user2.cloudconfigpure.top Open in urlscan Pro
5.75.200.160 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://user2.cloudconfigpure.top/
Submission: On April 26 via automatic, source certstream-suspicious (April 26th 2023, 1:52:46 pm UTC) — Scanned from DE

Summary HTTP 277 Redirects Links 61 Behaviour Indicators

Summary

This website contacted 49 IPs in 5 countries across 40 domains to perform 277 HTTP transactions. The main IP is 5.75.200.160, located in Germany and belongs to HETZNER-AS, DE. The main domain is user2.cloudconfigpure.top.
TLS certificate: Issued by R3 on April 26th 2023. Valid for: 3 months.

This is the only time user2.cloudconfigpure.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	5.75.200.160 5.75.200.160	24940 (HETZNER-AS) (HETZNER-AS)
69	192.229.233.181 192.229.233.181	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:600:7:7419:8e80:21	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	104.18.10.47 104.18.10.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	192.229.233.218 192.229.233.218	15133 (EDGECAST) (EDGECAST)
15	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a03:2880:f27... 2a03:2880:f276:d2:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f27... 2a03:2880:f276:e8:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
2	2a02:26f0:6c0... 2a02:26f0:6c00:188::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	13.32.99.21 13.32.99.21	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
2	52.7.232.7 52.7.232.7	14618 (AMAZON-AES) (AMAZON-AES)
1	104.86.47.65 104.86.47.65	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	18.66.112.92 18.66.112.92	16509 (AMAZON-02) (AMAZON-02)
1	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:812::200d	15169 (GOOGLE) (GOOGLE)
1	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4686	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.111.217.14 104.111.217.14	16625 (AKAMAI-AS) (AKAMAI-AS)
10	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
2 4	2606:4700::68... 2606:4700::6812:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.99.91 13.32.99.91	16509 (AMAZON-02) (AMAZON-02)
1	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
277	49

25 5.75.200.160 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.160.200.75.5.clients.your-server.de

user2.cloudconfigpure.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 192.229.233.181 (Granada Hills, United States)

ASN15133 (EDGECAST, US)

townsquare.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:600:7:7419:8e80:21 (United States)

ASN16509 (AMAZON-02, US)

doi3unldljdx6.cloudfront.net.	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 192.229.233.218 (Granada Hills, United States)

ASN15133 (EDGECAST, US)

cdn.production.townsquareblogs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ignitecampaigns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f276:d2:face:b00c:0:43fe (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f276:e8:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:188::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.7.232.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-232-7.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.86.47.65 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-86-47-65.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

41e55f91de4c086014313d38b1e345c0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-92.fra56.r.cloudfront.net

static.solutionshindsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.217.14 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-14.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:17ea (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

action.dstillery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-91.fra60.r.cloudfront.net

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	townsquare.media townsquare.media — Cisco Umbrella Rank: 35082	2 MB
33	ignitecampaigns.com ignitecampaigns.com — Cisco Umbrella Rank: 128359	211 KB
25	cloudconfigpure.top user2.cloudconfigpure.top	841 KB
24	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 166 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 ad.doubleclick.net — Cisco Umbrella Rank: 201 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	193 KB
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 41e55f91de4c086014313d38b1e345c0.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 177	191 KB
18	google.com 1 redirects apis.google.com — Cisco Umbrella Rank: 236 www.google.com — Cisco Umbrella Rank: 16 region1.analytics.google.com — Cisco Umbrella Rank: 2930 adservice.google.com — Cisco Umbrella Rank: 130 accounts.google.com — Cisco Umbrella Rank: 92	237 KB
13	gstatic.com fonts.gstatic.com ssl.gstatic.com	115 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 322	218 KB
7	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	127 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1159 syndication.twitter.com — Cisco Umbrella Rank: 1451	150 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	171 KB
3	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 842
3	google.de www.google.de — Cisco Umbrella Rank: 3425 adservice.google.de — Cisco Umbrella Rank: 5261	1 KB
3	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 361	59 KB
3	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 3067 log.pinterest.com — Cisco Umbrella Rank: 4554	19 KB
3	townsquareblogs.com cdn.production.townsquareblogs.com — Cisco Umbrella Rank: 58851	104 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	21 KB
2	media6degrees.com action.media6degrees.com — Cisco Umbrella Rank: 8581	373 B
2	dstillery.com 2 redirects action.dstillery.com — Cisco Umbrella Rank: 9078	277 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1707	1 KB
2	teads.tv a.teads.tv — Cisco Umbrella Rank: 1617 at.teads.tv — Cisco Umbrella Rank: 4942	4 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	1 KB
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 1019	458 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 218	3 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 2058	104 B
2	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1073	202 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	89 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	145 KB
2	instagram.com 1 redirects platform.instagram.com — Cisco Umbrella Rank: 9613 www.instagram.com — Cisco Umbrella Rank: 1309	20 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	2 KB
1	p-n.io cdn.p-n.io — Cisco Umbrella Rank: 6168	57 KB
1	btloader.com btloader.com — Cisco Umbrella Rank: 1542	13 KB
1	solutionshindsight.net static.solutionshindsight.net — Cisco Umbrella Rank: 42638	28 KB
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 442	288 B
1	casalemedia.com as-sec.casalemedia.com — Cisco Umbrella Rank: 2361	513 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1680	17 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 451	397 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1060	367 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 958	13 KB
1	net. doi3unldljdx6.cloudfront.net.	43 KB
277	40

	Domain	Requested by
69	townsquare.media	user2.cloudconfigpure.top ignitecampaigns.com doi3unldljdx6.cloudfront.net.
33	ignitecampaigns.com	doi3unldljdx6.cloudfront.net. ignitecampaigns.com
25	user2.cloudconfigpure.top	user2.cloudconfigpure.top townsquare.media doi3unldljdx6.cloudfront.net.
20	securepubads.g.doubleclick.net	doi3unldljdx6.cloudfront.net. www.googletagservices.com securepubads.g.doubleclick.net user2.cloudconfigpure.top
10	tpc.googlesyndication.com	user2.cloudconfigpure.top doi3unldljdx6.cloudfront.net.
10	cdn.ampproject.org	doi3unldljdx6.cloudfront.net.
8	apis.google.com	user2.cloudconfigpure.top doi3unldljdx6.cloudfront.net. www.youtube.com accounts.google.com apis.google.com
7	www.youtube.com	doi3unldljdx6.cloudfront.net. www.youtube.com
7	pagead2.googlesyndication.com	townsquare.media securepubads.g.doubleclick.net user2.cloudconfigpure.top tpc.googlesyndication.com
7	fonts.gstatic.com	fonts.googleapis.com
6	ssl.gstatic.com	user2.cloudconfigpure.top accounts.google.com
4	region1.analytics.google.com	user2.cloudconfigpure.top
4	platform.twitter.com	user2.cloudconfigpure.top doi3unldljdx6.cloudfront.net.
4	www.googletagservices.com	user2.cloudconfigpure.top doi3unldljdx6.cloudfront.net.
3	stags.bluekai.com	user2.cloudconfigpure.top
3	www.google.com	1 redirects user2.cloudconfigpure.top doi3unldljdx6.cloudfront.net.
3	c.amazon-adsystem.com	user2.cloudconfigpure.top c.amazon-adsystem.com
3	cdn.production.townsquareblogs.com	user2.cloudconfigpure.top cdn.production.townsquareblogs.com
3	www.google-analytics.com	user2.cloudconfigpure.top www.google-analytics.com
2	action.media6degrees.com	user2.cloudconfigpure.top
2	action.dstillery.com	2 redirects
2	ad-delivery.net	user2.cloudconfigpure.top
2	accounts.google.com	doi3unldljdx6.cloudfront.net. user2.cloudconfigpure.top
2	www.facebook.com	doi3unldljdx6.cloudfront.net.
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	syndication.twitter.com	platform.twitter.com user2.cloudconfigpure.top
2	sb.scorecardresearch.com	doi3unldljdx6.cloudfront.net. user2.cloudconfigpure.top
2	www.google.de	user2.cloudconfigpure.top
2	i.clean.gg	doi3unldljdx6.cloudfront.net.
2	stats.g.doubleclick.net	www.google-analytics.com user2.cloudconfigpure.top
2	cdn.taboola.com	user2.cloudconfigpure.top doi3unldljdx6.cloudfront.net.
2	connect.facebook.net	user2.cloudconfigpure.top connect.facebook.net
2	www.googletagmanager.com	user2.cloudconfigpure.top doi3unldljdx6.cloudfront.net.
2	assets.pinterest.com	user2.cloudconfigpure.top doi3unldljdx6.cloudfront.net.
2	fonts.googleapis.com	user2.cloudconfigpure.top doi3unldljdx6.cloudfront.net.
1	log.pinterest.com	user2.cloudconfigpure.top
1	cdn.p-n.io	doi3unldljdx6.cloudfront.net.
1	googleads.g.doubleclick.net	user2.cloudconfigpure.top
1	ad.doubleclick.net	user2.cloudconfigpure.top
1	btloader.com	doi3unldljdx6.cloudfront.net.
1	at.teads.tv	a.teads.tv
1	a.teads.tv	doi3unldljdx6.cloudfront.net.
1	static.solutionshindsight.net	doi3unldljdx6.cloudfront.net.
1	41e55f91de4c086014313d38b1e345c0.safeframe.googlesyndication.com	doi3unldljdx6.cloudfront.net.
1	adservice.google.com	doi3unldljdx6.cloudfront.net.
1	adservice.google.de	doi3unldljdx6.cloudfront.net.
1	gum.criteo.com	doi3unldljdx6.cloudfront.net.
1	as-sec.casalemedia.com	js-sec.indexww.com
1	secure.cdn.fastclick.net	doi3unldljdx6.cloudfront.net.
1	match.adsrvr.org	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	www.instagram.com	user2.cloudconfigpure.top
1	platform.instagram.com	1 redirects
1	js-sec.indexww.com	user2.cloudconfigpure.top
1	doi3unldljdx6.cloudfront.net.	user2.cloudconfigpure.top
277	55

This site contains links to these domains. Also see Links.

