GMT
integrator.js
adservice.google.de/adsid/ Frame B2D8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ibyt.in
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B2D8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ibyt.in
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame B2D8 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2121899034835271&correlator=991774075397210&eid=44761478%2C44778642&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=147246189%3A22463069023%2Cibyt.in_300x250_4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250&ifi=1&adks=1699024641&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D1.35%26hb_adid%3D2897b65664004a4%26hb_bidder%3Dappnexus&eri=5&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie=ID%3De8e09584c8b004c4%3AT%3D1669464814%3AS%3DALNI_MaGgyc9PMSxhOMVXJfMTd7d6hxNPQ&gpic=UID%3D00000b87a0ba0466%3AT%3D1669464814%3ART%3D1669464814%3AS%3DALNI_MZLFF_60wyYfzkQjQH-4Xl00dJavw&abxe=1&dt=1669464815778&dlt=1669464814694&idt=1045&adxs=485&adys=828&biw=1600&bih=1200&isw=300&ish=150&scr_x=0&scr_y=0&btvi=0&ucis=4mhe7u5dwir6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Fibyt.in%2F&top=ibyt.in&frm=23&vis=1&psz=300x150&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=360392616.1669464816&ga_sid=1669464816&ga_hid=1560508203&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYj_DtnsswSABSAghkEhkKCnB1YmNpZC5vcmcYj_DtnsswSABSAghkEhcKCHJ0YmhvdXNlGI_w7Z7LMEgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiP8O2eyzBIAFICCGQSFAoFb3BlbngYj_DtnsswSABSAghkEhkKCnVpZGFwaS5jb20Yj_DtnsswSABSAghkEhsKDGlkNS1zeW5jLmNvbRiP8O2eyzBIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8b154cd6a1b7dc8eccd83fc4df4a84a1792e1f66620a5c8713967a021f3a762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9870
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E53D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 12:13:35 GMT
expires
Sun, 26 Nov 2023 12:13:35 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
khaos.jpg
token.rubiconproject.com/ Frame 352B 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame B969 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
prebid-stag.setupad.net/ Frame B2D8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
  • https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=2849534791382142345
86 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=2849534791382142345
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Server
2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxlI1f%2F61sTGvFLMI0YxkbRb9bwepRnOKh%2BsFAAWQ5b42actIcL64M7crSRSF32mQVwqpqURvybkONKH51f%2BKHkkVAGI4MotbXzPoSo%2BSxJq5RFo7PCfvdRLDbh4qBlwiLrHmcQ0h7JfV8X45uaQ0FZ5zFdP"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
cf-ray
770289fbce5b9b52-FRA
content-length
86
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:35 GMT
AN-X-Request-Uuid
e694b567-8420-40a5-85fa-e854b0626a66
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=2849534791382142345
Connection
keep-alive
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.128.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-128-187.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c38245e11f00f6826ccb4c8c3ef34af85bf0766d71ab6900a5a5dd7ba4137a25

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:35 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ibyt.in
cache-control
no-cache
x-server
10.45.1.157
access-control-allow-credentials
true
content-length
60
expires
0
encrypt
esp.rtbhouse.com/ 		221 B
238 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
017d9c861d37e5b932a7d66a0e5da8e808e827cecf9c9a700c138363b9ce071a

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 26 Nov 2022 12:13:35 GMT
via
1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
52409ddd01cf30b88b457649835a745a
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
221
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ibyt.in
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://ibyt.in
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Sat, 26 Nov 2022 12:13:35 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
822087fc1749d49575e9dcfa2420020f
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fibyt.in%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fibyt.in%2F&rid=esp&cc=1
85 B
103 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fibyt.in%2F&rid=esp&cc=1
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
5f7ce83390400735e2aa56dc1c54d6df7f4142a26df770a0e60510da9aee6ad7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:36 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-xIBP0TnNo/js58/bzj8iGlt0rCQ"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ibyt.in
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sat, 26 Nov 2022 12:13:35 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://ibyt.in
location
/esp?url=https%3A%2F%2Fibyt.in%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
syncframe
gum.criteo.com/ Frame 3259 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibyt.in
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 12:13:35 GMT
server
Kestrel
server-processing-duration-in-ticks
402164
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
increment
id5-sync.com/api/esp/ 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ibyt.in
date
Sat, 26 Nov 2022 12:13:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
integrator.js
adservice.google.de/adsid/ Frame 0290 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ibyt.in
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0290 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ibyt.in
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 0290 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1571994321026931&correlator=2816551948915383&eid=44778642&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=147246189%3A22463069023%2Cibyt.in_320x100_mobile_sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x100%7C320x50&ifi=1&adks=1252231767&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_source%3Ds2s%26hb_adid%3D165b89c024a2b4e%26hb_size%3D320x50%26hb_pb%3D0.00%26hb_bidder%3DappnexusS2S&eri=5&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie=ID%3De8e09584c8b004c4%3AT%3D1669464814%3AS%3DALNI_MaGgyc9PMSxhOMVXJfMTd7d6hxNPQ&gpic=UID%3D00000b87a0ba0466%3AT%3D1669464814%3ART%3D1669464814%3AS%3DALNI_MZLFF_60wyYfzkQjQH-4Xl00dJavw&abxe=1&dt=1669464815920&dlt=1669464814740&idt=1149&adxs=324&adys=2486&biw=1600&bih=1200&isw=320&ish=150&scr_x=0&scr_y=0&btvi=1&ucis=v51uyr5mfhwz&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fibyt.in%2F&top=ibyt.in&frm=23&vis=1&psz=320x150&msz=320x0&fws=256&ohw=0&ea=0&ga_vid=2012120483.1669464816&ga_sid=1669464816&ga_hid=553624603&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYj_DtnsswSABSAghkEhkKCnB1YmNpZC5vcmcYj_DtnsswSABSAghkEhcKCHJ0YmhvdXNlGI_w7Z7LMEgAUgIIZBK-AQoOZXNwLmNyaXRlby5jb20SogFTUmw5N0Y5cmFqUkhaMHBFUmtsMFJUUldiWFEzYVVWYVozZHFiM0pFUm1ZeGVGcDBVR2syYkNVeVFuSnlObmhxZEdkbWJUaFhiVzU2WWsxWVdIcENWWEkzZFdoUWJrdDZXRkpEUkZKNVVWbHpObVJTTjFKRlYwRnlkRkZJYTJsVk9TVXlRazQyYWtsMlltaEVhR3B2VDBnbE1rSndOQ1V6UkEYhPLtnsswSAASFAoFb3BlbngYj_DtnsswSABSAghkEhkKCnVpZGFwaS5jb20Yj_DtnsswSABSAghkEhsKDGlkNS1zeW5jLmNvbRiP8O2eyzBIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9349cd94f4467aa61dc329130d2c842e95b80b0663fa9553e6dc7d06d8f70ffc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9578
x-xss-protection
0
google-lineitem-id
342103949
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138303019271
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8354d67ddbda37655270b91d1029e89d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 588C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8354d67ddbda37655270b91d1029e89d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 12:13:35 GMT
expires
Sun, 26 Nov 2023 12:13:35 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sid
mug.criteo.com/ Frame 3259
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=ibyt.in&sn=ChromeSyncframe&so=3&topUrl=ibyt.in&bundle=SRl97F9rajRHZ0pERkl0RTRWbXQ3aUVaZ3dqb3JERmYxeFp0UGk2bCUyQnJyNnhqdGdmbThXbW56Yk1YW...
  • https://mug.criteo.com/sid?cpp=3AHEf3xEK2hnMnVuWWg4NWRyWDMxUlRVSDVoZjdwMVpsWnJPdHYyL2pOeFR5OTZPRmlUT2R6VFI1ckR1dzlTVGxtY3ZrcjA2SzE3dUZDWS9OU0RsNlI3cUsxL21vcG9LVEU3VVlsN1daT3Zkc3lwL3lxcHRGcHI1dXA5YU...
422 B
660 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=3AHEf3xEK2hnMnVuWWg4NWRyWDMxUlRVSDVoZjdwMVpsWnJPdHYyL2pOeFR5OTZPRmlUT2R6VFI1ckR1dzlTVGxtY3ZrcjA2SzE3dUZDWS9OU0RsNlI3cUsxL21vcG9LVEU3VVlsN1daT3Zkc3lwL3lxcHRGcHI1dXA5YUltb2I5RVBRc1Z4dk9PSm11WXo4T0tQV0FoczRwQmNCNG9PTUhaY2VTNXcvbnRueU5BVnpObzZsMjVnZW1XbXprbHN3UWppenhhY2JXWUt5RUhocUZ5Qi9IaTdUczV5RnJqMXlyVWdDWGlPSHplK0FSUkR5VS9Qa0xpbE0zQ1d0bld5am1qNmhQM21YOUtSSkFrL2paa0V6dThUWnlSVGNqVko4VDZmMjk0dElEcVU2QWRPOD18&cppv=2
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
98a4e5030c8869f5bd601f2fc59cae5868d595a521c5440f8f81584320e02695
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:35 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1397769
expires
0

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:35 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=3AHEf3xEK2hnMnVuWWg4NWRyWDMxUlRVSDVoZjdwMVpsWnJPdHYyL2pOeFR5OTZPRmlUT2R6VFI1ckR1dzlTVGxtY3ZrcjA2SzE3dUZDWS9OU0RsNlI3cUsxL21vcG9LVEU3VVlsN1daT3Zkc3lwL3lxcHRGcHI1dXA5YUltb2I5RVBRc1Z4dk9PSm11WXo4T0tQV0FoczRwQmNCNG9PTUhaY2VTNXcvbnRueU5BVnpObzZsMjVnZW1XbXprbHN3UWppenhhY2JXWUt5RUhocUZ5Qi9IaTdUczV5RnJqMXlyVWdDWGlPSHplK0FSUkR5VS9Qa0xpbE0zQ1d0bld5am1qNmhQM21YOUtSSkFrL2paa0V6dThUWnlSVGNqVko4VDZmMjk0dElEcVU2QWRPOD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
702532
content-length
0
expires
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 352B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
um
cs.emxdgt.com/ Frame FDBE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.71.169.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html
date
Sat, 26 Nov 2022 12:13:35 GMT
setuid
prebid-stag.setupad.net/ Frame 0290
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
  • https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=2849534791382142345
86 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=2849534791382142345
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Server
2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hbMbDsUunuTyth%2FPAyF9NxXbt2Jhq0NJ0M70nt%2BGpi0hyu12tkImtUB0sL%2FwHIbDiXwLblhVLrG3x%2F14vtlzDQlpoKwusuuOn8B72%2FCe3XU8NQMYLGhzMN25uDECI%2BM63gf4gw%2FaHScm8wQHD%2BWK7BROQbs"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
cf-ray
770289fc3f509b52-FRA
content-length
86
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:36 GMT
AN-X-Request-Uuid
48ae75b3-12d6-45f0-8510-4d47173e3a22
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=2849534791382142345
Connection
keep-alive
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0290 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb46ef5c134a2956eb7eeac152bb276b4f5f00fbb8b7e16ef31b220a608c923
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10944
x-xss-protection
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 352B
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=j13Rbnf6SieqQgjSSo-Nfw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=j13Rbnf6SieqQgjSSo-Nfw
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=j13Rbnf6SieqQgjSSo-Nfw
Protocol
HTTP/1.1