Domain
shop.xxlmag.com
www.instagram.com
twitter.com
youtube.com
www.facebook.com
www.xxlmag.com
www.townsquaremedia.com
www.youtube.com

Subject Issuer	Validity	Valid
user2.cloudconfigpure.top R3	`2023-04-26` - `2023-07-25`	3 months	crt.sh
www6.townsquaremedia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-10-06` - `2023-10-05`	a year	crt.sh
www8.townsquaremedia.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-09` - `2023-10-30`	10 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-02` - `2023-05-03`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2023-03-27` - `2023-06-25`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.scorecardresearch.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-28`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-02` - `2023-12-02`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
solutionshindsight.net Amazon RSA 2048 M01	`2023-02-22` - `2024-01-19`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
pushlycdn.com Amazon RSA 2048 M02	`2023-02-27` - `2024-02-13`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://user2.cloudconfigpure.top/
Frame ID: 06FDED484D570B75155052F1EB5406B3
Requests: 144 HTTP requests in this frame

Frame: https://cdn.production.townsquareblogs.com/aleph/
Frame ID: C5B4FB08EDEAF96734D26E8A84A57EC1
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fuser2.cloudconfigpure.top
Frame ID: AF2809C646346838889471006692EF97
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channel=XXLMagazine&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fuser2.cloudconfigpure.top&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.quWKHAGG1QE.O%2Fd%3D1%2Frs%3DAHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ%2Fm%3D__features__
Frame ID: 5BD2A0CC6EE09AC213C1B074A646AF9A
Requests: 5 HTTP requests in this frame

Frame: https://41e55f91de4c086014313d38b1e345c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 64B354DFE16AE622414111C30606F394
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fuser2.cloudconfigpure.top&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.quWKHAGG1QE.O%2Fd%3D1%2Frs%3DAHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ%2Fm%3D__features__
Frame ID: 09FB75FFFEFA7416244F8FB1E2D9B92F
Requests: 5 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: AF4D28D883B960C8C94DE1FB3456398E
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCbg_UMjlHJg_19SZckaKajg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.quWKHAGG1QE.O%2Fd%3D1%2Frs%3DAHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ%2Fm%3D__features__
Frame ID: F1627C817724198798FA887AFBA5FE5D
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssn3Lp5T4Jh2KIyDDMpACPpQBrstvlfVddyD2rkkopVXVPwLfZHCblTswEzhn-DJVRjN5NIK-mR1pASPyicvMJfuBJX9X-NHfNRXvftt2JoNtMzzfjBGA9r3RN2a9yd-jfEVR5xi-Zekil6vw6fDl_XdI0qMWOt6dn-FT3hCtNt8-uzFBs2opOLHqpGgywJmjR7UVxHNpt5IR-DsxVo5J9LViOvbaN2jvay2gEih5ISjwhxBY9ulYqCo0DTZhrmX9KtdU83vw0kPFGdzSOgV4RHvI2vHoJrZwwjEFHZzYlLYuSYBww7IPc1kP5z216YmJ3lIB9OA6OMFtS3rf0d&sai=AMfl-YReHZCPZHxrBF_6bUJXqIQCY0UmP1DMVjaXAfKOpDE0Fz_REUG35JvdSJe8v67TIVJSzHW2ckJcHj-CKmu2WKXC8mD5lYiaHT0CddnLT3xNuf9MUL_TU9VtL5dyEhcJSuAffPBpu3QAwsbgvlo&sig=Cg0ArKJSzEfOTg96FVecEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A761F237BF597136273202C3AE00B209
Requests: 6 HTTP requests in this frame

Frame: https://ignitecampaigns.com/national/rsspromo/?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&limit=12&trackback=dynamic-ad-300
Frame ID: 425C4E8EC5B14CE41CC897475F67BBA0
Requests: 21 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs
Frame ID: 4FFEE136D4B25ABA905707227C15B7A8
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs
Frame ID: FFA3A4DBBD694E151ED9500D4C18A701
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOJkPCa7kQi-PGcRIuPnxMeBpYz0v9scioWHkeeJOj2LMzymZaBRBEQnBOe0yjc7gQ-0Xbjq1cVhzL4QAVuXNZtalrkvtcTwpXcRqzdRsKAVo3GtCtbKMEFzEW8i3gWzJfQRlhtQnxCdtP16lzw6F6egICGYHRRQHDTagdOmM3zlPRMp8_hx9jg__FE8m04lPUZlGxz2hWGOJB-EjHfV0owEZftnKk8FTXSIkLRWJR9lCGbNVVl_IXVbFmS7N0qWVZ44jzidqL2z6vYjRxCFt1jaUtlJ-0LjSc8pxaG2UukNyHEg5Vx-5VuGB_pASsiTMzDrBtYcIS_-019VS1Kw&sai=AMfl-YRKYM9YkXDByO4nZ-FblE5HaKt84kkXoxgmdBAiCNgdXtQ2vwxRfwGiQo_CagvQzPtuNb0WXANEReOQbYaI_mZ-o6COMWZH5Ygum0P6_yNLR41nvIL-PH5fzdWah46BrQ&sig=Cg0ArKJSzDs1d2lxgExjEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2E59A302ACF254EEE1131B35939A8474
Requests: 5 HTTP requests in this frame

Frame: https://ignitecampaigns.com/national/rsspromo/rsspromo728.php?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&trackback=dynamic-house-728
Frame ID: F12C197D2351C93104C59851C7237A4F
Requests: 24 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsth3VgUxuLPnsFLc41ucIqT79GETFrr2UHJtXaCoO1zAqkEfDktdQg2jIUPeam1zwJcxZDxT7ALamicXtZoVbTxN6p46y08qOQjdDF-OPd41gnGNZtj6VH0zfZaomwIv-1V_UAKlPq91epZs_b_66JjWXNuBDZH-_CA4KpATWQxVvolhmy7lAstb0pF1CaUqe8Hpr9rkGRs0Lv8TwljPaUrYBnckDfv9IsavPIL9mCna5vIldSe7wNVPnyjv2ttAeevOXhDT3BBnRA5-JK5K0hP4J2NGWElS8yE-5URQ75PMfmb2nUgwHDysf_JGkxd9jmwV4KhzlehJt-ZphhzVA&sai=AMfl-YRAVQGE14w8ZsrewtvOFXJURDVa-CiY-B_p6faRxxQY5_k8ikMGP9bwNjs3Ts-U8Eikv4vdSz1jeqEOMy2P-jhgzUrZlyJp6lNwG8SnhOhUKpdpkehictvYIPjd70cCWs4&sig=Cg0ArKJSzOQsZ167B5XsEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E466A62C355721EBB873FE809C8E3E63
Requests: 6 HTTP requests in this frame

Frame: https://ignitecampaigns.com/national/rsspromo/rsspromo728.php?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&trackback=dynamic-house-728
Frame ID: FDA84BDB180CEC166B89645780206BD3
Requests: 24 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=184854740153433&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2490c31359b34%26domain%3Duser2.cloudconfigpure.top%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fuser2.cloudconfigpure.top%252Ff15ac4aa307b38%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fxxlmag&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&width=47px
Frame ID: 69CB8DFC8873F7931B7DB8E0C0A1ABE7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 441DE8D15ECCA9F129B6618EA82E3464
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2E955A8D63502867C2E5347F5A0CF5E5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hip-Hop News, Rap Music - XXL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

277
Requests

99 %
HTTPS

57 %
IPv6

40
Domains

55
Subdomains

49
IPs

5
Countries

5481 kB
Transfer

12046 kB
Size

20
Cookies

61 Outgoing links

These are links going to different origins than the main page.

URL: http://shop.xxlmag.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.instagram.com/xxl
Title: Visit us on Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/XXL
Title: Visit us on Twitter

Search URL Search Domain Scan URL

URL: https://youtube.com/user/XXLMagazine
Title: Visit us on Youtube

Search URL Search Domain Scan URL

URL: https://www.facebook.com/xxlmag
Title: Visit us on Facebook

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/lil-durk-interview-the-voice-2-0-album/
Title: Lil Durk Reveals All About New Album, Jay-Z's Words, India Royale

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/author/georgette/
Title: Georgette Cline

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/hip-hop-album-covers/
Title: Greatest Hip-Hop Album Covers of All Time

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/tory-lanez-prosecution-manipulated-dna-evidence-megan-thee-stallion-trial/
Title: Tory: D.A. Manipulated Evidence

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/soulja-boy-assault-kidnapping-pay-ex-girlfriend-235000-dollars/
Title: Soulja Boy to Ex Pay $235K

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/bhad-bhabie-body-work-fillers-shots/
Title: Bhad Bhabie Reveals Body Modifications

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/tory-lanez-dna-evidence-misled-jurors/
Title: Tory Lanez Attorney New Info

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/ab-soul-welcomes-twins/
Title: Ab-Soul Welcomes Twins

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/ice-spice-interview/
Title: Ice Spice Feels Like a Star But She's Got a Long Way to Go

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/freddie-gibbs-interview-acting-new-projects/
Title: Freddie Gibbs Interview - Acting, Four New Projects, Joy in Rap

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/chance-the-rapper-interview/
Title: Chance The Rapper Interview - New Album Details, Changing Hip-Hop

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/pusha-t-interview-best-rap-album-kanye-west/
Title: Pusha T Interview - Best Rap Album of the Year, Kanye West, More

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/jid-interview/
Title: JID Satisfies Fans Old and New as One of the Great Storytellers

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/bobby-shmurda-interview/
Title: Bobby Shmurda Gives His Most Revealing Interview Yet

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/yung-miami-interview/
Title: Yung Miami Interview - Podcast Goals, City Girls Album, Diddy

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/eminem-interview-career-addiction/
Title: Eminem Interview - His Career, Addiction Battle, More

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/lupe-fiasco-interview/
Title: Lupe Fiasco Interview - His Music, Mindset and Martial Arts

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/playboi-carti-interview/
Title: Playboi Carti Gives Rare Interview on New Music, Fatherhood, More

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/latto-interview-big-energy/
Title: Latto Interview - Big Energy, Double Standards, Pharrell's Advice

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/2-chainz-interview/
Title: 2 Chainz Interview - New Deluxe Album, Business Ventures and More

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/rick-ross-interview-cars/
Title: Rick Ross Interview – Vintage Car Collection and Deluxe Album

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/pooh-shiesty/
Title: Pooh Shiesty - 2021 XXL Freshman

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/morray/
Title: Morray - 2021 XXL Freshman

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/flo-milli/
Title: Flo Milli - 2021 XXL Freshman

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/42-dugg/
Title: 42 Dugg - 2021 XXL Freshman

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/polo-g/
Title: Polo G - 2020 XXL Freshman

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/chika/
Title: Chika - 2020 XXL Freshman

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/baby-keem/
Title: Baby Keem - 2020 XXL Freshman

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/author/cvernoncoleman/
Title: C. Vernon Coleman II

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/author/awoods/
Title: Aleia Woods

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/rappers-with-twins-triplets/
Title: Rappers With Either Twins or Triplets

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/50-cent-pras-rat-federal-informant/
Title: 50 Cent Calls Pras a Rat for Being a Federal Informant

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/ot-genasis-150000-ace-of-spades-bottle/
Title: OT Genasis Gets $150,000 Ace of Spades Bottle at Las Vegas Club

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/author/xxlstaff/
Title: XXL Staff

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/rick-ross-offers-don-lemon-job-wingstop/
Title: Rick Ross Offers Journalist Don Lemon a Job at Wingstop

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/lil-baby-khloe-kardashian-curse/
Title: Lil Baby and Khloe Kardashian Spotted Eating Together, Fans React

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/swae-lee-brawl-coachella-security/
Title: Swae Lee Involved in Huge Brawl With Coachella Security

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/a-i-hip-hop-songs/
Title: A.I. Hip-Hop Songs Featuring Fake Jay-Z, Drake, Kanye West & More

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/author/joeyech/
Title: Joey Ech

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/author/trentfitzgerald/
Title: Trent Fitzgerald

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/ice-spice-princess-diana-remix-nicki-minaj-four-billboard-hot-100-chart/
Title: Ice Spice, Nicki Minaj 'Princess Diana' Remix No. 4 on Billboard

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/50-cent-disses-irv-gotti-nelly-ashanti-dating/
Title: 50 Cent Disses Irv Gotti Following Rumor Nelly and Ashanti Dating

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/nba-youngboy-swizz-beatz-lloyd-banks-new-hip-hop-projects/
Title: NBA Youngboy, Swizz Beatz and More - New Hip-Hop Projects