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2RB29QX7153C2Y97HRJM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=j13Rbnf6SieqQgjSSo-Nfw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 352B 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 26 Nov 2022 12:13:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame 352B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ocDgxT2eT36pjqGobwe2iw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ocDgxT2eT36pjqGobwe2iw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ocDgxT2eT36pjqGobwe2iw
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9M8QAJB5QJEWYPJRA2ER
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ocDgxT2eT36pjqGobwe2iw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame 352B 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 352B
Redirect Chain
  • https://sync.adotmob.com/cookie/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=123034&nid=3956&put=%7Bamob_user_id%7D&expires=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=123034&nid=3956&put=%7Bamob_user_id%7D&expires=1
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=123034&nid=3956&put=%7Bamob_user_id%7D&expires=1
date
Sat, 26 Nov 2022 12:13:36 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 352B
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=7
  • https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7170296786547177618&expires=730
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7170296786547177618&expires=730
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7170296786547177618&expires=730
Date
Sat, 26 Nov 2022 12:13:36 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
token
pixel.rubiconproject.com/ Frame 352B 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=3
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 352B
Redirect Chain
  • https://match.adsby.bidtheatre.com/rubiconmatch
  • https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=ff7276e4-19e5-421f-97a7-2ee381b3b73c
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=ff7276e4-19e5-421f-97a7-2ee381b3b73c
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=ff7276e4-19e5-421f-97a7-2ee381b3b73c
Date
Sat, 26 Nov 2022 12:13:36 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
sodar
pagead2.googlesyndication.com/getconfig/ Frame B2D8 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a2c1feb837205266561469d31cdcd63ed2e2487bcdf580d5d69d8ed23a128e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11035
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0290 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 26 Nov 2022 12:13:36 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B2D8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 26 Nov 2022 12:13:36 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 34DA 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sat, 26 Nov 2022 12:13:36 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
view
securepubads.g.doubleclick.net/pcs/ Frame B36E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_vTjx5D1jqK5yIJkr5rbI22Fmh99wSbtab9Q-YGvshdEjxStnjwE6SI06PYNgPUFT70XgnCkHjiotQrNXB_nB6qDtPP0anNvvamPX9-Ny5zn4-lmJcNv64rAIwcL6dKS1gPrH_kFeVm-O8cM4ED3kllJTZrvKfwnvC5GoeB_tYtA0FyjGkR16-z-zWQP5vLM3qBO2bc0k-xQuIH4g-HdLhShkkixNMIxcrT7s7LI7GvWLkj5Z8JpDKKV_yZLGVP-mtSaNocQHaoOzgDnnB-NMRw0Jo47FSCF7t_Zmyd0qpV4vw_09IG13vGhok-5X6L6QJCXVb3KxSfVr&sai=AMfl-YQQ0JtoNrtoeT2l7p-Y0bhUaa7dzouXSrwdAQVV1pNIouznv7PeoHQjwgAeqIY3TC9TYEzfVCG8Ki8Ar5M0-GnGkejIDCpfAbWmlAVilRUshG1ACoUCIelmhJRgQa-VIg&sig=Cg0ArKJSzFByhzJ0JIOcEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
node.php
node.setupad.com/node/ Frame 0290 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 26 Nov 2022 12:13:36 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B36E 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 26 Nov 2022 12:13:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F65B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
869
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 11:59:07 GMT
expires
Sun, 26 Nov 2023 11:59:07 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9B21 		783 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b7bd13de967af6b55b81135b61b1f1a8d85dc529274f1a540529eb5bec85d1cc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mq6_PmuESUO34IDkjPFDDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-mq6_PmuESUO34IDkjPFDDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 12:13:36 GMT
expires
Sat, 26 Nov 2022 12:13:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B707 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
869
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 11:59:07 GMT
expires
Sun, 26 Nov 2023 11:59:07 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 467D 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
42c244a1d4667e05b47b8dc1c000b8c4f1361156a75d220739126b4a08668fab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xSPVN9gL0YGfBMwYr6ZG1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-xSPVN9gL0YGfBMwYr6ZG1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 12:13:36 GMT
expires
Sat, 26 Nov 2022 12:13:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ Frame B36E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0572a2ed61969faa91953723b5f166c281b2df9a19d2a8c787e121661b390e7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame B36E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2CL409w-tXv06HMn4zt42IVttBTP_DNOxEShQks7-cmPV6Q3jmTqq2qe3IPDs4W_t2EmwHMse9ccBmYwoTcTd9riRDsmW0-849RCDpjDGopV5RAoJZQjzWHMRvLoqkbhipWQZ1TDVJUgW37DCLOMNBuU2QufdHl-KFlvdjz8rLKJMASjkDbolS2g07oB9syn7HZql-eGzIUARSXwgGFFFJjFGvIK2d0nnMQS40nv3pAqWYVDgca3esCJ1-NjDC-3NFnR_Ik_CSMlO1NHbdp6do8FHRT8KfeA4y2Dqg8yAF4kXGh8yvWOJoRe2PZG-IrXUoLyCrorB8f1OJvc&sai=AMfl-YTUXJGHPQX_sK5v6qSJAQteTT7WZTfVBZkZsCAiHrEabcaCTtzAgROzz1473YQDQtzx3Et_unK27MrE9xTjQqYiewj6y2-yRkgb0m2fW8eWmgvKRMNw5Q3WDq22vzlwdg&sig=Cg0ArKJSzMfDNDSQ3N9OEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 26 Nov 2022 12:13:36 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
695de01446dcdc2f5f5682ffe63c3e3ea71d38c0d5db3ba46e924ac0fc7ab06f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11243
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 467D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=2121899034835271&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 9B21 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=1571994321026931&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame B707 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 16:51:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16085
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Nov 2023 16:51:09 GMT
HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame F65B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 16:51:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16085
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Nov 2023 16:51:09 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 26 Nov 2022 12:13:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4A42 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
869
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 11:59:07 GMT
expires
Sun, 26 Nov 2023 11:59:07 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 12A1 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f2f3daa7747d89d5ab9e62ff6b467767026c9dce64b745953be6a9648ce1b8ab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VItoWKy2QoLKmzI994B3PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-VItoWKy2QoLKmzI994B3PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 12:13:36 GMT
expires
Sat, 26 Nov 2022 12:13:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame 4A42 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 16:51:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16085
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Nov 2023 16:51:09 GMT
generate_204
tpc.googlesyndication.com/ Frame F65B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?hl5_FQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame B707 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?M6_kOA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 12A1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=1012180065589750&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 4A42 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?egHntg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
container.html
90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 826C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 12:13:35 GMT
expires
Sun, 26 Nov 2023 12:13:35 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1FB7 		624 B
670 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhiM59DZATAB&v=APEucNVvjGyMRIcF1m4ptZ-FDQLj3YIzhfISj_t9HG04BGdFYevDTFcDTO8c5GzajjnGyqMa0M0iQ4CMfjlv1N5_AGcI03m-6EGOv7HSRd7gzEI6GNvW3WGmyKocnXao0lHRF4EXbm4n9xpP3UtwSKaRnthyIjHKg63gm1jX-G2GscMmRiNGsVcGAVuMk6-dkGR5t7_jX5r-dZ9dotgkOc3CnjIC2J-EYg
Requested by
Host: 90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com
URL: https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 12:13:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 826C 		86 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C8nYon35h3S0l8ZJN-EX8R20FLom2V3UduDbALfbLo8MLmDgA8YG9_sdwqryjhkF3Omq82tiG5FzsB_IlqiTUlss2Calle0U9YqytjRPV5a_W_v2deDS4mTlQNzIWeZyBLo5fnGXX642nwsJLJwpmpB786gVuOyJOyQ6FdP1teIQTFkSM&dbm_d=AKAmf-CVXHJ60acoOld5fEJQAbSSAugeChxrCs-UlpeXvvhge7Ozfdfr3o9mdn7AGIe1VgnReQWC8L_YCXXVnu12LI9potoeLNHQjS_CGHNLCh8mPT3xgRfHveaDZxF9GmRYVn_Y5I2hbUStJxi2XowCHAgSDqAD6tLQ8SxYF0nBf0IDuc2GRNWMmoJgJ676lCbr-Tm8153KrJrwIIPv1PlN8sn4zMjw8jBSpTtPH3eodDcNiDdc53PPqOijZSDcWI2zYCM8-vw3d6edklwAOZ4kBTvXWZmMSxX_jGyV1GDkmS2-5-_3OHuP0hLyvMXyO1he_OlUNTYrBglce40GoKp-Ie1ixVDoYem7Hp8s9HYvdvoQ2kjUnbLzPK8W9Hipn7nC640XcEK7uf6wv2CVAxhX_UWJkkFQ1wZWMithoq3bdHgM6Ua5Xdo52HHUqYRmkCG6YkGrz4XsLosu9jp5U9oq4VwvVR6o-gXt8D0UqjmOuZJTKm6MHQZTiZCBxBRwtrHZjOt_hi_ZFW2gI0qO_PzQVB3x_ZIiala9DtxRvgfg1PdPRVVOwmxaFHNqVad1ruFCElw3bV6lnjHnNtMqjYfDbpN_KHxCSHsDltk-i5_grkjR2vcoW-jqyq3XFUyWBUkzOCX2WjFvtyZD62qp4HxyOCAwPODTfdnTbaw3oqZ6a_6Jk_wzB6URiA8_cnHzEovHn8mwBdTL9fHJnMLx_f-NUmqsjopfH3NIJs_2BQBhuoJ_OavDwC83SblYNRG4tqVOv5qBlBq0nsVIe8egvCOmkNnkFQFvINBE9ZX7K_QJ-uZGXEA_YZ_s9Xhjx60bG9oyRZRYKBhBtRn5n3srYFI8qypZNsmdWiMQID3jk-WXRpl2hpBtDQtjzaKAVMfYQOfhs6G7GEzsDaijPifXtZR9QnxepgANZucKIj_SoRWj9FWEaepiqP4oUXhpq8kYpxtEXZ80avlDG9JHoBsCjmXZZoXQIJw5-dIegPSSGodUx9XTdLjC1nDpv4NkwAYboShfTQ1FHNxkpC0XFCEdBJ-qT4bBqwEDjFdOMtm_WFau3OjZWMbDdJK4rXE21R56GR5HqU6LfHMDi4uuvwAUYjyI3go2dk7uO0mZRmb0a8qxfmPLcgPNM3UwRn-jATdms0bP2wQPZqdxCtljXCD4p8KeHtkZeZAp4coTqgyursVbBKr8qmkoowHYX2N2nUMaledgoFIKWl-dK2aAebOK5DQhOGgLr1B4bS0QIxTtnlloKNzcmE_TwLcsn1u1wktc55PBOY3dweiaiVj9G7NYCwOrqg3gXq1L0Sm7dL5QjFizZtb8qrdFuH4ys9PH6Od_Xy6q0JyPVQxmmPe-JEwTQ2z_vn-h7mtBNBoaHyJTDRr2SxoqxpQR77fH2Dm_t7TrGyY1Z4Ak3kRC0L8-4MleU0ESMw51fW-GkmWfIJqU6lEzBHenJkvjSvbxIfA3GeCFIvDIXHk300kNubN3cSSJdzqoRXAqyepfy2qIYtjYJO75_mLq3Hlt5YrRY0g8CoIdgx6WurUvIu6TSrjYodz8l09jWufg0n_qNBoi3eAITBps8ToBdjelPSIHD8-TaqJ_6tIaQgoIWhefgNqmD6DRla0OJ0RkzMmV9dmxu1kkukG_yKx0Tq6v5w5zR1qPuF-Nd0uD83n80k0r9IRmrP_YMUk-T3pUiXZAVQL0QSsGTbU-qa6XTg_mKOAZ7blUefMWwzFAqjQSejKel9OYV_6YdSvQ49kl9HgrJF7PY8qOjHKxkmSciGBB9tcF6pNEgWISOz6pwSU16jfFKXtUO_nVSbSXDtKCEr_O17HXO9vac9hQtKqj0PoBUKAMLPaE7bBYSTOeRMufOU4lVnDDL6WTt512pVW4iom6wGRgN_cBDUBzRXLAI1mbZ6lSZiQ3uegzvHfnicaGioV_AqyBwNhz3CUV2HxfTx8b-7O2x4wfWJbRFhCpNVEcWMMFJrhNenmn5naqkTU76UOFRBKtmnzoy82MYk9viNMxFQ0Y2DOidFpREkyhGgxZGD0XwKI0B2hxeXolEfwWjpH06lRqoWCcuA7hh6xyxSrdet9afBGUknptTii0vYuUjOLjSZAaqyxSDkEjcnpd2GJHZWGIoQFjdmNxqhLYJtrCVJ8a7oNmVfyxoggtkoohv8TFt7XcQdA65dppNN7Jvb23CDTI7-5Xr2ttHPNPaLg9lXoIOlJguVfgqWEej5aqx5dt5hQz6G-V-AZRsTgdtNSlSCgitsFF9Ing4OHXOXFGGnYaA-sYePcQoiY4KabbYRs6SAwW6MTPh2z68qHN4xt2SgYrwr4dlbtIu4zyisyAI0R8X2GqAuz-YbzOMCJxFl-ZDC2pDzxPAStLe9CkNvQ7Ngi8_J3_Nicl0n3N-1CkUmPUr-UVRAVu478J_M0oouakrMPkR9FFviQObUfesNPfd3Z6S4D49NUm6_sOUjf2cDLtD_KuD8WUBh8t1G9JylOdRCRQXFC_WBby8k_M4n4eweXDMEga7Bmyw80U2RbTfXIKsUK2d_PyTmNk7833gW9C8EW_9F4H2fag5LNJe58h14hnDoSkw3ELXr5H0Edq9VSaqsn8vXMyy0zH2w-AspMU4XY07WuzlHVpw-o3tyh8CLEcSeQKi-KL1VYQEfPQqyM3DdKWPN1AbUVFTBU7ghkluWxEM2q_Mj0x-HE6MgQ1xTPRhwF5YLrcA2M1axQSsDI8yRWJ1xoTLJc7kWKjA8TOX7XNCx16ex25AU3-xI9_tHT4xiYDqQiLt_IeoYLzQ3cGZH4S8Vmjn0uVNydX6y3Ez4SOfgTTixMF3e2S4-4TzfVAWR4PIwhddpY3pw5CDvMUS_Em5qyfMnHQvt4NFwDGm190P_nwqzuX8g4ios4CSn9psjp2r8zXrzRSpT66bdXoxZnnxXKWF1WYfpLJ8e3N1sGDK95MB1ZBaySl0zk1w_-I5noOMCdgF5d3bJWWWB-TZ4O5oUBm3w0ocItPi9As_E3s_w5HYnfJsxeKgURXs0EAxIrQLctDZXY_ovjTIc8kDBLpzrM9fIhkkOUzvUZXJ2i7n4vBt9jRm4dmwqdomiv8jvgSCO23tCpBwNutwiU-xGlX07sPRp0i-97R9nhePMFrSP5hlYwFUQSSOcgwpd0pZ6a97tqtamkGwzrfXoGHOIwltSZ3zb80MzsgmmG2kZnToFm1ydrw-Bgfb3MG11b40Ubm-0WFh0_yRktabfe4EugDN6oxh3I0gcpCR2SKmpWhYxTPCufQCPzmOimZ6lVTQqeYiLn_dg5XuGBWV1nk4ZbNI6Im-YjYyY2cwzpDVLqXwa_PSUaKawB2SSTKEPg2S--k_FLEOZUGOL42a8_9d5jD1aAFYAXzCcYc0AZTreGp5neACjTmt7eB0QwRVrhLBFH6HKT8lHJPhochhhpKssUPRngqWenl2fRaJQTqO2cHM3G_RJEldwh6q-aGn0zlNkNjPZniFLub-lFTBOUs_ruCXo9KBY6deP3904nqQ582z5kYzyPqol_O_H67QelJq9SxeFGPcDIYSxTZRWZIc_Rfl1iZpzsLa06tCb4&cid=CAQSPADq26N9mvOqE9MYhc0GDcMlyyyM7TK0wk1mxQ2c6FUc6VSvf-gnzcxfn5LeOiS6PKexlTnuv6-Qar7XjxgBIBM&rfl=3%2Chttps%253A%252F%252Fibyt.in%242%2C%2Chttps%253A%252F%252Fibyt.in%252F%240