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/ice-spice-nicki-minaj-princess-diana-remix/
Title: Ice Spice, Nicki Minaj 'Princess Diana' Remix - Listen

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/nba-youngboy-nicki-minaj-wtf-song/
Title: NBA YoungBoy, Nicki Minaj 'WTF' - Listen to New Song

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/hunxho-interview-the-break/
Title: The Break Presents - Hunxho

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/the-break-interview-superstar-pride/
Title: The Break Presents - Superstar Pride

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/the-break-interview-luh-tyler/
Title: The Break Presents - Luh Tyler

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/ysl-trial-bizarre-moments/
Title: Bizarre Moments in the YSL Trial, the Wildest Trial in Hip-Hop

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/rappers-confusing-lyrics/
Title: Rappers Confusing Lyrics and Fans Didn’t Know What They Said

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/tags/xxl-magazine/

Search URL Search Domain Scan URL

URL: http://shop.xxlmag.com/?ref=rrad

Search URL Search Domain Scan URL

URL: https://www.xxlmag.com/tags/the-notorious-big-anniversary/

Search URL Search Domain Scan URL

URL: http://www.townsquaremedia.com/national-media/advertise
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/XXLMagazine
Title: Visit us on Youtube

Search URL Search Domain Scan URL

URL: https://www.townsquaremedia.com/
Title: , Townsquare Media, Inc

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js

Request Chain 205

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 212

https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=XXL&ncv=24 HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=XXL&ncv=24

Request Chain 213

https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24 HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24

277 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
user2.cloudconfigpure.top/ 310 KB
53 KB 193ms
47ms Document
text/html 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.160.200.75.5.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

ace0b1b00b83a7c6c54da7925cc91c16a62df5f1090cba44f45fac7ad0aca9f4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14
cache-control: no-cache
content-encoding: gzip
content-length: 53455
content-type: text/html; charset=utf-8
date: Wed, 26 Apr 2023 13:52:38 GMT
etag: W/"4d6fd-Nm833g7xNCmukDAb64zSug"
expires: Wed, 26 Apr 2023 13:52:37 GMT
gdpr-source: DE
last-modified: Wed, 26 Apr 2023 13:52:24 GMT
server: nginx/1.24.0
vary: Accept-Encoding
via: 1.1 varnish
x-abgroup: A
x-cache: HIT
x-device: desktop
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-ua-device: desktop
x-varnish: 217500966

GET
H2 200 base.css
user2.cloudconfigpure.top/styles/desktop/ 587 KB
123 KB 38ms
37ms Stylesheet
text/css 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user2.cloudconfigpure.top/styles/desktop/base.css?ver=83cf5309481aabe9e42201fa97ee9f3c6cb2b17f&mver=421&gver=4

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.160.200.75.5.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

9d9b67b63fc03a2ceccac3992894a808436d7b4ea10daf566acf8eaa2e40cffa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:38 GMT
content-encoding: gzip
via: 1.1 varnish
age: 70173
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
content-length: 124963
x-device: desktop
last-modified: Tue, 25 Apr 2023 18:23:06 GMT
server: nginx/1.24.0
etag: W/"92be9-ZDyJJ/Y4m8LI48oMYs30AQ"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
x-varnish: 202359109
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 main.bundle.83cf5309481aabe9e42201fa97ee9f3c6cb2b17f.js Show response
townsquare.media/public/dist/desktop/ 914 KB
237 KB 96ms
21ms Script
application/javascript 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://townsquare.media/public/dist/desktop/main.bundle.83cf5309481aabe9e42201fa97ee9f3c6cb2b17f.js?mver=421&gver=4

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674D) / Express

Resource Hash

f984e705cfbdb209a17650c8ee53c3945e5022064da2750a8b4f4750c8e1537d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:38 GMT
content-encoding: gzip
via: 1.1 varnish
age: 69931
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 241980
last-modified: Tue, 04 Apr 2023 20:16:17 GMT
server: ECS (frb/674D)
etag: W/"e460a-1874de9bf87"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 3984539722 3984532001
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 23 KB
2 KB 76ms
29ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

185e221bd8c9529a8b382c36fb57986c7e1b000ab5a1cfb2e109a2f6a8959609

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Apr 2023 13:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 13:52:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Apr 2023 12:27:45 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5093
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 26 Apr 2023 14:27:45 GMT

GET
H2 200 autotrack.carbon.js Show response
townsquare.media/public/resources/js/ 4 KB
2 KB 19ms
19ms Script
application/javascript 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://townsquare.media/public/resources/js/autotrack.carbon.js

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D4) / Express

Resource Hash

17c048bfb0138677a5774ee0301b7858b6d3fa8620fcaf62b6b81a0b5a37996a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:38 GMT
content-encoding: gzip
via: 1.1 varnish
age: 78998
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 2031
last-modified: Thu, 03 Oct 2019 20:12:19 GMT
server: ECS (frb/67D4)
etag: W/"119a-16d93407ae3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 3988236617 3982279054
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 script.js Show response
doi3unldljdx6.cloudfront.net./ 122 KB
43 KB 90ms
22ms Script
application/javascript 2600:9000:20eb:600:7:7419:8e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://doi3unldljdx6.cloudfront.net./script.js
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:600:7:7419:8e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1667c72a920bde0decdaf560caf4a4733b0c6ddf5bf41039850adc8d53a1670

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: XuDHExqJir5NF1klYzLJzy6bGNQcovbl
content-encoding: gzip
via: 1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
date: Wed, 26 Apr 2023 13:49:05 GMT
last-modified: Wed, 26 Apr 2023 13:14:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 215
x-amz-server-side-encryption: AES256
etag: W/"2596f4b732a286362f1947b1b7742365"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600,public,must-revalidate
x-amz-cf-id: vPH-_yOkPbd_6MgeZEj75X6jQLFjzZQ0fc4I_o-A-eoo3Ndzt9sglA==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 74 KB
25 KB 211ms
146ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae4bd83846293fa33ad76f1fb8228d3334fd5398d44763ffd6d5b15a2f86d510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24998
x-xss-protection: 0
server: cafe
etag: 817 / 19473 / m202304200101 / config-hash: 3496528444417690014
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2 200 186854-113710634486999.js Show response
js-sec.indexww.com/ht/p/ 37 KB
13 KB 105ms
37ms Script
text/javascript 104.18.10.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1f87b6ebedfe2a978cb946c520baf745f8e3a4b47c690f9c7b353a84f7b53ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 26 Apr 2023 13:35:34 GMT
server: cloudflare
age: 1023
etag: W/"904977-930b-5fa3d50830fae"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 7bdf4eb14c463600-FRA
expires: Wed, 26 Apr 2023 17:52:38 GMT

GET
H2 200 pb.js Show response
cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/ 336 KB
103 KB 131ms
21ms Script
application/javascript 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=83cf5309481aabe9e42201fa97ee9f3c6cb2b17f&mver=421&gver=4

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668B) / Express

Resource Hash

cd882defb22ef2297d82f4bcddaa81f33d3bf510f2cc0538fbc938e674363dab

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:38 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 64890
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop, desktop
x-device: carbon, carbon
content-length: 104694
last-modified: Tue, 25 Apr 2023 22:44:59 GMT
server: ECS (frb/668B)
etag: W/"54143-08zBaRn3xpZVIPOlnl+aFQ"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-varnish: 3985841713, 206364423 203735110
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 84ms
33ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5007dac1365dd925963e4bc2ff805516823a6d61e200ca67066b8e0b843887be

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Apr 2023 13:52:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21024
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "7874612b45f73adb"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2

200

embed.js Show response
www.instagram.com/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js

55 KB
20 KB

128ms
66ms

Script
application/x-javascript

2a03:2880:f276:e8:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/embed.js

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Server

2a03:2880:f276:e8:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

857bc36c665c935005b92c09e2fc642b7cf15c9877b0a6142113389f53524152

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: br
x-content-type-options: nosniff
date: Wed, 26 Apr 2023 13:52:38 GMT
content-md5: ysQ/yaPGm+2/r9cJIaly7w==
document-policy: force-load-at-top
edge-control: cache-maxage=1200s
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19442
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown"
x-fb-debug: XtjWfXOV7HGyzNwYOMZMfTkvcse59hfrukAcY05jeO5GYRI5zHX+sTs7qoZ+HhyYGUovUporyWAdlY+UEDARdQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 152b7ec9b37b1d5657e0b8c1b58169f8
cross-origin-opener-policy: same-origin-allow-popups
etag: "71033d228f8719997e34ae7769df53c8"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 26 Apr 2023 14:12:38 GMT

Redirect headers

location: https://www.instagram.com/embed.js
date: Wed, 26 Apr 2023 13:52:38 GMT
x-fb-trip-id: 1679558926
server: proxygen-bolt
content-length: 0
content-type: text/plain

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
448 B 230ms
48ms Script
application/javascript 2a02:26f0:6c00:188::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:188::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=261
accept-ranges: bytes
content-length: 203

GET
H2 200 xxl-trimmed-spacing.png
townsquare.media/site/812/files/2017/10/ 16 KB
16 KB 21ms
20ms Image
image/png 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2017/10/xxl-trimmed-spacing.png

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67A8) / Express

Resource Hash

a6b6497b2ab4ae6431fcb6739feac949bc75bbd4108bac5e26f055ddd65c7dec

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:38 GMT
via: 1.1 varnish
age: 5097192
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 16566
last-modified: Mon, 11 Apr 2022 16:30:56 GMT
server: ECS (frb/67A8)
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
x-varnish: 3451387486
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

POST
H2 200 cogitoergosum Show response
user2.cloudconfigpure.top/rest/high/api/ 128 B
675 B 144ms
144ms XHR
application/json 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user2.cloudconfigpure.top/rest/high/api/cogitoergosum

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.160.200.75.5.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

6df1f91380476cae296a8df5b4c1e30aa42ad36e9c33fe6a3fbfa18562b54f59

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://user2.cloudconfigpure.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/json

Response headers

date: Wed, 26 Apr 2023 13:52:38 GMT
server: nginx/1.24.0
etag: W/"80-jzM5HCjERnwGkw9KRObjCYYJIQU"
x-powered-by: Express
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
content-length: 128
x-device: desktop
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 191 KB
64 KB 80ms
30ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K346HJZ

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1abd6b8374d7864be72f77d5361b5a72aa7154d03b858666bfc62bb06270b3f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65140
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 226 KB
56 KB 104ms
27ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:09:53 GMT
content-encoding: gzip
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront), 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
last-modified: Wed, 19 Apr 2023 20:25:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2566
x-amz-server-side-encryption: AES256
etag: W/"d0373f28cbce103f094bc2631a9c8dd5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: QaKzmrsRSy2xawWrr8zmbbQWoGfkF_DjAQJaB9y0TXLPQxuiLtD1_Q==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 106ms
19ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 13:52:38 GMT
Content-Encoding: gzip
Age: 113
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/67C0)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 67ms
20ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3a52f6b0feecd9520f5987a3f8a2168ab5c538696fea7c2f7c854d96eca5003b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Apr 2023 13:52:38 GMT
content-md5: y8AVJJSCWyL+6hUg1LCrmg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: sWOEmnljZRLUqxPF3Swgek5F1BPffaqr1qEeqa0NKeTbyMu9gvNWkGwglLYYHAGurci0oq+83M2JhF0zpehKtw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 53acbfb65e86fb3dd5f976abc4ece553
cross-origin-opener-policy: same-origin-allow-popups
etag: "28fd68b606f730f546fda8c748a3b577"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 26 Apr 2023 14:05:19 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/townsquaremediatsm-network/ 159 KB
44 KB 86ms
34ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/townsquaremediatsm-network/loader.js
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 90eb99353d967dcf6ecf7e78666a956c2c23f4184e1454b1fc273dc225b45c2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: wI1HBzrOI16Db7KcidQYo49G5Keyzlte
content-encoding: gzip
via: 1.1 varnish
date: Wed, 26 Apr 2023 13:52:38 GMT
x-amz-request-id: 5YRHRC2EPDG8CD0V
age: 2596
x-amz-server-side-encryption: AES256
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 6
x-amz-replication-status: FAILED
content-length: 44007
x-amz-id-2: dmWIdz3lJPohaTvv1eieaoatXNYOdpX/uthtR93f/DUzx9nGriszjMuQD9S6WEpLAnE7QtN4Vng=
x-served-by: cache-hhn-etou8220048-HHN
last-modified: Tue, 25 Apr 2023 12:13:17 UTC
server: nginx
x-timer: S1682517159.676022,VS0,VE16
etag: "3a5a4ffa23d06674253b356d414f19350bb753a7"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 23
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 / Show response
cdn.production.townsquareblogs.com/aleph/ Frame C5B4 2 KB
852 B 22ms
22ms Document
text/html 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.production.townsquareblogs.com/aleph/
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) / Express
Resource Hash: e455c9481ab43afb3fe882d539f47ad82eb560651f6c68a99f4dfb8ff4249d88

Request headers

Referer: https://user2.cloudconfigpure.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17
cache-control: no-cache
content-encoding: gzip
content-length: 708
content-type: text/html; charset=UTF-8
date: Wed, 26 Apr 2023 13:52:38 GMT
etag: W/"7dd-17eb77f56cd"
expires: Wed, 26 Apr 2023 13:52:37 GMT
gdpr-source: DE
last-modified: Tue, 01 Feb 2022 22:54:42 GMT
server: ECS (frb/675D)
vary: Accept-Encoding
via: 1.1 varnish
x-abgroup: A
x-cache: HIT
x-powered-by: Express
x-varnish: 3999598693

GET
H2 500 FFF4F4F4
user2.cloudconfigpure.top/styles/desktop/ 579 B
579 B 141ms
140ms Image
text/html 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user2.cloudconfigpure.top/styles/desktop/FFF4F4F4
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/styles/desktop/base.css?ver=83cf5309481aabe9e42201fa97ee9f3c6cb2b17f&mver=421&gver=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.160.200.75.5.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: 9c6023cab00377a76e324c23c6a99fd29716dd5ca0423a7f4127dc9e69438418

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/styles/desktop/base.css?ver=83cf5309481aabe9e42201fa97ee9f3c6cb2b17f&mver=421&gver=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:38 GMT
server: nginx/1.24.0
content-length: 579
content-type: text/html

GET
H2 200 attachment-lil-durk-photo-magazine.jpg
townsquare.media/site/812/files/2023/04/ 126 KB
126 KB 20ms
20ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2023/04/attachment-lil-durk-photo-magazine.jpg?w=980&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674D) / Express

Resource Hash

fcbaf17d46497729b16ce20fe44941012e7bf9b0f8427df6d2f95e07e8993787

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:38 GMT
via: 1.1 varnish
age: 499871
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 128667
last-modified: Thu, 20 Apr 2023 19:05:19 GMT
server: ECS (frb/674D)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3895345067 3895289145
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 base.css
user2.cloudconfigpure.top/styles/desktop/ 587 KB
587 KB 38ms
38ms Image
text/css 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user2.cloudconfigpure.top/styles/desktop/base.css?ver=83cf5309481aabe9e42201fa97ee9f3c6cb2b17f&mver=421&gver=4

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/styles/desktop/base.css?ver=83cf5309481aabe9e42201fa97ee9f3c6cb2b17f&mver=421&gver=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.160.200.75.5.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/styles/desktop/base.css?ver=83cf5309481aabe9e42201fa97ee9f3c6cb2b17f&mver=421&gver=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:38 GMT
content-encoding: gzip
via: 1.1 varnish
age: 69424
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
content-length: 124963
x-device: desktop
last-modified: Tue, 25 Apr 2023 18:35:35 GMT
server: nginx/1.24.0
etag: W/"92be9-ZDyJJ/Y4m8LI48oMYs30AQ"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
x-varnish: 202558552
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 attachment-3-feet-and-rising-doggystyle-tha-carter-iii.jpg
townsquare.media/site/812/files/2023/03/ 24 KB
24 KB 25ms
25ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2023/03/attachment-3-feet-and-rising-doggystyle-tha-carter-iii.jpg?w=300&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BD) / Express

Resource Hash

654be1f08e06a93a4374c1797edee4849bcafb900cb1f8f08e06c5cfbb193d76

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:38 GMT
via: 1.1 varnish
age: 3014123
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 24931
last-modified: Wed, 22 Mar 2023 16:37:16 GMT
server: ECS (frb/67BD)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3383080349
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 attachment-Tory-Lanez-Megan-Thee-Stallion-Photo.jpg
townsquare.media/site/812/files/2022/12/ 32 KB
33 KB 33ms
33ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/12/attachment-Tory-Lanez-Megan-Thee-Stallion-Photo.jpg?w=540&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/6394) / Express

Resource Hash

1996f8aa796e4a2d4be6992faa00bbe4a2c2f60ee4f7cad3bd9ad80cea1696f6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:38 GMT
via: 1.1 varnish
age: 268
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 33231
last-modified: Tue, 13 Dec 2022 01:03:14 GMT
server: ECS (lhb/6394)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 217441278
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 attachment-Soulja-Boy-Console.jpg
townsquare.media/site/812/files/2023/02/ 31 KB
31 KB 25ms
25ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2023/02/attachment-Soulja-Boy-Console.jpg?w=540&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6738) / Express

Resource Hash

3e8568352f38e38097c81b381f34996625088c0063b9cf9e196b7a75c9a164be

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:38 GMT
via: 1.1 varnish
age: 52429
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 31369
last-modified: Tue, 07 Feb 2023 17:54:13 GMT
server: ECS (frb/6738)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 206842401
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 attachment-Bhad-Bhabie-New.jpg
townsquare.media/site/812/files/2023/04/ 42 KB
42 KB 26ms
26ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2023/04/attachment-Bhad-Bhabie-New.jpg?w=540&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6713) / Express

Resource Hash

8da9b971da33391bacf49ffba350fa48557169ebf83e7e8fe9f10807bac196c3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:38 GMT
via: 1.1 varnish
age: 53600
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 42617
last-modified: Tue, 25 Apr 2023 22:58:53 GMT
server: ECS (frb/6713)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3988681919 3988670742
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 69ms
19ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://user2.cloudconfigpure.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options: nosniff
age: 474435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:05:23 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 88ms
39ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://user2.cloudconfigpure.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:30:49 GMT
x-content-type-options: nosniff
age: 310909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 23:30:49 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 95ms
45ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://user2.cloudconfigpure.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:01:51 GMT
x-content-type-options: nosniff
age: 312647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 23:01:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 73ms
24ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://user2.cloudconfigpure.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 334103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 17:04:15 GMT

GET
DATA 200
OK truncated
/ 50 KB
50 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3400c27c9329fc2805aa324d61c60db41f90c338450da456b31cde72fd83122c

Request headers

Referer
Origin: https://user2.cloudconfigpure.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: font/opentype;charset=utf-8

POST
H2 200 cogitoergosum Show response
cdn.production.townsquareblogs.com/rest/high/api/ Frame C5B4 128 B
455 B 113ms
112ms Fetch
application/json 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.production.townsquareblogs.com/rest/high/api/cogitoergosum

Requested by

Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/aleph/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

6df1f91380476cae296a8df5b4c1e30aa42ad36e9c33fe6a3fbfa18562b54f59

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cdn.production.townsquareblogs.com/aleph/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/json

Response headers

date: Wed, 26 Apr 2023 13:52:38 GMT
server: nginx
etag: W/"80-jzM5HCjERnwGkw9KRObjCYYJIQU"
x-powered-by: Express
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
x-device: carbon
content-length: 128
expires: Wed, 26 Apr 2023 13:52:37 GMT

POST
H2 200 cogitoergosum Show response
user2.cloudconfigpure.top/rest/high/api/ 128 B
548 B 182ms
182ms Fetch
application/json 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user2.cloudconfigpure.top/rest/high/api/cogitoergosum

Requested by

Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.83cf5309481aabe9e42201fa97ee9f3c6cb2b17f.js?mver=421&gver=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.160.200.75.5.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

6df1f91380476cae296a8df5b4c1e30aa42ad36e9c33fe6a3fbfa18562b54f59

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://user2.cloudconfigpure.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 Apr 2023 13:52:38 GMT
server: nginx/1.24.0
etag: W/"80-jzM5HCjERnwGkw9KRObjCYYJIQU"
x-powered-by: Express
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
content-length: 128
x-device: desktop
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 chunk-4.0c760e361ae8e6d63cbd.1680626138150.js Show response
user2.cloudconfigpure.top/public/dist/chunks/ 6 KB
2 KB 40ms
40ms Script
application/javascript 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user2.cloudconfigpure.top/public/dist/chunks/chunk-4.0c760e361ae8e6d63cbd.1680626138150.js

Requested by

Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.83cf5309481aabe9e42201fa97ee9f3c6cb2b17f.js?mver=421&gver=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.160.200.75.5.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

9a803e500c6d1af660de5fa54297ac53c60a41fff53373f0240291455f4b5609

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:38 GMT
content-encoding: gzip
via: 1.1 varnish
age: 63053
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
content-length: 2147
x-device: desktop
last-modified: Tue, 04 Apr 2023 20:16:09 GMT
server: nginx/1.24.0
etag: W/"178a-1874de9a14c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 3986323146
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 chunk-21.b2911d7cd774531a53a4.1680626138150.js Show response
user2.cloudconfigpure.top/public/dist/chunks/ 1016 B
1 KB 42ms
41ms Script
application/javascript 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user2.cloudconfigpure.top/public/dist/chunks/chunk-21.b2911d7cd774531a53a4.1680626138150.js

Requested by

Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.83cf5309481aabe9e42201fa97ee9f3c6cb2b17f.js?mver=421&gver=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.160.200.75.5.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

220f32e74cb67aa10c1f2492b1e1bb9cb3410b443ec5be8776d358790061b7ec

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:38 GMT
via: 1.1 varnish
age: 62981
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
content-length: 1016
x-device: desktop
last-modified: Tue, 04 Apr 2023 20:16:09 GMT
server: nginx/1.24.0
etag: W/"3f8-1874de99ff4"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 204239846
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 chunk-22.c7bd9b640e2e0a786731.1680626138150.js Show response
user2.cloudconfigpure.top/public/dist/chunks/ 1 KB
1 KB 39ms
38ms Script
application/javascript 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user2.cloudconfigpure.top/public/dist/chunks/chunk-22.c7bd9b640e2e0a786731.1680626138150.js

Requested by

Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.83cf5309481aabe9e42201fa97ee9f3c6cb2b17f.js?mver=421&gver=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.160.200.75.5.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