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ed02d70bfb264d5c13be5d7ab6f5ebc4c83722dc197d4c07266ce2072f760e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35315
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 826C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DKndYP0DspZ1XFU7X3gXfgdqA9j_IoXFTBr_UpHpzt5fjcNLEFoPP0MiNDhEeeNCo4jFBk2BiUb6dOC5c5UiOu--ghoqiVd4hdGE3ht22HOPmT9o8
Requested by
Host: 90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com
URL: https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 826C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com
URL: https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 08:31:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
13338
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 08:31:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 826C 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com
URL: https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 12:23:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
85789
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Dec 2022 12:23:48 GMT
l
www.google.com/ads/measurement/ Frame 826C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS2Lo4bYzPCEOa2txfFb6L_Qu2zeUjddTVUZdN0dN2B443KeP1nPXsvBSe7yIXc2Eg_qtwDBMAujUAqxsbR29Doqn1DSA
Requested by
Host: 90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com
URL: https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 826C 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com
URL: https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 26 Nov 2022 12:13:37 GMT
rum
dsum-sec.casalemedia.com/ Frame 1FB7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWg-Qf7HpfDMFMmoWR52T4&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWg-Qf7HpfDMFMmoWR52T4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhiM59DZATAB&v=APEucNVvjGyMRIcF1m4ptZ-FDQLj3YIzhfISj_t9HG04BGdFYevDTFcDTO8c5GzajjnGyqMa0M0iQ4CMfjlv1N5_AGcI03m-6EGOv7HSRd7gzEI6GNvW3WGmyKocnXao0lHRF4EXbm4n9xpP3UtwSKaRnthyIjHKg63gm1jX-G2GscMmRiNGsVcGAVuMk6-dkGR5t7_jX5r-dZ9dotgkOc3CnjIC2J-EYg
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWg-Qf7HpfDMFMmoWR52T4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1FB7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4IC74CYDYWqBhvvNmCcvQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWg-Qf7HpfDMFMmoWR52T4&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWg-Qf7HpfDMFMmoWR52T4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhiM59DZATAB&v=APEucNVvjGyMRIcF1m4ptZ-FDQLj3YIzhfISj_t9HG04BGdFYevDTFcDTO8c5GzajjnGyqMa0M0iQ4CMfjlv1N5_AGcI03m-6EGOv7HSRd7gzEI6GNvW3WGmyKocnXao0lHRF4EXbm4n9xpP3UtwSKaRnthyIjHKg63gm1jX-G2GscMmRiNGsVcGAVuMk6-dkGR5t7_jX5r-dZ9dotgkOc3CnjIC2J-EYg
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWg-Qf7HpfDMFMmoWR52T4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 1FB7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEB11I-nesOh8ww2iMJ1ql1w&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEB11I-nesOh8ww2iMJ1ql1w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhiM59DZATAB&v=APEucNVvjGyMRIcF1m4ptZ-FDQLj3YIzhfISj_t9HG04BGdFYevDTFcDTO8c5GzajjnGyqMa0M0iQ4CMfjlv1N5_AGcI03m-6EGOv7HSRd7gzEI6GNvW3WGmyKocnXao0lHRF4EXbm4n9xpP3UtwSKaRnthyIjHKg63gm1jX-G2GscMmRiNGsVcGAVuMk6-dkGR5t7_jX5r-dZ9dotgkOc3CnjIC2J-EYg
Protocol
HTTP/1.1
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:37 GMT
AN-X-Request-Uuid
7f08326a-2b48-4497-beed-8f04cdcb1112
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEB11I-nesOh8ww2iMJ1ql1w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1FB7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjg0OTUzNDc5MTM4MjE0MjM0NQ%3D%3D
170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjg0OTUzNDc5MTM4MjE0MjM0NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhiM59DZATAB&v=APEucNVvjGyMRIcF1m4ptZ-FDQLj3YIzhfISj_t9HG04BGdFYevDTFcDTO8c5GzajjnGyqMa0M0iQ4CMfjlv1N5_AGcI03m-6EGOv7HSRd7gzEI6GNvW3WGmyKocnXao0lHRF4EXbm4n9xpP3UtwSKaRnthyIjHKg63gm1jX-G2GscMmRiNGsVcGAVuMk6-dkGR5t7_jX5r-dZ9dotgkOc3CnjIC2J-EYg
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:37 GMT
AN-X-Request-Uuid
c156082f-b83c-449e-99bb-6ffe61aca20d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjg0OTUzNDc5MTM4MjE0MjM0NQ%3D%3D
Connection
keep-alive
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_obb_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 826C 		119 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/
Origin
https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 19:13:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61187
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42405
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 26 Nov 2022 19:13:50 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 826C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C8nYon35h3S0l8ZJN-EX8R20FLom2V3UduDbALfbLo8MLmDgA8YG9_sdwqryjhkF3Omq82tiG5FzsB_IlqiTUlss2Calle0U9YqytjRPV5a_W_v2deDS4mTlQNzIWeZyBLo5fnGXX642nwsJLJwpmpB786gVuOyJOyQ6FdP1teIQTFkSM&dbm_d=AKAmf-CVXHJ60acoOld5fEJQAbSSAugeChxrCs-UlpeXvvhge7Ozfdfr3o9mdn7AGIe1VgnReQWC8L_YCXXVnu12LI9potoeLNHQjS_CGHNLCh8mPT3xgRfHveaDZxF9GmRYVn_Y5I2hbUStJxi2XowCHAgSDqAD6tLQ8SxYF0nBf0IDuc2GRNWMmoJgJ676lCbr-Tm8153KrJrwIIPv1PlN8sn4zMjw8jBSpTtPH3eodDcNiDdc53PPqOijZSDcWI2zYCM8-vw3d6edklwAOZ4kBTvXWZmMSxX_jGyV1GDkmS2-5-_3OHuP0hLyvMXyO1he_OlUNTYrBglce40GoKp-Ie1ixVDoYem7Hp8s9HYvdvoQ2kjUnbLzPK8W9Hipn7nC640XcEK7uf6wv2CVAxhX_UWJkkFQ1wZWMithoq3bdHgM6Ua5Xdo52HHUqYRmkCG6YkGrz4XsLosu9jp5U9oq4VwvVR6o-gXt8D0UqjmOuZJTKm6MHQZTiZCBxBRwtrHZjOt_hi_ZFW2gI0qO_PzQVB3x_ZIiala9DtxRvgfg1PdPRVVOwmxaFHNqVad1ruFCElw3bV6lnjHnNtMqjYfDbpN_KHxCSHsDltk-i5_grkjR2vcoW-jqyq3XFUyWBUkzOCX2WjFvtyZD62qp4HxyOCAwPODTfdnTbaw3oqZ6a_6Jk_wzB6URiA8_cnHzEovHn8mwBdTL9fHJnMLx_f-NUmqsjopfH3NIJs_2BQBhuoJ_OavDwC83SblYNRG4tqVOv5qBlBq0nsVIe8egvCOmkNnkFQFvINBE9ZX7K_QJ-uZGXEA_YZ_s9Xhjx60bG9oyRZRYKBhBtRn5n3srYFI8qypZNsmdWiMQID3jk-WXRpl2hpBtDQtjzaKAVMfYQOfhs6G7GEzsDaijPifXtZR9QnxepgANZucKIj_SoRWj9FWEaepiqP4oUXhpq8kYpxtEXZ80avlDG9JHoBsCjmXZZoXQIJw5-dIegPSSGodUx9XTdLjC1nDpv4NkwAYboShfTQ1FHNxkpC0XFCEdBJ-qT4bBqwEDjFdOMtm_WFau3OjZWMbDdJK4rXE21R56GR5HqU6LfHMDi4uuvwAUYjyI3go2dk7uO0mZRmb0a8qxfmPLcgPNM3UwRn-jATdms0bP2wQPZqdxCtljXCD4p8KeHtkZeZAp4coTqgyursVbBKr8qmkoowHYX2N2nUMaledgoFIKWl-dK2aAebOK5DQhOGgLr1B4bS0QIxTtnlloKNzcmE_TwLcsn1u1wktc55PBOY3dweiaiVj9G7NYCwOrqg3gXq1L0Sm7dL5QjFizZtb8qrdFuH4ys9PH6Od_Xy6q0JyPVQxmmPe-JEwTQ2z_vn-h7mtBNBoaHyJTDRr2SxoqxpQR77fH2Dm_t7TrGyY1Z4Ak3kRC0L8-4MleU0ESMw51fW-GkmWfIJqU6lEzBHenJkvjSvbxIfA3GeCFIvDIXHk300kNubN3cSSJdzqoRXAqyepfy2qIYtjYJO75_mLq3Hlt5YrRY0g8CoIdgx6WurUvIu6TSrjYodz8l09jWufg0n_qNBoi3eAITBps8ToBdjelPSIHD8-TaqJ_6tIaQgoIWhefgNqmD6DRla0OJ0RkzMmV9dmxu1kkukG_yKx0Tq6v5w5zR1qPuF-Nd0uD83n80k0r9IRmrP_YMUk-T3pUiXZAVQL0QSsGTbU-qa6XTg_mKOAZ7blUefMWwzFAqjQSejKel9OYV_6YdSvQ49kl9HgrJF7PY8qOjHKxkmSciGBB9tcF6pNEgWISOz6pwSU16jfFKXtUO_nVSbSXDtKCEr_O17HXO9vac9hQtKqj0PoBUKAMLPaE7bBYSTOeRMufOU4lVnDDL6WTt512pVW4iom6wGRgN_cBDUBzRXLAI1mbZ6lSZiQ3uegzvHfnicaGioV_AqyBwNhz3CUV2HxfTx8b-7O2x4wfWJbRFhCpNVEcWMMFJrhNenmn5naqkTU76UOFRBKtmnzoy82MYk9viNMxFQ0Y2DOidFpREkyhGgxZGD0XwKI0B2hxeXolEfwWjpH06lRqoWCcuA7hh6xyxSrdet9afBGUknptTii0vYuUjOLjSZAaqyxSDkEjcnpd2GJHZWGIoQFjdmNxqhLYJtrCVJ8a7oNmVfyxoggtkoohv8TFt7XcQdA65dppNN7Jvb23CDTI7-5Xr2ttHPNPaLg9lXoIOlJguVfgqWEej5aqx5dt5hQz6G-V-AZRsTgdtNSlSCgitsFF9Ing4OHXOXFGGnYaA-sYePcQoiY4KabbYRs6SAwW6MTPh2z68qHN4xt2SgYrwr4dlbtIu4zyisyAI0R8X2GqAuz-YbzOMCJxFl-ZDC2pDzxPAStLe9CkNvQ7Ngi8_J3_Nicl0n3N-1CkUmPUr-UVRAVu478J_M0oouakrMPkR9FFviQObUfesNPfd3Z6S4D49NUm6_sOUjf2cDLtD_KuD8WUBh8t1G9JylOdRCRQXFC_WBby8k_M4n4eweXDMEga7Bmyw80U2RbTfXIKsUK2d_PyTmNk7833gW9C8EW_9F4H2fag5LNJe58h14hnDoSkw3ELXr5H0Edq9VSaqsn8vXMyy0zH2w-AspMU4XY07WuzlHVpw-o3tyh8CLEcSeQKi-KL1VYQEfPQqyM3DdKWPN1AbUVFTBU7ghkluWxEM2q_Mj0x-HE6MgQ1xTPRhwF5YLrcA2M1axQSsDI8yRWJ1xoTLJc7kWKjA8TOX7XNCx16ex25AU3-xI9_tHT4xiYDqQiLt_IeoYLzQ3cGZH4S8Vmjn0uVNydX6y3Ez4SOfgTTixMF3e2S4-4TzfVAWR4PIwhddpY3pw5CDvMUS_Em5qyfMnHQvt4NFwDGm190P_nwqzuX8g4ios4CSn9psjp2r8zXrzRSpT66bdXoxZnnxXKWF1WYfpLJ8e3N1sGDK95MB1ZBaySl0zk1w_-I5noOMCdgF5d3bJWWWB-TZ4O5oUBm3w0ocItPi9As_E3s_w5HYnfJsxeKgURXs0EAxIrQLctDZXY_ovjTIc8kDBLpzrM9fIhkkOUzvUZXJ2i7n4vBt9jRm4dmwqdomiv8jvgSCO23tCpBwNutwiU-xGlX07sPRp0i-97R9nhePMFrSP5hlYwFUQSSOcgwpd0pZ6a97tqtamkGwzrfXoGHOIwltSZ3zb80MzsgmmG2kZnToFm1ydrw-Bgfb3MG11b40Ubm-0WFh0_yRktabfe4EugDN6oxh3I0gcpCR2SKmpWhYxTPCufQCPzmOimZ6lVTQqeYiLn_dg5XuGBWV1nk4ZbNI6Im-YjYyY2cwzpDVLqXwa_PSUaKawB2SSTKEPg2S--k_FLEOZUGOL42a8_9d5jD1aAFYAXzCcYc0AZTreGp5neACjTmt7eB0QwRVrhLBFH6HKT8lHJPhochhhpKssUPRngqWenl2fRaJQTqO2cHM3G_RJEldwh6q-aGn0zlNkNjPZniFLub-lFTBOUs_ruCXo9KBY6deP3904nqQ582z5kYzyPqol_O_H67QelJq9SxeFGPcDIYSxTZRWZIc_Rfl1iZpzsLa06tCb4&cid=CAQSPADq26N9mvOqE9MYhc0GDcMlyyyM7TK0wk1mxQ2c6FUc6VSvf-gnzcxfn5LeOiS6PKexlTnuv6-Qar7XjxgBIBM&rfl=3%2Chttps%253A%252F%252Fibyt.in%242%2C%2Chttps%253A%252F%252Fibyt.in%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:55:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
1097
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 11:55:20 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 826C 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C8nYon35h3S0l8ZJN-EX8R20FLom2V3UduDbALfbLo8MLmDgA8YG9_sdwqryjhkF3Omq82tiG5FzsB_IlqiTUlss2Calle0U9YqytjRPV5a_W_v2deDS4mTlQNzIWeZyBLo5fnGXX642nwsJLJwpmpB786gVuOyJOyQ6FdP1teIQTFkSM&dbm_d=AKAmf-CVXHJ60acoOld5fEJQAbSSAugeChxrCs-UlpeXvvhge7Ozfdfr3o9mdn7AGIe1VgnReQWC8L_YCXXVnu12LI9potoeLNHQjS_CGHNLCh8mPT3xgRfHveaDZxF9GmRYVn_Y5I2hbUStJxi2XowCHAgSDqAD6tLQ8SxYF0nBf0IDuc2GRNWMmoJgJ676lCbr-Tm8153KrJrwIIPv1PlN8sn4zMjw8jBSpTtPH3eodDcNiDdc53PPqOijZSDcWI2zYCM8-vw3d6edklwAOZ4kBTvXWZmMSxX_jGyV1GDkmS2-5-_3OHuP0hLyvMXyO1he_OlUNTYrBglce40GoKp-Ie1ixVDoYem7Hp8s9HYvdvoQ2kjUnbLzPK8W9Hipn7nC640XcEK7uf6wv2CVAxhX_UWJkkFQ1wZWMithoq3bdHgM6Ua5Xdo52HHUqYRmkCG6YkGrz4XsLosu9jp5U9oq4VwvVR6o-gXt8D0UqjmOuZJTKm6MHQZTiZCBxBRwtrHZjOt_hi_ZFW2gI0qO_PzQVB3x_ZIiala9DtxRvgfg1PdPRVVOwmxaFHNqVad1ruFCElw3bV6lnjHnNtMqjYfDbpN_KHxCSHsDltk-i5_grkjR2vcoW-jqyq3XFUyWBUkzOCX2WjFvtyZD62qp4HxyOCAwPODTfdnTbaw3oqZ6a_6Jk_wzB6URiA8_cnHzEovHn8mwBdTL9fHJnMLx_f-NUmqsjopfH3NIJs_2BQBhuoJ_OavDwC83SblYNRG4tqVOv5qBlBq0nsVIe8egvCOmkNnkFQFvINBE9ZX7K_QJ-uZGXEA_YZ_s9Xhjx60bG9oyRZRYKBhBtRn5n3srYFI8qypZNsmdWiMQID3jk-WXRpl2hpBtDQtjzaKAVMfYQOfhs6G7GEzsDaijPifXtZR9QnxepgANZucKIj_SoRWj9FWEaepiqP4oUXhpq8kYpxtEXZ80avlDG9JHoBsCjmXZZoXQIJw5-dIegPSSGodUx9XTdLjC1nDpv4NkwAYboShfTQ1FHNxkpC0XFCEdBJ-qT4bBqwEDjFdOMtm_WFau3OjZWMbDdJK4rXE21R56GR5HqU6LfHMDi4uuvwAUYjyI3go2dk7uO0mZRmb0a8qxfmPLcgPNM3UwRn-jATdms0bP2wQPZqdxCtljXCD4p8KeHtkZeZAp4coTqgyursVbBKr8qmkoowHYX2N2nUMaledgoFIKWl-dK2aAebOK5DQhOGgLr1B4bS0QIxTtnlloKNzcmE_TwLcsn1u1wktc55PBOY3dweiaiVj9G7NYCwOrqg3gXq1L0Sm7dL5QjFizZtb8qrdFuH4ys9PH6Od_Xy6q0JyPVQxmmPe-JEwTQ2z_vn-h7mtBNBoaHyJTDRr2SxoqxpQR77fH2Dm_t7TrGyY1Z4Ak3kRC0L8-4MleU0ESMw51fW-GkmWfIJqU6lEzBHenJkvjSvbxIfA3GeCFIvDIXHk300kNubN3cSSJdzqoRXAqyepfy2qIYtjYJO75_mLq3Hlt5YrRY0g8CoIdgx6WurUvIu6TSrjYodz8l09jWufg0n_qNBoi3eAITBps8ToBdjelPSIHD8-TaqJ_6tIaQgoIWhefgNqmD6DRla0OJ0RkzMmV9dmxu1kkukG_yKx0Tq6v5w5zR1qPuF-Nd0uD83n80k0r9IRmrP_YMUk-T3pUiXZAVQL0QSsGTbU-qa6XTg_mKOAZ7blUefMWwzFAqjQSejKel9OYV_6YdSvQ49kl9HgrJF7PY8qOjHKxkmSciGBB9tcF6pNEgWISOz6pwSU16jfFKXtUO_nVSbSXDtKCEr_O17HXO9vac9hQtKqj0PoBUKAMLPaE7bBYSTOeRMufOU4lVnDDL6WTt512pVW4iom6wGRgN_cBDUBzRXLAI1mbZ6lSZiQ3uegzvHfnicaGioV_AqyBwNhz3CUV2HxfTx8b-7O2x4wfWJbRFhCpNVEcWMMFJrhNenmn5naqkTU76UOFRBKtmnzoy82MYk9viNMxFQ0Y2DOidFpREkyhGgxZGD0XwKI0B2hxeXolEfwWjpH06lRqoWCcuA7hh6xyxSrdet9afBGUknptTii0vYuUjOLjSZAaqyxSDkEjcnpd2GJHZWGIoQFjdmNxqhLYJtrCVJ8a7oNmVfyxoggtkoohv8TFt7XcQdA65dppNN7Jvb23CDTI7-5Xr2ttHPNPaLg9lXoIOlJguVfgqWEej5aqx5dt5hQz6G-V-AZRsTgdtNSlSCgitsFF9Ing4OHXOXFGGnYaA-sYePcQoiY4KabbYRs6SAwW6MTPh2z68qHN4xt2SgYrwr4dlbtIu4zyisyAI0R8X2GqAuz-YbzOMCJxFl-ZDC2pDzxPAStLe9CkNvQ7Ngi8_J3_Nicl0n3N-1CkUmPUr-UVRAVu478J_M0oouakrMPkR9FFviQObUfesNPfd3Z6S4D49NUm6_sOUjf2cDLtD_KuD8WUBh8t1G9JylOdRCRQXFC_WBby8k_M4n4eweXDMEga7Bmyw80U2RbTfXIKsUK2d_PyTmNk7833gW9C8EW_9F4H2fag5LNJe58h14hnDoSkw3ELXr5H0Edq9VSaqsn8vXMyy0zH2w-AspMU4XY07WuzlHVpw-o3tyh8CLEcSeQKi-KL1VYQEfPQqyM3DdKWPN1AbUVFTBU7ghkluWxEM2q_Mj0x-HE6MgQ1xTPRhwF5YLrcA2M1axQSsDI8yRWJ1xoTLJc7kWKjA8TOX7XNCx16ex25AU3-xI9_tHT4xiYDqQiLt_IeoYLzQ3cGZH4S8Vmjn0uVNydX6y3Ez4SOfgTTixMF3e2S4-4TzfVAWR4PIwhddpY3pw5CDvMUS_Em5qyfMnHQvt4NFwDGm190P_nwqzuX8g4ios4CSn9psjp2r8zXrzRSpT66bdXoxZnnxXKWF1WYfpLJ8e3N1sGDK95MB1ZBaySl0zk1w_-I5noOMCdgF5d3bJWWWB-TZ4O5oUBm3w0ocItPi9As_E3s_w5HYnfJsxeKgURXs0EAxIrQLctDZXY_ovjTIc8kDBLpzrM9fIhkkOUzvUZXJ2i7n4vBt9jRm4dmwqdomiv8jvgSCO23tCpBwNutwiU-xGlX07sPRp0i-97R9nhePMFrSP5hlYwFUQSSOcgwpd0pZ6a97tqtamkGwzrfXoGHOIwltSZ3zb80MzsgmmG2kZnToFm1ydrw-Bgfb3MG11b40Ubm-0WFh0_yRktabfe4EugDN6oxh3I0gcpCR2SKmpWhYxTPCufQCPzmOimZ6lVTQqeYiLn_dg5XuGBWV1nk4ZbNI6Im-YjYyY2cwzpDVLqXwa_PSUaKawB2SSTKEPg2S--k_FLEOZUGOL42a8_9d5jD1aAFYAXzCcYc0AZTreGp5neACjTmt7eB0QwRVrhLBFH6HKT8lHJPhochhhpKssUPRngqWenl2fRaJQTqO2cHM3G_RJEldwh6q-aGn0zlNkNjPZniFLub-lFTBOUs_ruCXo9KBY6deP3904nqQ582z5kYzyPqol_O_H67QelJq9SxeFGPcDIYSxTZRWZIc_Rfl1iZpzsLa06tCb4&cid=CAQSPADq26N9mvOqE9MYhc0GDcMlyyyM7TK0wk1mxQ2c6FUc6VSvf-gnzcxfn5LeOiS6PKexlTnuv6-Qar7XjxgBIBM&rfl=3%2Chttps%253A%252F%252Fibyt.in%242%2C%2Chttps%253A%252F%252Fibyt.in%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 16:51:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
69746
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Dec 2022 16:51:11 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 826C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com
URL: https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 23:12:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46876
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Nov 2023 23:12:21 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5611 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com
URL: https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5371
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 10:44:06 GMT
etag
48472445140208031
expires
Sun, 27 Nov 2022 10:44:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 826C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
21e6bfc83498c62890f327e8f92bf68023a612e85e9959e3a821e492ee764be8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 691C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
85786
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 25 Nov 2022 12:23:51 GMT
expires
Sat, 25 Nov 2023 12:23:51 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/ Frame 3E0C 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adfd9abdf1e730ad6754449aff9cded17d264445eeee4aa6dc4eb8d33bcb19bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
442578
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1505
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 21 Nov 2022 09:17:19 GMT
expires
Tue, 21 Nov 2023 09:17:19 GMT
last-modified
Thu, 17 Nov 2022 09:33:04 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 826C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuXQztaSblZs7ZRyLiNA24TZFRWIXuyitO5EAjhr3F-ByXF0sCS5IJpYa1cnfz6IblaLq9jJGIRxGsKkriU6kgdknNABh0i7NH3mU0KF95ZBJu5TvuXOdayEmXXh2m4Ek47La1n-NPl1LTG6Icod90rFEQ7qfNL0980Lttdu2qt4T_A9iFmHZMWpYRHOrzs3Iv0L9v5gTkYnowFzO9oYRd_Ix9wsk1CdJdwa9sDZJOd1syOuIDNrbH68BCy3VQ74sclcrkOKEeBJ7WiEGU4RP1RYS-OK1a7WJbrAB4sq4LRA2r1LhNUz4ktWBkOgOsFwDxc1zfj78JDYZrCj6pJCOLCLF5ba4bgtudEO1Cvpx0daC0ainCZA6w4bQdv1RfuP-GIuryaR2XZcCHwe6icGFn6N1EIg-kLhR1r71FfV46w7EhC4dfPvvp-Ml2q1c58AK3LtHN4tzw9GQBIf0QJOjcpb5XADDRQDiy3zjEWq7t6CW6xV1Kir99xOqrQ0csIxJRJDJsJuNNIgeE8TfGMryO7aegLILPb6tL2lnRrKiSCosyqAFKnpcm70k8uxhVgqDs77eFPou5B34JPSnvjiujWp4r9vUORcTWTFFtnZ7ezKLFRCtcx4O-nOuuuwSJruk_kyGP4OosIGBbHePKI8iVQ3AYDcD4DBcAPKIuOJ99Pvch1XqEPTwgbrPbcVD6471wlnDxyKnznK3yNX6tOsmHxNW0UcvCwVM_PUTLewqzJxGty7T8G_EuK7PSOq8asemgyaKI-cQMLl5L4eA5IS4wZCetpa9vObPK-EzA6xydv_jpmCUiFjcSVLSwwTKK9RE5Dq3J0DmTZbLt_4xFS6m0YP3vz7HOCz1KjsYQMS5mA7Rk4GfkPCv4GH01olIuQT6URXVJIhhO-8jRPSRm-Tx-sSjCL9hwwGk06nX9gqwES_c6hpBarFKFYiC6eSJQVgBo7QZakUGaCMb9XQif3MQo1Ut9MYDztqgvhyzdEfPojjKXPhO9AaJp6MLheXk-R_sAZXGRDORC_Y_R-HvPz3bNJtE4lKDIVb35NOV0HTMtZIlAQ_Rs7rqXIVXnksNX6knNMJQRTyhVfxReNePadKIU1UZQQXSxRSZ-1p7jXm8uAcef7hEvJfueB_HJv9S0PFH63bu5nHIKbNaN5ZQOY87oryBJkCPrhagndJmAyaG_uNPp0UIOAtVM1GUt90iN24iLwZJdXSmvjjiQA-dq7krZOETJ9-JxLxj3sEO9HMNYe0oGWIh0mW23An1p5hzRlEQlskEAQcDV-tolcHYyoOR5CBdc4-Arqmx0aUOES0D7mtfdHzfNIl2rWSxb4EkKvPi9Pm0P5IU4-myIaQHNX&sai=AMfl-YSSr8MLwvsiR1vmLy6UINOwglHwK6JiXId03b6s4BQfMOqlufjUMqIBeY1IbNEXU0avBU4bt1bCyugQYAFXBeYCfwgjUeqt6TnHE2E7VfNVwS5XCwvtYyLQHBIhNmIGx6944N3H5MfeIV_6s4ffRgbcE8E4aI6r_Sw2jiilzRDAvks-JuUs59v_zx9kDX4bfgpyyO-Xpv-pH2kFKT0zNErN4jr1PIdd_SYyPJicHwafyadNk5GUYMVRra4mZe5uqLKkBP7lqVcfwEsIqgOWCu_tRz3zcEBLkJJSREo&sig=Cg0ArKJSzEQXh8FRg9GoEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=119&cbvp=1&cstd=115&cisv=r20221110.08602&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 26 Nov 2022 12:13:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 26 Nov 2022 12:13:37 GMT
pixel
cm.g.doubleclick.net/ Frame 5611
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELM3wHqCe7jPXs5xUilV2hY&google_cver=1&google_push=ASkJ3FbSXo5pJDgUmu-FfflfjwG2pMki2_FjKcbOw6YUuCHfaAg4vtWTOUsQIzv5HawU9LA0pGz6LeZY...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELM3wHqCe7jPXs5xUilV2hY&google_cver=1&google_push=ASkJ3FbSXo5pJDgUmu-FfflfjwG2pMki2_FjKcbOw6YUuCHfaAg4vtWTOUsQIzv5HawU9LA0pGz...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM2NzkzNjk1MTA2OTcxNDk0OA&google_push=ASkJ3FbSXo5pJDgUmu-FfflfjwG2pMki2_FjKcbOw6YUuCHfaAg4vtWTOUsQIzv5HawU9LA0pGz6Le...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM2NzkzNjk1MTA2OTcxNDk0OA&google_push=ASkJ3FbSXo5pJDgUmu-FfflfjwG2pMki2_FjKcbOw6YUuCHfaAg4vtWTOUsQIzv5HawU9LA0pGz6LeZYvwdZoB9ZjbXWMqqxJA
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM2NzkzNjk1MTA2OTcxNDk0OA&google_push=ASkJ3FbSXo5pJDgUmu-FfflfjwG2pMki2_FjKcbOw6YUuCHfaAg4vtWTOUsQIzv5HawU9LA0pGz6LeZYvwdZoB9ZjbXWMqqxJA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 5611
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPPswNaFmLEuQS16NDWBT5g&google_cver=1&google_push=ASkJ3FakeLgm88Ib2_Y4ulVo_bRTcsqLBKlpAKQodN9voVpbuIlEVczf2-0WC58DrzPwf1mX_19...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFYVzhYRlQtNi05MTcx&google_push=ASkJ3FakeLgm88Ib2_Y4ulVo_bRTcsqLBKlpAKQodN9voVpbuIlEVczf2-0WC58DrzPwf1mX_19PQn-BrrfAlJFNFvioIzxSzg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFYVzhYRlQtNi05MTcx&google_push=ASkJ3FakeLgm88Ib2_Y4ulVo_bRTcsqLBKlpAKQodN9voVpbuIlEVczf2-0WC58DrzPwf1mX_19PQn-BrrfAlJFNFvioIzxSzg
Requested by
Host: 90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com
URL: https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFYVzhYRlQtNi05MTcx&google_push=ASkJ3FakeLgm88Ib2_Y4ulVo_bRTcsqLBKlpAKQodN9voVpbuIlEVczf2-0WC58DrzPwf1mX_19PQn-BrrfAlJFNFvioIzxSzg
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame 5611
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELRrCEOHMeFQPhX0K33PqRw&google_cver=1&google_push=ASkJ3FY_atm1fNKQKUbstGcGFr8ZQKD6pB5c2LFtfeNk4IJyIS5lf8-wYMIqiIoQe_qGkBcZKCw_1Pb9BLcTcSPH...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FY_atm1fNKQKUbstGcGFr8ZQKD6pB5c2LFtfeNk4IJyIS5lf8-wYMIqiIoQe_qGkBcZKCw_1Pb9BLcTcSPHqKYCWNclfos
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FY_atm1fNKQKUbstGcGFr8ZQKD6pB5c2LFtfeNk4IJyIS5lf8-wYMIqiIoQe_qGkBcZKCw_1Pb9BLcTcSPHqKYCWNclfos
Requested by
Host: 90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com
URL: https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 26 Nov 2022 12:13:37 GMT
via
1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FY_atm1fNKQKUbstGcGFr8ZQKD6pB5c2LFtfeNk4IJyIS5lf8-wYMIqiIoQe_qGkBcZKCw_1Pb9BLcTcSPHqKYCWNclfos
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
RlLCJL0g9HZyh-PsqCgLukzNUJPktDhPFh9lJciyHHZmS73eviBdow==
/
cc.adingo.jp/adx/push/ Frame 5611 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEK8hNkuvijlfjyHcDA-QCm0&google_cver=1&google_push=ASkJ3FbRP0ls6Kpfz3PNslemQbqZtf-SKq8S2n0kqC11gqwZB9asGFoKrrUMWHS6khTn7NXp7AJuQQkEaHMH6hLqAK4olsw7mw
Requested by
Host: 90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com
URL: https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.193.245.250 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-193-245-250.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:38 GMT
server
awselb/2.0
pixel
cm.g.doubleclick.net/ Frame 5611
Redirect Chain
  • https://ads.avads.net/sync/ggl?google_gid=CAESEFOIzlcy096XuqogqxOsPYs&google_cver=1&google_push=ASkJ3Fb-wzPJONSo7nMl-NCGbzQ--C2YWsoC444adkOxm8XAEuU7z79KdyXDSI0wcLMqYYoBZC0dP_oVjnbKi60rNGJcluLh-Mba
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NThlNGE2YjAtOTBmMi00ZDlhLWE2NGYtNTJlYzQyY2U2OWU2&google_push=ASkJ3Fb-wzPJONSo7nMl-NCGbzQ--C2YWsoC444adkOxm8XAEuU7z79KdyXDSI0wcLMqYYo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NThlNGE2YjAtOTBmMi00ZDlhLWE2NGYtNTJlYzQyY2U2OWU2&google_push=ASkJ3Fb-wzPJONSo7nMl-NCGbzQ--C2YWsoC444adkOxm8XAEuU7z79KdyXDSI0wcLMqYYoBZC0dP_oVjnbKi60rNGJcluLh-Mba
Requested by
Host: 90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com
URL: https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NThlNGE2YjAtOTBmMi00ZDlhLWE2NGYtNTJlYzQyY2U2OWU2&google_push=ASkJ3Fb-wzPJONSo7nMl-NCGbzQ--C2YWsoC444adkOxm8XAEuU7z79KdyXDSI0wcLMqYYoBZC0dP_oVjnbKi60rNGJcluLh-Mba
date
Sat, 26 Nov 2022 12:13:36 GMT
x-envoy-upstream-service-time
2
server
istio-envoy
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5611
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEKtBwfuJn_ggojnAYYEn_ac&google_cver=1&google_push=ASkJ3FaV851dtO8hWGxIKNvwV2-hhYxH4wW_4TdrDULC71G72uhzfKBZ9xq2kYzJCqYwHXVbPGy1q...