789044d8d9bdfb6fe2e807617e576d0ef5de3f275fe7eabe38f502fed3b5fc4a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:38 GMT
content-encoding: gzip
via: 1.1 varnish
age: 63173
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
content-length: 784
x-device: desktop
last-modified: Tue, 04 Apr 2023 20:16:01 GMT
server: nginx/1.24.0
etag: W/"514-1874de983a5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 3986285919
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 chunk-23.88e554471318124c97ac.1680626138150.js Show response
user2.cloudconfigpure.top/public/dist/chunks/ 658 B
1000 B 40ms
39ms Script
application/javascript 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user2.cloudconfigpure.top/public/dist/chunks/chunk-23.88e554471318124c97ac.1680626138150.js

Requested by

Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.83cf5309481aabe9e42201fa97ee9f3c6cb2b17f.js?mver=421&gver=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.160.200.75.5.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

28c1898a4ec2cdf4a45897e4fa921cb648ea8fd1a7b005d3c7c6d229f625fed1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:38 GMT
via: 1.1 varnish
age: 63174
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
content-length: 658
x-device: desktop
last-modified: Tue, 04 Apr 2023 20:16:09 GMT
server: nginx/1.24.0
etag: W/"292-1874de99ff4"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 204180448
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 chunk-20.343a4f652e549ee4ac5f.1680626138150.js Show response
user2.cloudconfigpure.top/public/dist/chunks/ 806 B
1 KB 40ms
39ms Script
application/javascript 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user2.cloudconfigpure.top/public/dist/chunks/chunk-20.343a4f652e549ee4ac5f.1680626138150.js

Requested by

Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.83cf5309481aabe9e42201fa97ee9f3c6cb2b17f.js?mver=421&gver=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.160.200.75.5.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

6a94cf33712d6fc71fb595d21ef25cfbf16679532755db7b6225770843641bad

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:38 GMT
via: 1.1 varnish
age: 63186
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
content-length: 806
x-device: desktop
last-modified: Tue, 04 Apr 2023 20:16:01 GMT
server: nginx/1.24.0
etag: W/"326-1874de983a5"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 3986282258
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 chunk-46.1e6a83c745df61c5fa9b.1680626138150.js Show response
user2.cloudconfigpure.top/public/dist/chunks/ 2 KB
1 KB 41ms
40ms Script
application/javascript 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user2.cloudconfigpure.top/public/dist/chunks/chunk-46.1e6a83c745df61c5fa9b.1680626138150.js

Requested by

Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.83cf5309481aabe9e42201fa97ee9f3c6cb2b17f.js?mver=421&gver=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.160.200.75.5.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

67ba6907d4538a7b11d378f5768f81a0ced212c65f4422556a642fb7467c68bb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:38 GMT
content-encoding: gzip
via: 1.1 varnish
age: 63053
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
content-length: 829
x-device: desktop
last-modified: Tue, 04 Apr 2023 20:16:01 GMT
server: nginx/1.24.0
etag: W/"728-1874de983a9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 3986323143
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 chunk-34.a726e709e910e30114e6.1680626138150.js Show response
user2.cloudconfigpure.top/public/dist/chunks/ 40 KB
12 KB 42ms
41ms Script
application/javascript 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user2.cloudconfigpure.top/public/dist/chunks/chunk-34.a726e709e910e30114e6.1680626138150.js

Requested by

Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.83cf5309481aabe9e42201fa97ee9f3c6cb2b17f.js?mver=421&gver=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.160.200.75.5.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

9930e96b3d019b0fcb982c9bcb88ab70a8005c0cb451120c16b40d19fb37b6e6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:38 GMT
content-encoding: gzip
via: 1.1 varnish
age: 63159
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
content-length: 12010
x-device: desktop
last-modified: Tue, 04 Apr 2023 20:16:01 GMT
server: nginx/1.24.0
etag: W/"a09a-1874de983a9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 204184977
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 chunk-14.18795661c18d1d488f93.1680626138150.js Show response
user2.cloudconfigpure.top/public/dist/chunks/ 27 KB
8 KB 43ms
42ms Script
application/javascript 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user2.cloudconfigpure.top/public/dist/chunks/chunk-14.18795661c18d1d488f93.1680626138150.js

Requested by

Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.83cf5309481aabe9e42201fa97ee9f3c6cb2b17f.js?mver=421&gver=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.160.200.75.5.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

f401bca92491fd896f975c54d89110ead3e9c561558f6aedacc34b54cde4f45e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:38 GMT
content-encoding: gzip
via: 1.1 varnish
age: 63100
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
content-length: 7892
x-device: desktop
last-modified: Tue, 04 Apr 2023 20:16:01 GMT
server: nginx/1.24.0
etag: W/"6ae3-1874de983a5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 204203388
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 chunk-52.8527ca6eee11be0e3074.1680626138150.js Show response
user2.cloudconfigpure.top/public/dist/chunks/ 2 KB
1 KB 41ms
41ms Script
application/javascript 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user2.cloudconfigpure.top/public/dist/chunks/chunk-52.8527ca6eee11be0e3074.1680626138150.js

Requested by

Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.83cf5309481aabe9e42201fa97ee9f3c6cb2b17f.js?mver=421&gver=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.160.200.75.5.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

9a605947a21374b8b2e4096af924ab7db6c0674770e198281bdbe9b80a9ee01a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:38 GMT
content-encoding: gzip
via: 1.1 varnish
age: 63133
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
content-length: 804
x-device: desktop
last-modified: Tue, 04 Apr 2023 20:16:01 GMT
server: nginx/1.24.0
etag: W/"663-1874de983a9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 3986323163 3986298389
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 chunk-19.2f55e666e9e1e521c73d.1680626138150.js Show response
user2.cloudconfigpure.top/public/dist/chunks/ 65 KB
17 KB 40ms
40ms Script
application/javascript 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user2.cloudconfigpure.top/public/dist/chunks/chunk-19.2f55e666e9e1e521c73d.1680626138150.js

Requested by

Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.83cf5309481aabe9e42201fa97ee9f3c6cb2b17f.js?mver=421&gver=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.160.200.75.5.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

5de74280aef7b518374e262ea176214682f49bb3b7e641c7dbc293ee1b2497be

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:38 GMT
content-encoding: gzip
via: 1.1 varnish
age: 63154
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
content-length: 16769
x-device: desktop
last-modified: Tue, 04 Apr 2023 20:16:09 GMT
server: nginx/1.24.0
etag: W/"10557-1874de9a148"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 204217968 204186743
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 chunk-15.a3a897f13fda23e16f20.1680626138150.js Show response
user2.cloudconfigpure.top/public/dist/chunks/ 5 KB
2 KB 55ms
55ms Script
application/javascript 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user2.cloudconfigpure.top/public/dist/chunks/chunk-15.a3a897f13fda23e16f20.1680626138150.js

Requested by

Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.83cf5309481aabe9e42201fa97ee9f3c6cb2b17f.js?mver=421&gver=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.160.200.75.5.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

681355e364b09eac068993790470f841a3f7189f63fca4b551f40664036c9e62

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:38 GMT
content-encoding: gzip
via: 1.1 varnish
age: 63159
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
content-length: 2020
x-device: desktop
last-modified: Tue, 04 Apr 2023 20:16:09 GMT
server: nginx/1.24.0
etag: W/"13d9-1874de9a144"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 3986290254
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 chunk-18.74d24e43214024d4078a.1680626138150.js Show response
user2.cloudconfigpure.top/public/dist/chunks/ 64 KB
14 KB 56ms
56ms Script
application/javascript 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user2.cloudconfigpure.top/public/dist/chunks/chunk-18.74d24e43214024d4078a.1680626138150.js

Requested by

Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.83cf5309481aabe9e42201fa97ee9f3c6cb2b17f.js?mver=421&gver=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.160.200.75.5.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

e65d3a28754a09032aecc1241551d3a60d9b728b8d3ef8291845d1355e89e383

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:38 GMT
content-encoding: gzip
via: 1.1 varnish
age: 63053
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
content-length: 14160
x-device: desktop
last-modified: Tue, 04 Apr 2023 20:16:17 GMT
server: nginx/1.24.0
etag: W/"1019c-1874de9be87"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 3986323212
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 chunk-11.0dc7eca31a74d50d6651.1680626138150.js Show response
user2.cloudconfigpure.top/public/dist/chunks/ 967 B
1 KB 54ms
53ms Script
application/javascript 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user2.cloudconfigpure.top/public/dist/chunks/chunk-11.0dc7eca31a74d50d6651.1680626138150.js

Requested by

Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.83cf5309481aabe9e42201fa97ee9f3c6cb2b17f.js?mver=421&gver=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.160.200.75.5.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

155cebe6fd831a4cb16869697357be150fe082c69dfdf1d3700c00f785a27046

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:38 GMT
via: 1.1 varnish
age: 63074
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
content-length: 967
x-device: desktop
last-modified: Tue, 04 Apr 2023 20:16:17 GMT
server: nginx/1.24.0
etag: W/"3c7-1874de9be87"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 204217901 204211219
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 chunk-12.15380992e4cd5579d6a0.1680626138150.js Show response
user2.cloudconfigpure.top/public/dist/chunks/ 4 KB
2 KB 57ms
57ms Script
application/javascript 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user2.cloudconfigpure.top/public/dist/chunks/chunk-12.15380992e4cd5579d6a0.1680626138150.js

Requested by

Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.83cf5309481aabe9e42201fa97ee9f3c6cb2b17f.js?mver=421&gver=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.160.200.75.5.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

2078ed877a9edd20293ab8b8a54ae66029720d36103d3f0b15a55b26344f807e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:38 GMT
content-encoding: gzip
via: 1.1 varnish
age: 63153
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
content-length: 1498
x-device: desktop
last-modified: Tue, 04 Apr 2023 20:16:17 GMT
server: nginx/1.24.0
etag: W/"e03-1874de9be87"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 3986323170 3986291989
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 / Show response
user2.cloudconfigpure.top/internal-ad-api/ 2 KB
983 B 391ms
391ms Fetch
application/json 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user2.cloudconfigpure.top/internal-ad-api/?kw[]=pagetype-home&kw[]=hasonair&kw[]=device-desktop

Requested by

Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.83cf5309481aabe9e42201fa97ee9f3c6cb2b17f.js?mver=421&gver=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.160.200.75.5.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

d569f42b26450731701e29f400ce9c3c48a8cd7b32aa0784d56e37dd9e7611f0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:39 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
x-ua-device: desktop
content-length: 675
x-device: desktop
server: nginx/1.24.0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-varnish: 217504575
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 151ms
106ms Fetch
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.83cf5309481aabe9e42201fa97ee9f3c6cb2b17f.js?mver=421&gver=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f927d29b2753948b2e467e35837d58d47f8a1e1c855be21d3f5f64b72f6d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47294
x-xss-protection: 0
server: cafe
etag: 5242274142514962626
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 13:52:38 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
356 B 78ms
26ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-19109753-54&cid=26251790.1682517159&jid=1204164024&gjid=1540000886&_gid=820732858.1682517159&_u=YGBAgAADAAAAAE~&z=1560411777

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://user2.cloudconfigpure.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 26 Apr 2023 13:52:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user2.cloudconfigpure.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 20ms
19ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=656611628&t=pageview&_s=1&dl=https%3A%2F%2Fuser2.cloudconfigpure.top%2F&ul=en-us&de=UTF-8&dt=Hip-Hop%20News%2C%20Rap%20Music%20-%20XXL&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAD~&jid=1204164024&gjid=1540000886&cid=26251790.1682517159&tid=UA-19109753-54&_gid=820732858.1682517159&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=home&cd5=Mon%20Oct%2009%202017&cd6=15%3A46&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36&did=i5iSjo&z=1208647915

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 22:40:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54748
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attachment-ice-spice-photo.jpg
townsquare.media/site/812/files/2023/01/ 11 KB
11 KB 26ms
24ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2023/01/attachment-ice-spice-photo.jpg?w=300&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67DF) / Express

Resource Hash

e13e10683b36f8b59db04e4f030826596d4bb7a504b572311233b72fe7b83c05

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:38 GMT
via: 1.1 varnish
age: 8619993
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 11368
last-modified: Mon, 16 Jan 2023 19:25:30 GMT
server: ECS (frb/67DF)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 2161553683
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 attachment-freddie-gibbs.jpg
townsquare.media/site/812/files/2023/01/ 16 KB
16 KB 27ms
24ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2023/01/attachment-freddie-gibbs.jpg?w=300&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67AA) / Express

Resource Hash

f412a3faef885b4166d3d574d858d5ee015481ec36cab5f2db1a2a2711ab613c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:38 GMT
via: 1.1 varnish
age: 9224150
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 16722
last-modified: Mon, 09 Jan 2023 19:34:31 GMT
server: ECS (frb/67AA)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 2040457785
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 attachment-chance-the-rapper-photo.jpg
townsquare.media/site/812/files/2023/01/ 25 KB
25 KB 27ms
24ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2023/01/attachment-chance-the-rapper-photo.jpg?w=300&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D3) / Express

Resource Hash

b34867628445d41d349719493990dcafbc94dd5c5a4d383605ae9901c9ca8320

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:38 GMT
via: 1.1 varnish
age: 9575857
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 25479
last-modified: Thu, 05 Jan 2023 17:49:13 GMT
server: ECS (frb/67D3)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 2493014779
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 attachment-pusha-t-main.jpg
townsquare.media/site/812/files/2022/12/ 20 KB
20 KB 27ms
25ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/12/attachment-pusha-t-main.jpg?w=300&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668B) / Express

Resource Hash

801aaa495fbdbc4ae4426152fc45aa0191c94002ddc1c0b1405cbe367f914528

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:38 GMT
via: 1.1 varnish
age: 11043240
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 20431
last-modified: Mon, 19 Dec 2022 18:13:34 GMT
server: ECS (frb/668B)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 2242549200 2242531716
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 attachment-Tory-Lanez-Megan-Thee-Stallion-Photo.jpg
townsquare.media/site/812/files/2022/12/ 84 KB
84 KB 49ms
47ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/12/attachment-Tory-Lanez-Megan-Thee-Stallion-Photo.jpg?w=980&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/6394) / Express

Resource Hash

7f7a776196b6b210ad2ae5f4070f19193390de89fc3c7cf5d639fdec5be8fc16

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:38 GMT
via: 1.1 varnish
age: 249
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 85599
last-modified: Mon, 12 Dec 2022 23:44:00 GMT
server: ECS (lhb/6394)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 217445646
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 attachment-Soulja-Boy-Console.jpg
townsquare.media/site/812/files/2023/02/ 78 KB
78 KB 28ms
25ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2023/02/attachment-Soulja-Boy-Console.jpg?w=980&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6738) / Express

Resource Hash

e90161544651032b6d7e3cd43d820322b75fc8229b09579811173172e39deb69

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:38 GMT
via: 1.1 varnish
age: 6724693
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 80046
last-modified: Tue, 07 Feb 2023 17:54:24 GMT
server: ECS (frb/6738)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3107795329
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 attachment-Bhad-Bhabie-New.jpg
townsquare.media/site/812/files/2023/04/ 117 KB
117 KB 28ms
26ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2023/04/attachment-Bhad-Bhabie-New.jpg?w=980&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6713) / Express

Resource Hash

8140445bd1600665f8a4178d309883e8d1cc80825f1f5fe3d60429912e4f2a11

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:38 GMT
via: 1.1 varnish
age: 53557
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 119386
last-modified: Tue, 25 Apr 2023 22:49:12 GMT
server: ECS (frb/6713)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3988682308
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 attachment-tory-lanez.jpg
townsquare.media/site/812/files/2022/09/ 91 KB
91 KB 29ms
27ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/09/attachment-tory-lanez.jpg?w=980&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6738) / Express

Resource Hash

0b835282600fdd110ce58b7cb7af0fe747c2a462ea0bb74df0f1e23a6011d3a0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:38 GMT
via: 1.1 varnish
age: 57035
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 93207
last-modified: Tue, 25 Apr 2023 21:52:48 GMT
server: ECS (frb/6738)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3987838947
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 attachment-Ab-Soul-.jpg
townsquare.media/site/812/files/2023/04/ 163 KB
163 KB 29ms
28ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2023/04/attachment-Ab-Soul-.jpg?w=980&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6712) / Express

Resource Hash

841529b932c49e34833e7310f8ca85c6b97b5903a5a730f4f81518a9dea3b6ca

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:38 GMT
via: 1.1 varnish
age: 60757
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 166825
last-modified: Tue, 25 Apr 2023 20:53:06 GMT
server: ECS (frb/6712)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3986925466
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 attachment-Pharrell-Diddy-Jay-Z.jpg
townsquare.media/site/812/files/2017/02/ 80 KB
80 KB 48ms
46ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2017/02/attachment-Pharrell-Diddy-Jay-Z.jpg?w=980&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/673A) / Express

Resource Hash

41f817efe6ecccc30fd330b0caa8bab7daf51cc88ac50ffb5b6f04e762c5fb6c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:38 GMT
via: 1.1 varnish
age: 9055936
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 81603
last-modified: Wed, 11 Jan 2023 17:40:31 GMT
server: ECS (frb/673A)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 2071854215
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 attachment-50-Cent-Pras.jpg
townsquare.media/site/812/files/2023/04/ 88 KB
88 KB 48ms
47ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2023/04/attachment-50-Cent-Pras.jpg?w=980&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668C) / Express

Resource Hash

786c928472f1d08c4b781501e54740975e7403962d25174e37b78f41f82e4f4d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:38 GMT
via: 1.1 varnish
age: 69030
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 90221
last-modified: Tue, 25 Apr 2023 18:27:44 GMT
server: ECS (frb/668C)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 202661435
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H2 200 attachment-ot-genasis-photo.jpg
townsquare.media/site/812/files/2023/04/ 75 KB
75 KB 49ms
47ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2023/04/attachment-ot-genasis-photo.jpg?w=980&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BC) / Express

Resource Hash

f0b31f76007e59f5eeb0a01be04263de8b0d253c13b59612e76cb10d109c28ea

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:38 GMT
via: 1.1 varnish
age: 70194
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 76564
last-modified: Tue, 25 Apr 2023 18:03:00 GMT
server: ECS (frb/67BC)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 202353034
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:37 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
87 KB 42ms
20ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=a7ee3f46a57ce574a093bd53305a973e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

44a48815a007cc60e8ba3bc0dab1f2945a35eb5ac0823baff6cc79ce99fc585b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://user2.cloudconfigpure.top/
Origin: https://user2.cloudconfigpure.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Apr 2023 13:52:38 GMT
content-md5: o4qSbXBpZGCOZnJGVukZ5Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88615
x-fb-rlafr: 0
x-fb-debug: vIX7QGhGO1oEIOd6N8tpvv7iiFi6OAIFV34FKzx5sIXev76GuYc/yFSqxOAPAJg6YZEJtF0sWqKeI+IjMRTPcA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 25f327470f558f2a0ee6f877def5fcf4
cross-origin-opener-policy: same-origin-allow-popups
etag: "cd5e44ac1f2f57af0da19e3504f83935"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Thu, 25 Apr 2024 12:45:03 GMT

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 111ms
110ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://user2.cloudconfigpure.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 166ms
109ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://user2.cloudconfigpure.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 26 Apr 2023 13:52:39 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
367 B 87ms
31ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://user2.cloudconfigpure.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 26 Apr 2023 13:52:38 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://user2.cloudconfigpure.top
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
397 B 138ms
45ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186854
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 7a823b5306feb5da6c4a9479007cc94cf484b3d425bf3b1e1fc28ce84574543a

Request headers

Referer: https://user2.cloudconfigpure.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://user2.cloudconfigpure.top
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Fri, 26 May 2023 13:52:39 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame AF28 320 KB
104 KB 20ms
19ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fuser2.cloudconfigpure.top
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://user2.cloudconfigpure.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 3603592
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Wed, 26 Apr 2023 13:52:38 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6795)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 336 B
693 B 116ms
115ms XHR
application/json 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3227&u=https%3A%2F%2Fuser2.cloudconfigpure.top
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: f4f014cb74f3b341e5b43171bf87d57f3a7b878653f4a164d966cd6eea535a82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:38 GMT
via: 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://user2.cloudconfigpure.top
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 336
x-amz-cf-id: 5FA2uLusFV4J9isBDC8YLHOwnX1XaYLRJm9hZ2ufSrKYKPCky8LMtQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 442ms
401ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
x-amz-version-id: BeoItWAXLH_Ztd131J1ILFBRpuOxsQkH
content-encoding: gzip
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Thu, 13 Apr 2023 22:29:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 2dcRNQPqrd5WjFNl7Ni4MjBNZ4-I3NXDFWxYy2TxqoLoDFVHYzmkKQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
81 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GGT2X929YG&l=dataLayer&cx=c

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b968b519ba81e71589150c32cbd507ed693e95fd908743619690cb119cedbba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82357
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 118ms
70ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-19109753-54&cid=26251790.1682517159&jid=1204164024&_u=YGBAgAADAAAAAE~&z=346781221

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 13:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 109ms
59ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-19109753-54&cid=26251790.1682517159&jid=1204164024&_u=YGBAgAADAAAAAE~&z=346781221

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 13:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 cogitoergosum Show response
user2.cloudconfigpure.top/rest/high/api/ 22 B
289 B 156ms
156ms Fetch
application/json 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user2.cloudconfigpure.top/rest/high/api/cogitoergosum

Requested by

Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.83cf5309481aabe9e42201fa97ee9f3c6cb2b17f.js?mver=421&gver=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.160.200.75.5.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://user2.cloudconfigpure.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
server: nginx/1.24.0
etag: W/"16-hwbt/zjXQQMHygKQH7w48NgHuys"
x-powered-by: Express
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
content-length: 22
x-device: desktop
expires: Wed, 26 Apr 2023 13:52:38 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 26ms
25ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=656611628&t=event&_s=1&dl=https%3A%2F%2Fuser2.cloudconfigpure.top%2F&ul=en-us&de=UTF-8&dt=Hip-Hop%20News%2C%20Rap%20Music%20-%20XXL&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=adblock&ea=detection&el=off&_u=6GDAAAADAAAAAGg~&jid=163951289&gjid=947276697&cid=26251790.1682517159&tid=UA-115003007-7&_gid=820732858.1682517159&_r=1&_slc=1&did=i5iSjo&z=2039789996