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEKtBwfuJn_ggojnAYYEn_ac&google_push=ASkJ3FaV851dtO8hWGxIKNvwV2-hhYxH4wW_4TdrDULC71G72uhzfKBZ9xq2kYzJCqYwHXVbPGy1q...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FaV851dtO8hWGxIKNvwV2-hhYxH4wW_4TdrDULC71G72uhzfKBZ9xq2kYzJCqYwHXVbPGy1qqCxcokHDAJAx80CAODX5qI&google_hm=bEs1cElHbFh0U1JfW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FaV851dtO8hWGxIKNvwV2-hhYxH4wW_4TdrDULC71G72uhzfKBZ9xq2kYzJCqYwHXVbPGy1qqCxcokHDAJAx80CAODX5qI&google_hm=bEs1cElHbFh0U1JfWV9rSVp3SWc=
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:38 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FaV851dtO8hWGxIKNvwV2-hhYxH4wW_4TdrDULC71G72uhzfKBZ9xq2kYzJCqYwHXVbPGy1qqCxcokHDAJAx80CAODX5qI&google_hm=bEs1cElHbFh0U1JfWV9rSVp3SWc=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
239
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5611
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESELM4Cam7MNeHUe_tqibihG0&google_cver=1&google_push=ASkJ3FYcs8_fiM_m64Rc-5Cj4RaLfDotiMZtEvr62Usfy8rkhh9t44HhqJwICrw8GOyT9HrVH8tq-CBAnABVUNQBmJq2D2Kp9CIW
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ASkJ3FYcs8_fiM_m64Rc-5Cj4RaLfDotiMZtEvr62Usfy8rkhh9t44HhqJwICrw8GOyT9HrVH8tq-CBAnABVUNQBmJq2D2Kp9CIW&google_hm=7d7078a378e188...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ASkJ3FYcs8_fiM_m64Rc-5Cj4RaLfDotiMZtEvr62Usfy8rkhh9t44HhqJwICrw8GOyT9HrVH8tq-CBAnABVUNQBmJq2D2Kp9CIW&google_hm=7d7078a378e188442eb433cb63e726c5
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ASkJ3FYcs8_fiM_m64Rc-5Cj4RaLfDotiMZtEvr62Usfy8rkhh9t44HhqJwICrw8GOyT9HrVH8tq-CBAnABVUNQBmJq2D2Kp9CIW&google_hm=7d7078a378e188442eb433cb63e726c5
date
Sat, 26 Nov 2022 12:13:37 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
246
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 5611 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbkHwG9BV_ALVu-2cVSR5E2Ue1d5yfPWfYnCLbrIskFveXWWtSuXCxpvDxIusQ54dBOQ_LYFXf
Requested by
Host: 90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com
URL: https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
styles.css
s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/ Frame 3E0C 		2 KB
796 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9ab7b98ae63cf78b4329333ba77d5dd0b586341fbc4fa108e8a7ed13b5447a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 09:17:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
442578
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
767
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 09:33:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Nov 2023 09:17:19 GMT
meega.png
s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/ Frame 3E0C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/meega.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
202c97d52e7a60b88b4161f89de8e70ed8f3254924d6ea45a3ec3f7e6cd92367
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 09:17:19 GMT
x-content-type-options
nosniff
age
442578
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2417
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 09:33:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Nov 2023 09:17:19 GMT
black.png
s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/ Frame 3E0C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/black.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad36bad4b7f9a3aa4c150d866021b8b3c5e2f33b8618f8c4980df54bbe2cc171
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 09:17:20 GMT
x-content-type-options
nosniff
age
442577
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2476
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 09:33:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Nov 2023 09:17:20 GMT
week.png
s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/ Frame 3E0C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/week.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
239294ad9f5a4cdc3a73d0157ace443e4f7d78d5f39cc8cf7d5150663695e3cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 09:17:20 GMT
x-content-type-options
nosniff
age
442577
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1882
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 09:33:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Nov 2023 09:17:20 GMT
produkt.png
s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/ Frame 3E0C 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/produkt.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6134a11a1dae1a790c0e2a39c6ea4bf5215c59a1fba65fb9ebb6c916acbecb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 09:17:48 GMT
x-content-type-options
nosniff
age
442549
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6995
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 09:33:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Nov 2023 09:17:48 GMT
stoerer4gb.png
s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/ Frame 3E0C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/stoerer4gb.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
636c0b14e0ea99b121c01a6882278a18490862a2c95fe7bd2b1c4ed1e71cd4ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 09:17:48 GMT
x-content-type-options
nosniff
age
442549
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5202
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 09:33:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Nov 2023 09:17:48 GMT
stoerer0eur.png
s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/ Frame 3E0C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/stoerer0eur.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
315656cf8a92c1fead3eded01adb79f49230f46e5087bea55a3210beb5a8971a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 09:17:48 GMT
x-content-type-options
nosniff
age
442549
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5455
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 09:33:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Nov 2023 09:17:48 GMT
preis.png
s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/ Frame 3E0C 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/preis.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e52ef6d3edeeb38d368a665461e32447a5448e7b7fceef0b1baf1326a97d6c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 09:17:48 GMT
x-content-type-options
nosniff
age
442549
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1095
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 09:33:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Nov 2023 09:17:48 GMT
logo_bottom.png
s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/ Frame 3E0C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/logo_bottom.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08c3bad919dbd407c4cae51f276afe155c560e44db98ff88f0149593b335bb63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 09:17:48 GMT
x-content-type-options
nosniff
age
442549
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2967
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 09:33:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Nov 2023 09:17:48 GMT
laufzeit.png
s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/ Frame 3E0C 		511 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/laufzeit.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
999917e35dc4595fbc00770b2fa18676a88c25d5911541930956b7634cedab17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 09:17:48 GMT
x-content-type-options
nosniff
age
442549
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
511
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 09:33:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Nov 2023 09:17:48 GMT
btn.png
s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/ Frame 3E0C 		803 B
830 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/btn.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d9986b9e63d972f5a247ef3588094ac624a49b02bc21c950cdfbe64127a1cd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 09:17:48 GMT
x-content-type-options
nosniff
age
442549
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
803
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 09:33:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Nov 2023 09:17:48 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ Frame 3E0C 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2475562
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23292
last-modified
Fri, 22 Apr 2022 16:32:30 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6262d89e-5afc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fg8e7589qzB%2BUGBtyewBNtza9SOY01r%2Fynbyyj%2BKgkYjauxC%2FEeskRTvlRX0afrniNJkbug9kPc00G%2Bd0hTAyrgVUHuMXS0YQVMXTDsykJ6CPLE38Tkowduw4G2FGliMm9QxRdLuEtNt3nhR6VX2jytV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77028a062f89994b-FRA
expires
Thu, 16 Nov 2023 12:13:37 GMT
main.js
s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/ Frame 3E0C 		3 KB
872 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcea96036dd94a472c5741864dbc742cab3777cf47f3524a47b796a0231aef9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 09:17:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
442549
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
843
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 09:33:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Nov 2023 09:17:48 GMT
HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame 691C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 16:51:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69748
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16085
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Nov 2023 16:51:09 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0290 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=1571994321026931&bg=!hYalhsLNAAbvMpMzzzI7ACkAdvg8WokyWD3LwkjhMCeiVM_ZefWjCgbueceUR0Lwc0HbJL44DxHePwIAAAE0UgAAAAVoAQcKAMPKtCUkftSI2oU5AqPNkKEKeD9gCL5JzDLD4uA1W_Qm5KwMA1_Ly_TwRVWWIPRjYtIPqJIfCU1PIuPfeyb0j1TlZbGeQv2wS7qfZJxhn4ZZnY-r3JOYvlU4phH5a4VT77KNNRy4C83z0Hp1NWb5vJkl2rYFv9ARY6_Pzj3daR070ufx34zcK2GIXGgAxFN-STWW4_uuHD6Mi3IfMQXYNMrwu1t50l8Y19DMDi9xSDR7lKrMZqhLU15oqmQVhUB5-ncXu7SZAqwKxS4veoGgpSwv5iU8xyrmTXA1pVNNvjJvbPqgfASJ-pOyoc2kecP7cuYGNxIvRlJySCFGqRhmzXFVraLU79cK9iEzZzsio8itkUAb5bUlJ40DjckZJ8yaQj6ljpYJGkX6IgJslJqP7zRX-Ay-PlX3UItqGaF8GeLdOlNArykGmLNF17Gv8pBvFFGhYgP9iGGvGPD30zFP5IS1q3L1uyfFy_baoJVy8ooBWxshUoFSS4Ek6Lg544NsCYzMcUjSCQx_iZbuYB9uJ1WMKKvD4U1PvCpYRPNPeDefhJa6RWjygK_3GfEivRhuHAfhQuOgB97mGLoHW1pYFwW_06RfRCob_dWIrrg19mvJJa22TRj5RyrUHqheGqLc08NG-hmgP7xlUlsKeG7GpsJHw3-ouzkN0o7MdViNoXi6VDMQo49npJJjAt1ADTh0ARhkYkyObT8YmlAaYzsO7UAUFq87yVFBFmsMJ8qefbCbRiEvBY1K-A3Fo1Dsm4yuMPoMwIZJXdUNVSLeb29W3zXyWDdNbgY_gIg1pEghGtlMj-zaLgpWuB2wd6MYSiJGVMKAZ2_QycBM1iKfoz_aQ7Lxk8duLuzzft-MfjS9X6fVJca3jGEwWDgbQcCykMnMU6TNcCUueMRLGIkBU7br29o22GERbBF_CtgCIPNdHYCxYrXhkFcr2vHWxnLCcE7qGBRITA20VCmhsOk2uZ7CdQQ6DOkas5Szz2VdomYHrbyd6Ap_CyEtOG0NQB-5bNOei6ZPFEFT6MJe4m2WA-r-ZglGT4EBgZA3uJK0DdsX3maELjAmCUkWTLxx1wotkZqH4LiVE8V70cV4USVqRv2dwyA5zpx6wDOarfEJeOLoh5DJ3bxkCOeYMSJUHIZu0Vk_mxOHreVrA3FlVmmg2epXwmJ0nY4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame B2D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=2121899034835271&bg=!3t2l3ZnNAAbvMpMzzzI7ACkAdvg8WuS90iWAH3mKIcP7aR16ohuIHJsGci96yZRFm_wPcx-rz7kUjQIAAAFiUgAAAARoAQcKALYkCV_kVJon2dyxdqi4rY0SLKG5XDgYDfC5NoCitHbvqY9DMz-oCfwXdRe_C29k_e1RS2w8Udb7-aVcab_mJAyvESWDybL4KMhJO_PTCbyzoXmxukKcPOt17u7nRmEkqUOfNQPFaT1Mj84jHKHkPGZiOaROJKc4zsRdo7JuZRAQ61aUcu_ybHvcCH7u7jr2SwGCUDJ3CfnSdfYnf11flD5lHuf-7PqfN7fEl-lYD-QS8zXBdOafE5kC2VUzOocdovCS-Mk9vGZ1fXq-s4Z8fYsjPaWI8JdaRVF6fpgnF9PkCC-T0Dq09DvQnZz1I5yY_KpieK77HshmU4I_c2WkZ2j89bwGcye_MnGco3umPL-oVE07yoJInYJvRSsO4J6wUP7JRMTJnT4v2Cc3nnFd1vJ1U5RXKF5fpW7p9d5aBvrhwqZo5UYny6in5VDWESWs0qmdcBP-6U0JGPxHckMcQnK9CiDuCrsx6aYb6IAQwduWEkd2_RfkwXCOB4FbkQ22jvwTswX7KxrOtOLqps4mtLQF9_gTg2SQ9UomQRFK_xZBPwcKpgPfSTHPleeyo7GJtwWgN0C5_av52q8kzk6w_IWgrDb2vPwtBgvqoJJLHAcWhHM02KbC3XdyXDWu2rVLYpKyDPfqSuxY63jLY_6WaIFMjkIrd49bIgiGW0teXxDix9UcLa-6KEhnrkdSarxju_Ri4xHyzHegslO-AbV3h6xFOtpUfZRs2_QfJrWTZxtWuiRkYxjlpnUkcT3dBqfzrHUiGPTU6yJpBUSjC1vDpDdj2WB-M_BNJgttOMMrU5OG91gKLRF2Ba-BK_X3rl1mYgtUzeJWknCwdq3aDlfZ1EbRxpH8IBZQOBn9wTPWkKq6lWm0U_FP5nbGtJEdFP0uUChCED8Uqkq6xG3_DiOgKsQRfEla_60HgdnBIY_Gy6Bt_kd4usndb7H--na8DY5yZ4G7T4t5rlz5q6IfcJWye4cIGu_ZnQQnSqdbW5eOAYE4w9arAK2ps8N9DKPaDhYLgwG7UG0yfw-z9X3W6OmZvprfXMm2bM7HtzeeEdB-TcpAI7GhaQzsy5XqQJ7JuV_HquWc-fBZl8mRC9Z05bIs38EFtd5hUM2VewbyABeHwWQkqBvTCohaU63REgz6cBT_JDjxSpi6Edoe9Bs_lPbptILq2_e9SEkPNiU6QwtdYHkjV8SisvoZq3zrVanDfSgLJ0Bc9Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=1012180065589750&bg=!DwylDEjNAAbvMpMzzzI7ACkAdvg8WsiBkgtg8tvIOsa5dr0bjTKZAa3i3pobsGY3iWBwhuSPddkG4AIAAACtUgAAAANoAQcKALVOOYm0-bo29M79qIl68_aqUVh8gJr1y4VzasDkPVCb4w6RYdFNNu7y9j-_4qfKeFbANoEFfOCvR4i3b2Yyc4ZbMXjgY5TfPVcH5hJfawJAiEU457eWbIOSnc-TPbbM8hR-8PLwD9O1kg7tZB184zs9BbMtiiZHDz0k6bRVzS0looNmGK9-S8ovISojsQ6nJ0SABQjNXERO8DziP_QaF6r3C4OAksQkQFTNhgsspjHgQ_FhFK26mQKf3cAllcjgxeEdkKmYTBC3c-9SpbJ8eCcmua_lmUwIRSLaMXBIynfOwB7T07Kjo4RSqp1JNIKZJg4vOgJHGNGX-YyckFQsh4-xcpzhAGn8RlU2CESA6jUAQfKr4mgLF60vOgPkBKly5JNgbNbn82p_IyUKOivtIy020Z5vG3RACouZ1mMAsgcObiQwQDQBi08d5mpag9ICpdUREJ62T-7HhSZ90rO7PDVjAM-ecBamLccaB_mz3w18aIwtj3anEvGp5BJcrGdI1PVPwGewunyGkkEClc3nucWH6hrLcJNWl4EdqfFbdFMcgJLAcJmnw_EIeqKyd7qcD9SSoVte0dL0KzGqbatwBpyrpPVMv0Gbpvs48_6GTz88XJ-MZQdudPvtU83lAtj0tjfbrD6NJZJ0XLqwRP9m4BP4vFBKVuCufI6td9Ld87jCzFwQWlc_zzCdJ_M2Z0-X42fz6cdh8fQdwmWdakE-ZTFgaPaj_NQFs66dh5V33kke5K_SRvFQEf4yh7_eycYVOjumQZ9qDkvIOrio84YI-YVJ3FC0DI3VScNGBVhh6ud3fRC9ojI1CV3ja4pfn7RQd3JMb0-ECmCIf7jexMXcnFchGIvmXYjEPGaEwbTSaMiKXE-IoN-cICYZDgeh4rsfd2X0Lsxc_Kr7IpX1gpQr_L70DBlXlWx48C9p4x2VGNORg6HRxWkZv5WgLd2OWzu6Ra4kykU8qkdgFO0DuthKO-y-PHwdtPhZ3jUvVbkeNTYhlXSvl0QpK5WdIiHSeQcZh5oAAlrZddzLP-Ycl5DZTWre0_8ju4LS48dHXKzzA8F5bIXi0zIy657FKSbm7WJcQyn9Qk9OoIV7QmMxSsgJjUQTzXUS_p5ZzLYnDGPSBkU4-7J7Bd7BBiA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
prozent.png
s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/ Frame 3E0C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/prozent.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0614d133485eb27f62c81a9ddd788d420fbde87c2933722c989694f53b79778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14902448299219379864/km_202211_BW_20GB-24M-1499_300x250/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 09:17:48 GMT
x-content-type-options
nosniff
age
442549
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1579
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 09:33:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Nov 2023 09:17:48 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 826C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuXQztaSblZs7ZRyLiNA24TZFRWIXuyitO5EAjhr3F-ByXF0sCS5IJpYa1cnfz6IblaLq9jJGIRxGsKkriU6kgdknNABh0i7NH3mU0KF95ZBJu5TvuXOdayEmXXh2m4Ek47La1n-NPl1LTG6Icod90rFEQ7qfNL0980Lttdu2qt4T_A9iFmHZMWpYRHOrzs3Iv0L9v5gTkYnowFzO9oYRd_Ix9wsk1CdJdwa9sDZJOd1syOuIDNrbH68BCy3VQ74sclcrkOKEeBJ7WiEGU4RP1RYS-OK1a7WJbrAB4sq4LRA2r1LhNUz4ktWBkOgOsFwDxc1zfj78JDYZrCj6pJCOLCLF5ba4bgtudEO1Cvpx0daC0ainCZA6w4bQdv1RfuP-GIuryaR2XZcCHwe6icGFn6N1EIg-kLhR1r71FfV46w7EhC4dfPvvp-Ml2q1c58AK3LtHN4tzw9GQBIf0QJOjcpb5XADDRQDiy3zjEWq7t6CW6xV1Kir99xOqrQ0csIxJRJDJsJuNNIgeE8TfGMryO7aegLILPb6tL2lnRrKiSCosyqAFKnpcm70k8uxhVgqDs77eFPou5B34JPSnvjiujWp4r9vUORcTWTFFtnZ7ezKLFRCtcx4O-nOuuuwSJruk_kyGP4OosIGBbHePKI8iVQ3AYDcD4DBcAPKIuOJ99Pvch1XqEPTwgbrPbcVD6471wlnDxyKnznK3yNX6tOsmHxNW0UcvCwVM_PUTLewqzJxGty7T8G_EuK7PSOq8asemgyaKI-cQMLl5L4eA5IS4wZCetpa9vObPK-EzA6xydv_jpmCUiFjcSVLSwwTKK9RE5Dq3J0DmTZbLt_4xFS6m0YP3vz7HOCz1KjsYQMS5mA7Rk4GfkPCv4GH01olIuQT6URXVJIhhO-8jRPSRm-Tx-sSjCL9hwwGk06nX9gqwES_c6hpBarFKFYiC6eSJQVgBo7QZakUGaCMb9XQif3MQo1Ut9MYDztqgvhyzdEfPojjKXPhO9AaJp6MLheXk-R_sAZXGRDORC_Y_R-HvPz3bNJtE4lKDIVb35NOV0HTMtZIlAQ_Rs7rqXIVXnksNX6knNMJQRTyhVfxReNePadKIU1UZQQXSxRSZ-1p7jXm8uAcef7hEvJfueB_HJv9S0PFH63bu5nHIKbNaN5ZQOY87oryBJkCPrhagndJmAyaG_uNPp0UIOAtVM1GUt90iN24iLwZJdXSmvjjiQA-dq7krZOETJ9-JxLxj3sEO9HMNYe0oGWIh0mW23An1p5hzRlEQlskEAQcDV-tolcHYyoOR5CBdc4-Arqmx0aUOES0D7mtfdHzfNIl2rWSxb4EkKvPi9Pm0P5IU4-myIaQHNX&sai=AMfl-YSSr8MLwvsiR1vmLy6UINOwglHwK6JiXId03b6s4BQfMOqlufjUMqIBeY1IbNEXU0avBU4bt1bCyugQYAFXBeYCfwgjUeqt6TnHE2E7VfNVwS5XCwvtYyLQHBIhNmIGx6944N3H5MfeIV_6s4ffRgbcE8E4aI6r_Sw2jiilzRDAvks-JuUs59v_zx9kDX4bfgpyyO-Xpv-pH2kFKT0zNErN4jr1PIdd_SYyPJicHwafyadNk5GUYMVRra4mZe5uqLKkBP7lqVcfwEsIqgOWCu_tRz3zcEBLkJJSREo&sig=Cg0ArKJSzEQXh8FRg9GoEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=341&vt=11&dtpt=222&dett=3&cstd=115&cisv=r20221110.08602&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 26 Nov 2022 12:13:37 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 826C 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5357084dc291ce9ca968c7d698b69643a37aec545ad6502b8ca84702004a63af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5691
x-xss-protection
0
node.php
node.setupad.com/node/ Frame B2D8 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 26 Nov 2022 12:13:37 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 826C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 26 Nov 2022 12:13:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 691C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BD9iz8QKCY6T9EdOhlQef8pWICgAAAAA4AeAEAg&bg=!l5SllNDNAAbvMpMzzzI7ACkAdvg8Wus3Z44erac3nAaRe4X3d0SbmSUDYteo0cPUEOZzDZ3ky5zougIAAACWUgAAAANoAQeZAwEy8hxozWY1ACwRh5EjcgPOt_AKzu7PHVqINQHUQkaA9vtixDtP1RLCkxlAxNCw9nubLcNvkkr9Ia3hM7DZ1aWaIXI0Qnt-2HBodcOxuEGz_lvcq8gzHPu6lDMZRHApqoLwMeoKMGWkGLlPacLYuQ18HK-8qOj-ePLt1-Ku_wXNPc6_XG0wYfU8i7UyUg1Xv6EhWVECwSoqj3RXcdGvqZKo-fnCzZ8nXLmvsOrA73qtroNwzn2PYaNMbq8BIIZPQHCAB6XFVpiZC45YFJ7km1MYM0QXcG68I5ltrGI3rL06tmCHIfvcS5HmQuUeSOxu_jzFIzOR93JaE7TvjYU3PVUilBY2QDgg6ZdoFG78qJda-VuMa8hKMIwiKf-hGMfGn5jKQqf6lEPQQ28H48eyUIRK6Z1XYLqJCBX_JIRP5Y_ApNocEfSPerH7q9kG1RaXI7BpuE8f-8IUHkgqhliC7CS7n2I6pyEobd0XmvIwD8JmFHUbbjQ5kyNKWEgOI0-nNO-iiQiVo7P8k-qCwYFmpUzHL5CXufP--Gw0qIwAFzyMi4UYzcDD1_Vo1zW_ngXqQ0-7xnrnN00e3pywxi9Jgd7pkeSAMPzFIENZVdnPABLKFNrdB8EidjiyssvAu3q1MJlXPH8ugxJ0dqbQexyL_66bpPZqfQGXzMQHS5Dn1ead2si2M_6D1_sJnEz8DRNLhsB_DUCbT8bLxvZrxPZOQDiXhWXI233ShGiUId1_1oYeeSwAbcU3AOP2e2wN8vOr8_2ZReIeL-LtIMpIfUqj37zYujUN4RzHkRuahn5ccRy4dhlC_zGd5cpD8VNjoUNt57F8TR-3XvQ2BmPRxgZhuY5ozu6-DPv8VrbUKywx4CH5D9rhEtMgpyjfirjBPlqRUYd5HSeqRylU0mzFdzX7-MnLjKQBA1TGU_BI13LXIPk4B6WlSZyzKUArMi5ZP2-k1zhebH_UQyH5vmyszH_ygn8D54OC8yhmBddNo1QkbWx41AHVQGlTyWWGJ1K6KlEzDVOu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame B968 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 16:51:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69748
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16085
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Nov 2023 16:51:09 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 0290 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 27 Nov 2022 12:13:38 GMT
syncframe
gum.criteo.com/ Frame 8976 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ibyt.in
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 12:13:37 GMT
server
Kestrel
server-processing-duration-in-ticks
2547706
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 0290 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 27 Nov 2022 12:13:38 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame B2D8 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 27 Nov 2022 12:13:38 GMT
sid
mug.criteo.com/ Frame 8976
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ibyt.in&sn=ChromeSyncframe&so=3&topUrl=ibyt.in&bundle=SRl97F9rajRHZ0pERkl0RTRWbXQ3aUVaZ3dqb3JERmYxeFp0UGk2bCUyQnJyNnhqdGdmbThXbW56Yk1YWHpC...
  • https://mug.criteo.com/sid?cpp=g2urBHxGSmI3WU9OOVhFMzh0dWM2UklrdEdJR1hDSUdvem1Fc3lTcERrUzVSd082YldGTkxCaHg0cWt5dVdxQWZWczZTb3o3Mi85YUxlWlpkMnFhNFlSck1Dd0RodVQ3d1d4V1MvbTlIeUZUa09Ua3hnNFJzTnp5UmZ5Sn...
436 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=g2urBHxGSmI3WU9OOVhFMzh0dWM2UklrdEdJR1hDSUdvem1Fc3lTcERrUzVSd082YldGTkxCaHg0cWt5dVdxQWZWczZTb3o3Mi85YUxlWlpkMnFhNFlSck1Dd0RodVQ3d1d4V1MvbTlIeUZUa09Ua3hnNFJzTnp5UmZ5SnpkTHFxdm9pSkExSjNyQlQ4VGJhdXRacnl3TEZ6bEVpOCsrcG15bWc2bXdCazFPNmVwbU5LM2orRzBXQU1wWmprL2ZmZzhYTlg5cWtJRktjSC9RK1VCTU9kb1NBMncvZ0ZYNzJvenNXQTdQSzBTMWZxZmoyRHVkdHdMQnVybnR0ZWMvMVZSK3NieEc1UmlsNDMrZUJtOVdwcWVqcTBFb25xZXVCcGs3UEg0Y1VNYWMzRkhLbz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2fb45dfc42254aa4e0fb40a65772986d5f492d9c00c77290617120ee398d6612
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:37 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1080473
expires
0

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=g2urBHxGSmI3WU9OOVhFMzh0dWM2UklrdEdJR1hDSUdvem1Fc3lTcERrUzVSd082YldGTkxCaHg0cWt5dVdxQWZWczZTb3o3Mi85YUxlWlpkMnFhNFlSck1Dd0RodVQ3d1d4V1MvbTlIeUZUa09Ua3hnNFJzTnp5UmZ5SnpkTHFxdm9pSkExSjNyQlQ4VGJhdXRacnl3TEZ6bEVpOCsrcG15bWc2bXdCazFPNmVwbU5LM2orRzBXQU1wWmprL2ZmZzhYTlg5cWtJRktjSC9RK1VCTU9kb1NBMncvZ0ZYNzJvenNXQTdQSzBTMWZxZmoyRHVkdHdMQnVybnR0ZWMvMVZSK3NieEc1UmlsNDMrZUJtOVdwcWVqcTBFb25xZXVCcGs3UEg0Y1VNYWMzRkhLbz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
600410
content-length
0
expires
0
syncframe
gum.criteo.com/ Frame A29C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ibyt.in
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 12:13:37 GMT
server
Kestrel
server-processing-duration-in-ticks
2058869
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame B2D8 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 27 Nov 2022 12:13:38 GMT
sid
mug.criteo.com/ Frame A29C
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ibyt.in&sn=ChromeSyncframe&so=3&topUrl=ibyt.in&bundle=SRl97F9rajRHZ0pERkl0RTRWbXQ3aUVaZ3dqb3JERmYxeFp0UGk2bCUyQnJyNnhqdGdmbThXbW56Yk1YWHpC...
  • https://mug.criteo.com/sid?cpp=20X0QHxtczZVRzFaZHZqWHcwZDYzQytBOElTdDNMeldvSG1jNEdjb2JRK2FZMGVOd1F4Q24zN1ZReDltdmx3aDNnaXV4RG1OQ291M2grQmt2NmRQT01lR2t1VVNRT2diUHBRUmd2MXNwMkhyWkVldXU0b0lEYzVJd1Y2QT...