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://user2.cloudconfigpure.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 13:52:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user2.cloudconfigpure.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/ 399 KB
124 KB 74ms
20ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eebca01c60b315a6937fea6c94dfaa2b2afcb61cd14cdf7e655cefec2fc32017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 12:10:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6107
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126587
x-xss-protection: 0
server: cafe
etag: 1883905843074567667
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 25 Apr 2024 12:10:52 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 47 B
423 B 57ms
53ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=user2.cloudconfigpure.top

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0783bc3248dc4ea0715958e086f34700de75be411f850dc4ab67a338ea9024be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47
x-xss-protection: 0
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 impl.20230420-9-RELEASE.js Show response
cdn.taboola.com/libtrc/ 758 KB
158 KB 19ms
19ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230420-9-RELEASE.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: efda14f9011083c35c05e555316dd820de6d3a8b244ee5a6ae61db3ef422cb34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: V350xMdSAFxTqt036Amz6guNVsc0Ch3b
content-encoding: br
via: 1.1 varnish
date: Wed, 26 Apr 2023 13:52:39 GMT
x-amz-request-id: XKPQT0GZQ8E0BP7M
age: 7109
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 161471
x-amz-id-2: dM/MkiuRe11EuTNxsL5RTPxdzIsD3QfTm9uGzeCIypAQSpomIOSzA5ABEyBjPr2Y9C6oJ5yMvbg=
x-served-by: cache-hhn-etou8220048-HHN
last-modified: Thu, 20 Apr 2023 11:54:00 GMT
server: AmazonS3-br
x-timer: S1682517159.024497,VS0,VE0
etag: "a5a53d147e9bb0aead6b03509cc4862d"
vary: Accept-Encoding
content-type: application/javascript
abp: 25
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 5988

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 99ms
22ms Script
application/javascript 13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 05:40:26 GMT
content-encoding: gzip
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 29533
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 9bgXXIDbbhZ_DGGQt0OMahFHKnEVAoqNz6ytJmNHAJNuGnsvH_h-Jw==

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
19 KB 47ms
46ms Script
application/javascript 2a02:26f0:6c00:188::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.7273592556360235
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:188::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "3725764cf05d1a0938de73d398772331"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=254
accept-ranges: bytes
content-length: 18679

GET
H2 200 settings Show response
syndication.twitter.com/ Frame AF28 663 B
605 B 185ms
131ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=37dcf4481eaeefb3dd8536c7a688bd73208b5616

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fuser2.cloudconfigpure.top

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 112
date: Wed, 26 Apr 2023 13:52:39 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Wed, 26 Apr 2023 13:52:39 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: e83564be9cb37267
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 4b5ad515dd3e79a5c093001cdf47666816213763c3a92eaafc80a2fd0f5bdc2f
content-length: 284

GET
H2 200 chunk-51.50d0f502d19ccf6a8a75.1680626138150.js Show response
user2.cloudconfigpure.top/public/dist/chunks/ 767 B
1 KB 38ms
37ms Script
application/javascript 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user2.cloudconfigpure.top/public/dist/chunks/chunk-51.50d0f502d19ccf6a8a75.1680626138150.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.160.200.75.5.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

895957c9d33639c59d5ec67601e8df51cf248d98747c24f90b513d75db695176

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:39 GMT
via: 1.1 varnish
age: 63134
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
content-length: 767
x-device: desktop
last-modified: Tue, 04 Apr 2023 20:16:09 GMT
server: nginx/1.24.0
etag: W/"2ff-1874de99ff8"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 204203597 204193334
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/ 250 KB
86 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/cb=gapi.loaded_0?le=scs

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a196f509ae2b70238869ae2a7100c6cb1a227051434af6855998c861d373ef83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87860
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 15:23:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 23:03:56 GMT

GET
H2 200 subscribe_embed Show response
www.youtube.com/ Frame 5BD2 2 KB
2 KB 111ms
51ms Document
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channel=XXLMagazine&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fuser2.cloudconfigpure.top&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.quWKHAGG1QE.O%2Fd%3D1%2Frs%3DAHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ%2Fm%3D__features__

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1eb50d6a7f3c1512ee599c7f7fe86a695639b3b963b0dfb6684c3f1267901fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://user2.cloudconfigpure.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Wed, 26 Apr 2023 13:52:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/ 734 B
571 B 47ms
46ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/cb=gapi.loaded_1?le=scs

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20306e08e8f744cf0b6ab924669cef37d9c6c07874c0533e77e955d9d2d1b1b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 20:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 477
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 15:23:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 20:57:26 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 22ms
20ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://user2.cloudconfigpure.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:23:44 GMT
x-content-type-options: nosniff
age: 343735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15528
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 14:23:44 GMT

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 346ms
112ms Preflight 52.7.232.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.232.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-232-7.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://user2.cloudconfigpure.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Wed, 26 Apr 2023 13:52:39 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 123ms
30ms Script
application/javascript 104.86.47.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.86.47.65 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-86-47-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Wed, 26 Apr 2023 14:07:39 GMT

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
458 B 114ms
113ms XHR
text/plain 52.7.232.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.232.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-232-7.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://user2.cloudconfigpure.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 26 Apr 2023 13:52:39 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 attachment-nba-youngboy-swizz-beatz-lloyd-banks.jpg
townsquare.media/site/812/files/2023/04/ 11 KB
12 KB 22ms
20ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2023/04/attachment-nba-youngboy-swizz-beatz-lloyd-banks.jpg?w=300&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6711) / Express

Resource Hash

d624975c75f3d2450943ddb3d1520ef88f24975e62b54535eadc8cc9df2fda9c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:39 GMT
via: 1.1 varnish
age: 464317
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 11614
last-modified: Fri, 21 Apr 2023 04:52:22 GMT
server: ECS (frb/6711)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3903260019
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2 200 attachment-Ice-Spice-Nicki-Minaj-Video.jpg
townsquare.media/site/812/files/2023/04/ 15 KB
15 KB 24ms
20ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2023/04/attachment-Ice-Spice-Nicki-Minaj-Video.jpg?w=300&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6727) / Express

Resource Hash

1bb3cf975da752fcd0e56dc12ba5af3b517f2c48477fd6f9208437250e65311c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:39 GMT
via: 1.1 varnish
age: 1025938
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 15696
last-modified: Fri, 14 Apr 2023 16:52:51 GMT
server: ECS (frb/6727)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3789497416 3789441764
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2 200 attachment-nba-youngboy-nicki-minaj-wtf.jpg
townsquare.media/site/812/files/2023/04/ 13 KB
13 KB 25ms
22ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2023/04/attachment-nba-youngboy-nicki-minaj-wtf.jpg?w=300&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6762) / Express

Resource Hash

dafbff8de37a2d51439fc88afb4a38e89ae7dc215f6bebb3674ee2bac3398b08

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:39 GMT
via: 1.1 varnish
age: 1674833
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 13155
last-modified: Fri, 07 Apr 2023 04:34:21 GMT
server: ECS (frb/6762)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 4176141303
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2 200 attachment-hunxho-header.jpg
townsquare.media/site/812/files/2023/04/ 14 KB
14 KB 24ms
21ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2023/04/attachment-hunxho-header.jpg?w=300&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BC) / Express

Resource Hash

ae4caa7e5b3aa4d1ae13ba2087d1dc06304e0fb0c9db0687fbf6eeef06b7e968

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:39 GMT
via: 1.1 varnish
age: 159953
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 13866
last-modified: Mon, 24 Apr 2023 17:29:18 GMT
server: ECS (frb/67BC)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3965073262 3965037760
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2 200 attachment-sp-break-header.jpg
townsquare.media/site/812/files/2023/03/ 11 KB
11 KB 25ms
22ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2023/03/attachment-sp-break-header.jpg?w=300&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674B) / Express

Resource Hash

712ddc028019f1d024a8bc0632f7672b76d7e54cfc8b5acc56cda98b309e2cc6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:39 GMT
via: 1.1 varnish
age: 1713363
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 11420
last-modified: Thu, 06 Apr 2023 17:55:56 GMT
server: ECS (frb/674B)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3654462945
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2 200 attachment-luh-tyler.jpg
townsquare.media/site/812/files/2023/03/ 11 KB
11 KB 27ms
24ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2023/03/attachment-luh-tyler.jpg?w=300&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D4) / Express

Resource Hash

e23b17dc2c86f30289adee7f0e77dd4bebc47ee1b2a9af6107ceb600af5b70cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:39 GMT
via: 1.1 varnish
age: 3796655
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 10948
last-modified: Mon, 13 Mar 2023 15:23:20 GMT
server: ECS (frb/67D4)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3210639187 3210527442
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2 200 attachment-Pharrell-Diddy-Jay-Z.jpg
townsquare.media/site/812/files/2017/02/ 14 KB
14 KB 27ms
24ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2017/02/attachment-Pharrell-Diddy-Jay-Z.jpg?w=300&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/673A) / Express

Resource Hash

0932414823f8d8c3384c2749e3558adc72d4208bc4d41aab04ef9396ddbec339

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:39 GMT
via: 1.1 varnish
age: 9055609
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 14021
last-modified: Wed, 11 Jan 2023 18:20:14 GMT
server: ECS (frb/673A)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 2071931581
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2 200 attachment-young.jpg
townsquare.media/site/812/files/2023/04/ 11 KB
11 KB 27ms
25ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2023/04/attachment-young.jpg?w=300&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D3) / Express

Resource Hash

1bb3a6f5c7777210ad26542fdbeafffef069240a5cd733fc50a4efc1662a44c8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:39 GMT
via: 1.1 varnish
age: 484999
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 10824
last-modified: Thu, 20 Apr 2023 23:09:04 GMT
server: ECS (frb/67D3)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3898745941 3898739162
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2 200 attachment-rappers-confusing-lyrics-photo.jpg
townsquare.media/site/812/files/2023/03/ 19 KB
19 KB 29ms
26ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2023/03/attachment-rappers-confusing-lyrics-photo.jpg?w=300&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668B) / Express

Resource Hash

8abc450366cfb93e8b3e4ebb09261b3bb0970e59267cc29c6a4f31025e49d843

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:39 GMT
via: 1.1 varnish
age: 2387749
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 19266
last-modified: Wed, 29 Mar 2023 22:41:48 GMT
server: ECS (frb/668B)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3513308739 3513236044
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2 200 attachment-pusha-t-xxl-cover-full-photo.jpg
townsquare.media/site/812/files/2022/12/ 54 KB
54 KB 28ms
26ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/12/attachment-pusha-t-xxl-cover-full-photo.jpg?w=300&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6795) / Express

Resource Hash

7df813f4ff2e2e197aebf420358ff68fa60f852e424d4368e3bedabc5da92a10

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:39 GMT
via: 1.1 varnish
age: 9571881
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 55162
last-modified: Thu, 05 Jan 2023 18:59:43 GMT
server: ECS (frb/6795)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 1981471703 1981445694
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2 200 XXLSTORE.jpg
townsquare.media/site/812/files/2016/06/ 14 KB
14 KB 40ms
38ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2016/06/XXLSTORE.jpg?w=300&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6723) / Express

Resource Hash

388900687cb23375bb397d35b5368d2e1f82fe55e951af830a1bf54b6b8607a1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:39 GMT
via: 1.1 varnish
age: 24647630
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 14475
last-modified: Mon, 11 Apr 2022 07:29:03 GMT
server: ECS (frb/6723)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 2660959777
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2 200 biggie2.jpg
townsquare.media/site/812/files/2017/03/ 26 KB
26 KB 40ms
39ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2017/03/biggie2.jpg?w=300&q=75