427 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=20X0QHxtczZVRzFaZHZqWHcwZDYzQytBOElTdDNMeldvSG1jNEdjb2JRK2FZMGVOd1F4Q24zN1ZReDltdmx3aDNnaXV4RG1OQ291M2grQmt2NmRQT01lR2t1VVNRT2diUHBRUmd2MXNwMkhyWkVldXU0b0lEYzVJd1Y2QTlZT3o2S3ZuQ2tRKzNSTllMMk9wMVRGa3hXdmg4NGNUSzdVbUIrcStRUmZNcjcyOGNKUXhENmZLSzRhSU8xQVdyTVNXTjNJMlAwMGh6Z1pMd2NFKzdKOU5lV0FWNFJidWZQT0FaekVsUi9nd3BUY0gyMjE4ODhYb1B5MVh6MWQyTG5MRXNldHNxUnBhSjV5VzNtR3J2OW5Gb24xUU8yL25HelNQM2J1dE1CK2JPT2krbDkxND18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8a0a9c76ff5fda2a5049654cde7897bd750e92b1001451a4a1e558d08de57887
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:37 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1519618
expires
0

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=20X0QHxtczZVRzFaZHZqWHcwZDYzQytBOElTdDNMeldvSG1jNEdjb2JRK2FZMGVOd1F4Q24zN1ZReDltdmx3aDNnaXV4RG1OQ291M2grQmt2NmRQT01lR2t1VVNRT2diUHBRUmd2MXNwMkhyWkVldXU0b0lEYzVJd1Y2QTlZT3o2S3ZuQ2tRKzNSTllMMk9wMVRGa3hXdmg4NGNUSzdVbUIrcStRUmZNcjcyOGNKUXhENmZLSzRhSU8xQVdyTVNXTjNJMlAwMGh6Z1pMd2NFKzdKOU5lV0FWNFJidWZQT0FaekVsUi9nd3BUY0gyMjE4ODhYb1B5MVh6MWQyTG5MRXNldHNxUnBhSjV5VzNtR3J2OW5Gb24xUU8yL25HelNQM2J1dE1CK2JPT2krbDkxND18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
320101
content-length
0
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 826C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjste5CwRvbOWKS9zg1Lf-vAUJUStHBl0N26Jo8TVJNROeB9KOK7a1RiozMZGUBFjANAHzC9Jcq9lS9TtBBGA211IjL4gSKBv-ay-zPdo-2Z4FoZ6-nmPAuP7XDhjWvyAZXdvgtAGDw&sai=AMfl-YT2e_aDfMiAoCvKHHA2HtDAr51kuvT_Ee_tEL30BrYaqNy2kY2MZAv5wvEBW2jt6Rg0kNYzW8v0XSmp33WEp5lxe__ZW5O2a827PM2KwzzXeCILQwbJ9arU3-XXciA&sig=Cg0ArKJSzAp8l2FXeIGEEAE&cid=CAQSPADq26N9mvOqE9MYhc0GDcMlyyyM7TK0wk1mxQ2c6FUc6VSvf-gnzcxfn5LeOiS6PKexlTnuv6-Qar7XjxgBIBM&id=lidar2&mcvt=1002&p=703,485,953,785&mtos=716,716,1002,1002,1002&tos=716,0,286,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1699024641&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669464817222&rpt=185&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame B618 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
828
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77028a0cd8ba6951-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 26 Nov 2022 12:13:38 GMT
expires
Sat, 26 Nov 2022 16:13:38 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 620E 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sat, 26 Nov 2022 12:13:38 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame F602 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
26488
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 26 Nov 2022 12:13:38 GMT
ETag
W/"623de86a-cf34"
Expires
Tue, 22 Nov 2022 04:52:03 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
6, 324744
X-Served-By
cache-lga13626-LGA, cache-hhn4055-HHN
X-Timer
S1669464819.691926,VS0,VE0
check.html
biddr.brealtime.com/ Frame B946 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
6665
CF-Cache-Status
HIT
CF-RAY
77028a0d084d90b2-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 26 Nov 2022 12:13:38 GMT
Expires
Sat, 26 Nov 2022 13:13:38 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
THBBha14TFKejWVop+slac2Gat7v7s2Fu4JGgxBkG9B75xNQjO1mn/icIaXCsUesNFddupQ0giY=
x-amz-request-id
15DG7FS62Q387667
async_usersync
ib.adnxs.com/ Frame F602 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:38 GMT
AN-X-Request-Uuid
09d16e7f-7e19-4c93-81df-f7b26b9844fc
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 8BAD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d3362f3a17aab5865bd07a58b9c3ff81a5c8235edc54f22f6f37dd463952b0a

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77028a0d381ebb5b-FRA
content-encoding
br
content-type
text/html
date
Sat, 26 Nov 2022 12:13:38 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocyhj3sZfQ8osov1%2BzEN0TfhISUQofvm3%2BgQtOE894flqKSXbrwLfgkuUhn2cwcUk%2FEc9oDNGllMw7fRqxUGzq1niLRK%2FDwKGTVaHYmrzk5jqZZK7EVm79gtcpxQ3pJwzP%2B1IKbFlS2rnw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame EC28 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
828
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77028a0d9a776951-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 26 Nov 2022 12:13:38 GMT
expires
Sat, 26 Nov 2022 16:13:38 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 8B77 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sat, 26 Nov 2022 12:13:38 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1000 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
26488
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 26 Nov 2022 12:13:38 GMT
ETag
W/"623de86a-cf34"
Expires
Tue, 22 Nov 2022 04:52:03 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
6, 324746
X-Served-By
cache-lga13626-LGA, cache-hhn4055-HHN
X-Timer
S1669464819.812984,VS0,VE0
dcm
s.amazon-adsystem.com/ Frame 8BAD 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4IC74CYDYWqBhvvNmCcvQAAFA4AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
25J4YMPGERGM67QQSA3Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 8BAD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4IC74CYDYWqBhvvNmCcvQAAFA4AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBkL46w5GsEZeNJseUk7__w&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBkL46w5GsEZeNJseUk7__w&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FKA9RQqWEJOA7gc1o2kuwH%2BIbVdLo%2BgS0bk9k3zbAwkBRzmUBWtVVAXwNAsba2NlzN3MCkf%2F7luOhjWuTgGMUyaXh18E0ic5gs9Lvq8KUnW6F34tFClEzOhgixOLe1fntdQmJmYkuCASg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77028a0e2c829028-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 12:13:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBkL46w5GsEZeNJseUk7__w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 8BAD 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 26 Nov 2022 12:13:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Y4IC74CYDYWqBhvvNmCcvQAAFA4AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8BAD 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y4IC74CYDYWqBhvvNmCcvQAAFA4AAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:aea4:a386:c0ef:3243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 8BAD
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=SwKjCoDm1OYU3U5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=SwKjCoDm1OYU3U5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:38 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-01cc22a724fa3318b@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=SwKjCoDm1OYU3U5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8BAD
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y4IC74CYDYWqBhvvNmCcvQAA%265134
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=20713924-312c-491e-8202-787606247721-tucta7b8872
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=20713924-312c-491e-8202-787606247721-tucta7b8872
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=20713924-312c-491e-8202-787606247721-tucta7b8872
date
Sat, 26 Nov 2022 12:13:38 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12946
ix
ad4m.at/ad/sim/ Frame 8BAD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
Y4IC74CYDYWqBhvvNmCcvQAAFA4AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8BAD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y4IC74CYDYWqBhvvNmCcvQAAFA4AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y4IC74CYDYWqBhvvNmCcvQAAFA4AAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y4IC74CYDYWqBhvvNmCcvQAAFA4AAAIB
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y4IC74CYDYWqBhvvNmCcvQAAFA4AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3601:aea4:a386:c0ef:3243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y4IC74CYDYWqBhvvNmCcvQAAFA4AAAIB
date
Sat, 26 Nov 2022 12:13:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
htw-pixel.gif
cdn.indexww.com/ht/ Frame 8BAD 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y4IC74CYDYWqBhvvNmCcvQAA%265134
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:38 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
49296
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77028a0e3c6c9bbe-FRA
content-length
43
expires
Sun, 27 Nov 2022 12:13:38 GMT
async_usersync
ib.adnxs.com/ Frame 1000 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:38 GMT
AN-X-Request-Uuid
2d9e89c8-f3fa-4669-a36d-e925be5056d3
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 4FC1 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be60eb858465a284256a6d38438c8781199501ec7ae16039c18d175216383f1f

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77028a0e2c869028-FRA
content-encoding
br
content-type
text/html
date
Sat, 26 Nov 2022 12:13:38 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuPPDWVWVBoR%2FnSDeldJYWDq2rrVuj5kowA7Sv6KBIKEOit%2BZvB4vC29IN%2FZ%2FX0foZmugAM4fbKyLwYkzXERSUI1oNLdDE4IuBMcwa9iGYRqZaoabHXpbTUK2LyHGz7NNFdm1k%2Bjy2CTUg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
crum
dsum-sec.casalemedia.com/ Frame 4FC1
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2849534791382142345
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2849534791382142345
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:38 GMT
AN-X-Request-Uuid
5f332979-3b95-489b-84c4-4c8b227e2739
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2849534791382142345
Connection
keep-alive
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4FC1
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGR1E7HBAYAACBS9-4MfA&expiration=1670674419
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGR1E7HBAYAACBS9-4MfA&expiration=1670674419
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGR1E7HBAYAACBS9-4MfA&expiration=1670674419
Date
Sat, 26 Nov 2022 12:13:39 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 4FC1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3512167959563824868
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3512167959563824868
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3512167959563824868
pragma
no-cache
date
Sat, 26 Nov 2022 12:13:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 4FC1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y4IC8wALAyPi0gAO
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4IC8wALAyPi0gAO&_test=Y4IC8wALAyPi0gAO
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4IC8wALAyPi0gAO&_test=Y4IC8wALAyPi0gAO
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-hhn4068-HHN
pragma
no-cache
date
Sat, 26 Nov 2022 12:13:39 GMT
via
1.1 varnish
server
Varnish
x-timer
S1669464819.112608,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4IC8wALAyPi0gAO&_test=Y4IC8wALAyPi0gAO
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 4FC1
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=afff3fb9-7917-4040-9daa-792b02f6e099
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=afff3fb9-7917-4040-9daa-792b02f6e099
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=afff3fb9-7917-4040-9daa-792b02f6e099
date
Sat, 26 Nov 2022 12:13:38 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 4FC1
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=1ABBD7D608CA48369D6D7B44B5CE8278
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=1ABBD7D608CA48369D6D7B44B5CE8278
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Sat, 26 Nov 2022 12:13:39 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=1ABBD7D608CA48369D6D7B44B5CE8278
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 25 Nov 2022 12:13:39 GMT
Y4IC74CYDYWqBhvvNmCcvQAAFA4AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4FC1 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y4IC74CYDYWqBhvvNmCcvQAAFA4AAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:aea4:a386:c0ef:3243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
casale
match.adsrvr.org/track/cmf/ Frame 4FC1 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 26 Nov 2022 12:13:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
htw-pixel.gif
cdn.indexww.com/ht/ Frame 4FC1 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y4IC74CYDYWqBhvvNmCcvQAA%265134
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:13:38 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
49296
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77028a0e8d299bbe-FRA
content-length
43
expires
Sun, 27 Nov 2022 12:13:38 GMT
async_usersync
ib.adnxs.com/ Frame F602 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:39 GMT
AN-X-Request-Uuid
321a157f-247a-49cc-8bab-97fa53376292
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1000 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 12:13:39 GMT
AN-X-Request-Uuid
a19db5c2-0b52-4302-8e42-75adc261c52a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| _wpemojiSettings function| $ function| jQuery object| googletag object| twemoji object| wp object| ggeac object| google_tag_data object| google_js_reporting_queue string| pb_ibyt.in_320x100_mobile_sticky object| us_ibyt.in_320x100_mobile_sticky undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| pbjsChunk object| pbjs object| ADAGIO object| _ADAGIO function| lotameIsCompatible function| sync16589_ba function| sync16589_b undefined| sync16589_c undefined| sync16589_ca undefined| sync16589_d function| sync16589_e object| sync16589_g function| sync16589_da function| sync16589_ea object| sync16589_ object| sync16589_ha object| sync16589_o object| sync16589_ta object| sync16589_K function| sync16589_aa function| sync16589_a function| sync16589_f function| sync16589_h function| sync16589_i function| sync16589_j function| sync16589_k function| sync16589_ga function| sync16589_fa function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_p function| sync16589_ia function| sync16589_ja function| sync16589_r function| sync16589_ka function| sync16589_s function| sync16589_t function| sync16589_q function| sync16589_u function| sync16589_la function| sync16589_v function| sync16589_w function| sync16589_x function| sync16589_y function| sync16589_z function| sync16589_A function| sync16589_B function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_C function| sync16589_ma function| sync16589_G function| sync16589_H function| sync16589_na function| sync16589_oa function| sync16589_I function| sync16589_J function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_L function| sync16589_M function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_Q function| sync16589_R function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_Z function| sync16589_X function| sync16589__ function| sync16589_Y function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_3 function| sync16589_8 function| sync16589_ua function| sync16589_4 function| sync16589_6 function| sync16589_va function| sync16589_wa function| sync16589_9 function| sync16589_7 function| sync16589_5 function| sync16589_xa function| sync16589_ya function| sync16589_za function| sync16589_Aa function| sync16589_$ function| sync16589_Ba function| sync16589_Ca function| sync16589_Da function| sync16589_Ea object| lotame_sync_16589 object| signal_decrypted object| regeneratorRuntime object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_132 object| Criteo object| Criteo_identitytag_132 function| setImmediate function| clearImmediate function| __esp_getUID2Async object| __uid2 object| GoogleGcLKhOms object| google_image_requests

38 Cookies

Domain/Path Name / Value
ibyt.in/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.ibyt.in/ Name: _pubcid
Value: 22c6936a-18e7-4449-b488-1fbb0003c70f
.adnxs.com/ Name: icu
Value: ChgIvtB3EAoYASABKAEw74WInAY4AUABSAEQ74WInAYYAA..
.adnxs.com/ Name: uuid2
Value: 2849534791382142345
.ibyt.in/ Name: __gads
Value: ID=e8e09584c8b004c4:T=1669464814:S=ALNI_MaGgyc9PMSxhOMVXJfMTd7d6hxNPQ
.ibyt.in/ Name: __gpi
Value: UID=00000b87a0ba0466:T=1669464814:RT=1669464814:S=ALNI_MZLFF_60wyYfzkQjQH-4Xl00dJavw
.ibyt.in/ Name: __cf_bm
Value: X9HF867QcWMVjfN9qh9JJt4ykUK3RLITmoUrdOBibfM-1669464815-0-ATXL6Gz2NOVtL0UQVSGGOM2/SzDfzFwAEOPY4BXxpNFihfaHHkbRqkU8FjMii5dSIAh0cC53kUiFKAUYPACD54JdldjxR7ZCMM6DvBq5477kdlEBLtlez314TZiamyQaB2x+Nflcry2/aXS7fc1xDkU=
ibyt.in/ Name: cto_bidid
Value: _YIqPV9Rb1RueE5KTlA2NnhoYjhNOSUyRjVzNFJKZVRXRFh4MWgyT3g3NVVqYWxoYWlyZVN0MUtWTmczcFQ2cWVzWmclMkJYUXJ0UUNGM0psUnN5NFhPb2FsUHZiZ0ElM0QlM0Q
ibyt.in/ Name: cto_bundle
Value: SRl97F9rajRHZ0pERkl0RTRWbXQ3aUVaZ3dqb3JERmYxeFp0UGk2bCUyQnJyNnhqdGdmbThXbW56Yk1YWHpCVXI3dWhQbkt6WFJDRFJ5UVlzNmRSN1JFV0FydFFIa2lVOSUyQk42akl2YmhEaGpvT0glMkJwNCUzRA
.casalemedia.com/ Name: CMID
Value: Y4IC74CYDYWqBhvvNmCcvQAA
.casalemedia.com/ Name: CMPS
Value: 5134
.casalemedia.com/ Name: CMPRO
Value: 5134
.criteo.com/ Name: uid
Value: 51dd30a6-53c1-4bf7-af84-834e7dc748ef
.openx.net/ Name: i
Value: a9a7ced0-3e58-4239-816a-e8eea33b63b8|1669464815
prebid-stag.setupad.net/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiIyODQ5NTM0NzkxMzgyMTQyMzQ1IiwiZXhwaXJlcyI6IjIwMjItMTItMTBUMTI6MTM6MzYuMDQ0NTY1ODE0WiJ9LCJpeCI6eyJ1aWQiOiJZNElDNzRDWURZV3FCaHZ2Tm1DY3ZRQUFcdTAwMjY1MTM0IiwiZXhwaXJlcyI6IjIwMjItMTItMTBUMTI6MTM6MzUuOTgwODE0NTk3WiJ9fSwiYmRheSI6IjIwMjItMTEtMjZUMTI6MTM6MzUuOTgwODA1NTUxWiJ9
.adfarm1.adition.com/ Name: UserID1
Value: 7170296786547177618
.adsby.bidtheatre.com/ Name: __kuid
Value: ff7276e4-19e5-421f-97a7-2ee381b3b73c.438678816
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A0oepoPztU_AlGfUrAnGE1k
.doubleclick.net/ Name: IDE
Value: AHWqTUkT9WoErXtFMZEcGsehDB4wbgSKlXv4BJrw2sjG7TTJwsdmqCdsXy7PQCpvwdw
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2ImOLgu:9!@wnfH8K6pQK`!5=E<*L5?%M%i-TbQ3AFJxdpSl!1.Cjp^ZA/'Bn=.0ezLzHP(hw9P-HC_#ttJ1)m<9*
.ads.avads.net/ Name: av-mid
Value: 58e4a6b0-90f2-4d9a-a64f-52ec42ce69e6
.ads.avads.net/ Name: av-tp-gadx
Value: 1
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 1367936951069714948
.mediago.io/ Name: __mguid_
Value: 7d7078a378e188442eb433cb63e726c5
.zemanta.com/ Name: zuid
Value: lK5pIGlXtSR_Y_kIZwIg
.ibyt.in/ Name: cto_bundle
Value: SyoG_19rajRHZ0pERkl0RTRWbXQ3aUVaZ3d2VFZScXlRSiUyQmtRdWNLakNqRVhKdUp6U3pVQ1V3WXZvVzVHZno4R2dNV05GSW9KdyUyRm9Hc0dvSnFLSGNMZSUyQlNjbDhMSHZOTjU0YlFmczJic3g3UnFsMkdnJTJGcFpPWjRBb2t3Ym5pS2FoUlVFVmJOeUZvSVdRb1ZoJTJCUDJSNXo4OXlRJTNEJTNE
.w55c.net/ Name: wfivefivec
Value: SwKjCoDm1OYU3U5
.w55c.net/ Name: matchcasale
Value: 5
.analytics.yahoo.com/ Name: IDSYNC
Value: 175w~28ic
.yahoo.com/ Name: A3
Value: d=AQABBPICgmMCEO9UwVzWsZ2A5Aj3V_r4SHMFEgEBAQFUg2OLYwAAAAAA_eMAAA&S=AQAAAiwfE6WkQnsAvDYqgBEkhuw
.casalemedia.com/ Name: CMTS
Value: 5234
.simpli.fi/ Name: suid
Value: 1ABBD7D608CA48369D6D7B44B5CE8278
.turn.com/ Name: uid
Value: 3512167959563824868
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y4IC8wALAyPi0gAO
.bidr.io/ Name: bito
Value: AAGR1E7HBAYAACBS9-4MfA
.bidr.io/ Name: bitoIsSecure
Value: ok

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8354d67ddbda37655270b91d1029e89d.safeframe.googlesyndication.com
90346b2e8ba5064fb0ee80d55a3812fd.safeframe.googlesyndication.com
955bc6770b566863296c9107f6efce14.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.avads.net
adservice.google.com
adservice.google.de
adx.adform.net
b1sync.zemanta.com
bcp.crwdcntrl.net
bidder.criteo.com
biddr.brealtime.com
c1.adform.net
cc.adingo.jp
cdn.ergadx.com
cdn.id5-sync.com
cdn.indexww.com
cdnjs.cloudflare.com
cjss.enewspapr.com
cm.adform.net
cm.g.doubleclick.net
cs.emxdgt.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
esp.rtbhouse.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
htlb.casalemedia.com
ib.adnxs.com
ibyt.in
id.sharedid.org
id5-sync.com
invstatic101.creativecdn.com
js-sec.indexww.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mp.4dex.io
mug.criteo.com
node.setupad.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prebid.a-mo.net
prod.uidapi.com
pubads.g.doubleclick.net
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
setupad-d.openx.net
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
stpd.cloud
sync-tm.everesttech.net
sync.adotmob.com
sync.taboola.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
www.google.com
www.googletagservices.com
104.17.119.107
104.18.33.19
141.226.228.48
142.250.184.194
142.250.185.98
147.75.85.234
151.101.129.108
151.101.130.49
159.65.196.12
159.89.25.223
162.19.138.119
172.64.151.162
172.64.154.237
178.250.0.157
18.156.0.31
18.190.65.196
18.195.166.51
185.183.112.155
185.184.8.90
185.80.39.216
185.89.210.141
185.89.210.20
2001:678:cb4:bbbb::11
23.203.77.3
23.7.155.102
2600:9000:2057:8a00:1b:5138:8a40:93a1
2606:4700:10::6816:3456
2606:4700:20::681a:8a9
2606:4700:20::681a:9b2
2606:4700:20::681a:ad1
2606:4700:20::ac43:4651
2606:4700:3032::ac43:8ad7
2606:4700::6811:180e
2606:4700::6812:1e31
2606:4700::6812:372
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2006
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a02:2638:1::13
2a02:2638:1::1a
2a02:2638:1::3
2a05:d018:d29:3601:aea4:a386:c0ef:3243
2a06:98c1:3120::3
3.248.128.187
3.71.169.66
34.102.146.192
34.120.135.53
34.95.81.168
34.96.70.87
35.156.45.230
35.190.39.111
35.204.158.49
35.205.207.25
35.208.249.213
35.244.159.8
35.71.131.137
37.157.4.25
37.157.6.252
37.157.6.253
52.193.245.250
52.34.9.17
52.46.130.91
52.94.223.167
54.171.40.8
64.74.236.95
65.9.66.122
69.173.144.138
69.173.144.139
85.114.159.118
017d9c861d37e5b932a7d66a0e5da8e808e827cecf9c9a700c138363b9ce071a
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03d35c1ff8a01dabf5d312f47b641d0dc6ad96b102f0b095e6af937881901757
0553bb739f1686e2e458b4f583ea068710e42e6e676b9e099f00aa56217151c2
0572a2ed61969faa91953723b5f166c281b2df9a19d2a8c787e121661b390e7b
07b29610732b2d6eaa976ca7017a051b3252acda106a6f12e96ed991d21d2786
08c3bad919dbd407c4cae51f276afe155c560e44db98ff88f0149593b335bb63
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb46ef5c134a2956eb7eeac152bb276b4f5f00fbb8b7e16ef31b220a608c923
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1292ba4d41b1720bce8abcf19fa19704cb6d95b0f3c904535972e8746730b009
13545cec095c1bc6dcc3af6ca0920ac82f5be96cb39595675820ce7c7f9153ee
135ac5454406c76d8960e10b6c602e80ea370da1b35f514f75bcb97d7311a74e
17d8d88bbda37857092433d87e0ca9f3a96d93c15d39e6cc3f476931c8fc6982
1a2c1feb837205266561469d31cdcd63ed2e2487bcdf580d5d69d8ed23a128e4
1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
202c97d52e7a60b88b4161f89de8e70ed8f3254924d6ea45a3ec3f7e6cd92367
21e6bfc83498c62890f327e8f92bf68023a612e85e9959e3a821e492ee764be8
239294ad9f5a4cdc3a73d0157ace443e4f7d78d5f39cc8cf7d5150663695e3cf
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2d3362f3a17aab5865bd07a58b9c3ff81a5c8235edc54f22f6f37dd463952b0a
2d50b5b8c23d54e1ea0bc7cd6167153a7410f73d0fa5a95b942894d9614b57e9
2e52ef6d3edeeb38d368a665461e32447a5448e7b7fceef0b1baf1326a97d6c2
2fb45dfc42254aa4e0fb40a65772986d5f492d9c00c77290617120ee398d6612
315656cf8a92c1fead3eded01adb79f49230f46e5087bea55a3210beb5a8971a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3219f1d97e20926e8434a1e77930f333499d6397f004d9f3304b28dde531e391
3457b3f987722f23c52744418be5651c20ffa901a76cadcab134995584c0327d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42c244a1d4667e05b47b8dc1c000b8c4f1361156a75d220739126b4a08668fab
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49930f364eda6d795fa66a38cd5dbd521983ad2814698262da8bdece001d1173
4a8f12143b569b8ea4f6d2dfbd7430ad0566982d866f3953d3338b050d93775c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ed02d70bfb264d5c13be5d7ab6f5ebc4c83722dc197d4c07266ce2072f760e4
4f5083c8eb8bc90cd7ba3358c406ddb6e8c6bb989b014ac7521f09e7e28946ca
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5357084dc291ce9ca968c7d698b69643a37aec545ad6502b8ca84702004a63af
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5733ae1deefd76f002f873d813dcb95334490adf102d4ad33f7905da607c2bcd
58171b988255633696c0ad836249a7b0dde4ab005b8e951770bdc25fb3dd08fe
5867306246bce7f6894f17fd7bfadbf448e1f554facecc2831793a090a5c08c0
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b969ce4f1aaa86fab56e574f25bf55786c869fadfaad45707abe8f15033e501
5f7ce83390400735e2aa56dc1c54d6df7f4142a26df770a0e60510da9aee6ad7
602a8c42ddadb2bad6f59454779da873d1a92e991918b7c945ad45af304dad84
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
636c0b14e0ea99b121c01a6882278a18490862a2c95fe7bd2b1c4ed1e71cd4ba
66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae
682bc6fde60036f3f9c58cf68ec07b0aa148ed4c2314088f348f2d55ca8894af
695de01446dcdc2f5f5682ffe63c3e3ea71d38c0d5db3ba46e924ac0fc7ab06f
6d3190617c56f16492c6b990d538fdae11393678a616c6e85845d02c67cf871d
6e544b270d1d302d50c4350bb12e448a368f8a6fa1a480a68c1911d5cb018b9f
716555eb87cff13e6097d28830daf4d2ce8e85153a55ce7ae0c69105f414b2c1
7594577b0f82e8417202e17c1674327162b71f434206cde37e141f4cca94081b
76424452f8e1eb0bc7fb20f6d7fa0dcaea480d7152a74756c01e816a663c3aa1
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8425219362308d38570c256ace8d66fca41731c0d79017d29bcafe195927c6b4
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8a0a9c76ff5fda2a5049654cde7897bd750e92b1001451a4a1e558d08de57887
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9349cd94f4467aa61dc329130d2c842e95b80b0663fa9553e6dc7d06d8f70ffc
947a0bf2395ddfe0c2dc6d79a1ea2eda2f61fd8edb081e03f9fb395c76c74309
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
98a4e5030c8869f5bd601f2fc59cae5868d595a521c5440f8f81584320e02695
999917e35dc4595fbc00770b2fa18676a88c25d5911541930956b7634cedab17
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b292f327a3992e63294a2fd23c19aa90762bcb9fbca550eb5ceac5368b1b37f
9bdf97b0b9f407b3db28d1e7540070425a68d18e65c6a480abaf7665cc03849e
9d9986b9e63d972f5a247ef3588094ac624a49b02bc21c950cdfbe64127a1cd2
9e3558b0e96fbe0efb2daadbf74dc44d914ac0a0423b66f81f0a4201c3b241ea
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a34d6e2b7f2fc60ae507f83ba217d6938945ad99158f9597cd673073fb41a8a7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a65a90d45e96a839c51c415245fdd88b0bebcdf8b4dc7faafd4d914b82cde215
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
ad36bad4b7f9a3aa4c150d866021b8b3c5e2f33b8618f8c4980df54bbe2cc171
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
adfd9abdf1e730ad6754449aff9cded17d264445eeee4aa6dc4eb8d33bcb19bc
b12e35c0f7f1219bc6fc0c5843f10412d1e91c409a8700da0c926e3283df1463
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c6a13df2fa2f0e99384ac1fde844d3ff6338971fbabcb9ec95194cf5b99ce2
b7bd13de967af6b55b81135b61b1f1a8d85dc529274f1a540529eb5bec85d1cc
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
ba7e5415dd99578e911122e008ce5f2b291069fb9c6e72149244cf4f995485a7
be06ffb2cd06a02216ca9a5e16cecf8009507b74105774aedd0617ddaa8b8cbf
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
be60eb858465a284256a6d38438c8781199501ec7ae16039c18d175216383f1f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c38245e11f00f6826ccb4c8c3ef34af85bf0766d71ab6900a5a5dd7ba4137a25
c6134a11a1dae1a790c0e2a39c6ea4bf5215c59a1fba65fb9ebb6c916acbecb4
c8b154cd6a1b7dc8eccd83fc4df4a84a1792e1f66620a5c8713967a021f3a762
cb80ca4dfe5956e4ba2c737e0b25fb90d9151e5150884b5ac9be8b05abac8d71
cb928c1556113a8771f2308ed1a0b26909e1bb8cab0d13c1c439e55be3f59402
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d384e7e41b82cb578964bead5c6774f433306485ac5cf75b6c3fa0ededbb5302
dfda9cbf989f6a8d969c5560b689e0d725cb1ba2b1a9109e5dbac752f85e621f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fe3edff39be8fdcb0d19b6cda5deffb4ae75c3e8605c14a9113eec57da555b
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0614d133485eb27f62c81a9ddd788d420fbde87c2933722c989694f53b79778
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f2f3daa7747d89d5ab9e62ff6b467767026c9dce64b745953be6a9648ce1b8ab
f9ab7b98ae63cf78b4329333ba77d5dd0b586341fbc4fa108e8a7ed13b5447a5
fb2f2ce84fab7729345064f53a65b0a2392e1a26dcb09d1c23e37408c332ba33
fc6ec2e00d176abcceaf82c19bfbe79fa952a69ded0c0a3dfee6011499487348
fc864e8ad7ef123f9a5e38648177347eb304202b5485c5e61ba30640f3a9304f
fcea96036dd94a472c5741864dbc742cab3777cf47f3524a47b796a0231aef9e