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6713) / Express

Resource Hash

8f2d7c46c4b97eee180ce56426c088860826fe1c28744b908993969214cc97c5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:39 GMT
via: 1.1 varnish
age: 4785636
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 26978
last-modified: Thu, 14 Apr 2022 14:21:43 GMT
server: ECS (frb/6713)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3513277420
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:38 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 95ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-F4LDPKEEL7&gtm=45je34j0&_p=656611628&_gaz=1&cid=26251790.1682517159&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682517159&sct=1&seg=0&dl=https%3A%2F%2Fuser2.cloudconfigpure.top%2F&dt=Hip-Hop%20News%2C%20Rap%20Music%20-%20XXL&en=page_view&_fv=1&_ss=1&ep.call_sign=XXL&ep.site_classification=National&ep.genre=urban&ep.market=National&ep.site_type=National&ep.tags=&ep.categories=&ep.gtm_version=52&ep.page_type=home&ep.author=&ep.publish_date=2017-10-09%2019%3A46%3A56.000%2B0000&ep.view_type=standard&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 13:52:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user2.cloudconfigpure.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 94ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GGT2X929YG&gtm=45je34j0&_p=656611628&_gaz=1&cid=26251790.1682517159&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682517159&sct=1&seg=0&dl=https%3A%2F%2Fuser2.cloudconfigpure.top%2F&dt=Hip-Hop%20News%2C%20Rap%20Music%20-%20XXL&en=page_view&_fv=1&_ss=1&ep.call_sign=XXL&ep.site_classification=National&ep.genre=urban&ep.market=National&ep.site_type=National&ep.tags=&ep.categories=&ep.gtm_version=52&ep.page_type=home&ep.author=&ep.publish_date=2017-10-09%2019%3A46%3A56.000%2B0000&ep.view_type=standard&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 13:52:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user2.cloudconfigpure.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 26ms
25ms Ping
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GGT2X929YG&cid=26251790.1682517159&gtm=45je34j0&aip=1
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 13:52:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user2.cloudconfigpure.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 57ms
57ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GGT2X929YG&cid=26251790.1682517159&gtm=45je34j0&aip=1&z=480482134

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 13:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
513 B 91ms
35ms XHR
text/plain 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=254982&u=https%3A%2F%2Fuser2.cloudconfigpure.top%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://user2.cloudconfigpure.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 13:52:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2F4WBySZhXtlCFKv0Bf5ZoJvbgHIN%2FT0oxnij6QG6wvf8K%2BcH3SJhVWiL%2FS7y%2B1WZ241oncWctRGWMAfyEhaZTL03F0zKS6TN0%2BN0tglqaJ31abHY66ovYU0VOqS6JZzyCuBFYzMLfI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://user2.cloudconfigpure.top
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7bdf4eb57baa9c0a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 97ms
49ms Fetch
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=184854740153433&input_token&origin=1&redirect_uri=https%3A%2F%2Fuser2.cloudconfigpure.top%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Wed, 26 Apr 2023 13:52:39 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: TCciUBWGWY2IuJ+vPM2pXNEHJKiJFFoCcckoxhg9tE16ESEWDE53BR8290OBzaEWzXw5q9VjwAqBMmJJKs4uBg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://user2.cloudconfigpure.top
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 5BD2 38 KB
6 KB 22ms
21ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channel=XXLMagazine&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fuser2.cloudconfigpure.top&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.quWKHAGG1QE.O%2Fd%3D1%2Frs%3DAHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channel=XXLMagazine&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fuser2.cloudconfigpure.top&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.quWKHAGG1QE.O%2Fd%3D1%2Frs%3DAHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333396
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6066
x-xss-protection: 0
last-modified: Wed, 18 Nov 2020 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 21 Apr 2024 17:16:03 GMT

GET
H3 200 www-subscribe-embed_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 5BD2 252 KB
72 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channel=XXLMagazine&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fuser2.cloudconfigpure.top&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.quWKHAGG1QE.O%2Fd%3D1%2Frs%3DAHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 22:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315093
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73785
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 21 Apr 2024 22:21:06 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 108ms
33ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:38 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 356018
expires: 60

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 22ms
10ms Image
text/plain 13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1682517159310&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fuser2.cloudconfigpure.top%2F&c8=Hip-Hop%20News%2C%20Rap%20Music%20-%20XXL&c9=
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: heqLB1MkAl2cotXJk21M7d4rGGxYThbKqkpS0SFmqZrzQRBecwvNDA==
x-cache: Miss from cloudfront

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 78ms
29ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=user2.cloudconfigpure.top

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 77ms
29ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=user2.cloudconfigpure.top

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
1 KB 293ms
293ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738998216668075&correlator=411051023165848&eid=31072020&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=8328825%2Cnational%2CXXL%2CInterstitial&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&adks=2563682758&sfv=1-0-40&ists=1&fas=8&prev_scp=pos%3Dinterstitial%26impressionkw%3D1&eri=1&cust_params=hasApp%3Dyes%26catid%3D%26tags%3D%26id%3D%26author%3D%26kw%3Dpagetype-home%252Chasonair%252Cdevice-desktop%26genre%3Durban%26device%3Dweb%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1682517159377&lmt=1682517144&dlt=1682517158329&idt=960&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fuser2.cloudconfigpure.top%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=26251790.1682517159&ga_sid=1682517159&ga_hid=656611628&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fe2c764810b3870ee166ae09a1d357a125b4ec3af7119d9295f6c066e304287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 673
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://user2.cloudconfigpure.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
41e55f91de4c086014313d38b1e345c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 64B3 6 KB
3 KB 159ms
54ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://41e55f91de4c086014313d38b1e345c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://user2.cloudconfigpure.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 13:52:39 GMT
expires: Thu, 25 Apr 2024 13:52:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/ 33 KB
12 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl_page_level_ads.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e1070ef03510c03bf072fc9acc862eb3e3bc71cd0079472eb0dc10455e9838a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3076
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11862
x-xss-protection: 0
server: cafe
etag: 16286120947684496633
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 25 Apr 2024 13:01:23 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 620 B
464 B 918ms
918ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738998216668075&correlator=1607631767014206&eid=31072020&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=8328825%2Cnational%2CXXL%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=2&adks=497105603&sfv=1-0-40&prev_scp=pos%3D970a%26impressionkw%3D1&eri=1&cust_params=hasApp%3Dyes%26catid%3D%26tags%3D%26id%3D%26author%3D%26kw%3Dpagetype-home%252Chasonair%252Cdevice-desktop%26genre%3Durban%26device%3Dweb%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1682517159384&lmt=1682517144&dlt=1682517158329&idt=960&adxs=315&adys=207&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fuser2.cloudconfigpure.top%2F&frm=20&vis=1&psz=970x0&msz=970x0&fws=4&ohw=970&ga_vid=26251790.1682517159&ga_sid=1682517159&ga_hid=656611628&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7238af85600bbb7aa4d1294639e4d9ffbb85952e267777b3ccd19bfd114381ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 286
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://user2.cloudconfigpure.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 302ms
301ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738998216668075&correlator=1607631767014206&eid=31072020&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=8328825%2Cnational%2CXXL%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=3&adks=2412334268&sfv=1-0-40&prev_scp=pos%3D300a%2Cright300top%26impressionkw%3D1&eri=1&cust_params=hasApp%3Dyes%26catid%3D%26tags%3D%26id%3D%26author%3D%26kw%3Dpagetype-home%252Chasonair%252Cdevice-desktop%26genre%3Durban%26device%3Dweb%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1682517159387&lmt=1682517144&dlt=1682517158329&idt=960&adxs=1123&adys=457&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fuser2.cloudconfigpure.top%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=26251790.1682517159&ga_sid=1682517159&ga_hid=656611628&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45ee31bccaead69b046d6c2722245cdd202a761bb6b62f968bc85324fc165727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9818
x-xss-protection: 0
google-lineitem-id: 15785705
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138395602298
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://user2.cloudconfigpure.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 1297ms
1296ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738998216668075&correlator=1607631767014206&eid=31072020&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=8328825%2Cnational%2CXXL%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=4&adks=4035244530&sfv=1-0-40&prev_scp=pos%3D728a%2Ctop728%26impressionkw%3D1&eri=1&cust_params=hasApp%3Dyes%26catid%3D%26tags%3D%26id%3D%26author%3D%26kw%3Dpagetype-home%252Chasonair%252Cdevice-desktop%26genre%3Durban%26device%3Dweb%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1682517159388&lmt=1682517144&dlt=1682517158329&idt=960&adxs=441&adys=10&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fuser2.cloudconfigpure.top%2F&frm=20&vis=1&psz=728x110&msz=728x0&fws=512&ohw=0&ga_vid=26251790.1682517159&ga_sid=1682517159&ga_hid=656611628&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9708c4f2dc4276a9d09678f7b252a71576bf7e8cd70c7d8fdbe798871da890f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9809
x-xss-protection: 0
google-lineitem-id: 15785705
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138395602283
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://user2.cloudconfigpure.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 638ms
637ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738998216668075&correlator=1607631767014206&eid=31072020&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=8328825%2Cnational%2CXXL%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=5&adks=4123627653&sfv=1-0-40&prev_scp=pos%3D728b%2Cbottom%2Cbottom728%26impressionkw%3D1&eri=1&cust_params=hasApp%3Dyes%26catid%3D%26tags%3D%26id%3D%26author%3D%26kw%3Dpagetype-home%252Chasonair%252Cdevice-desktop%26genre%3Durban%26device%3Dweb%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1682517159390&lmt=1682517144&dlt=1682517158329&idt=960&adxs=157&adys=5598&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fuser2.cloudconfigpure.top%2F&frm=20&vis=1&psz=1286x90&msz=1286x0&fws=0&ohw=0&ga_vid=26251790.1682517159&ga_sid=1682517159&ga_hid=656611628&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe43f043237d8db94d7b9413d66fd58fe5df6c6c64d94f4dfb67bd9ef5a9ecb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9797
x-xss-protection: 0
google-lineitem-id: 15785705
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138395689182
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://user2.cloudconfigpure.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 616 B
456 B 997ms
997ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738998216668075&correlator=1607631767014206&eid=31072020&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=8328825%2Cnational%2CXXL%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=6&adks=2169444702&sfv=1-0-40&ists=1&prev_scp=pos%3Doop%26impressionkw%3D1&eri=1&cust_params=hasApp%3Dyes%26catid%3D%26tags%3D%26id%3D%26author%3D%26kw%3Dpagetype-home%252Chasonair%252Cdevice-desktop%26genre%3Durban%26device%3Dweb%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1682517159392&lmt=1682517144&dlt=1682517158329&idt=960&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fuser2.cloudconfigpure.top%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=26251790.1682517159&ga_sid=1682517159&ga_hid=656611628&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97975fe93d91fe485166ee97768ae1869d14acdf72d3b98dbeb1e075bc9137d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 278
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://user2.cloudconfigpure.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 551 B
461 B 1000ms
999ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738998216668075&correlator=1607631767014206&eid=31072020&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=8328825%2Cnational%2CXXL%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x3&ifi=7&adks=4288306265&sfv=1-0-40&prev_scp=pos%3Doop2%26impressionkw%3D1&eri=1&cust_params=hasApp%3Dyes%26catid%3D%26tags%3D%26id%3D%26author%3D%26kw%3Dpagetype-home%252Chasonair%252Cdevice-desktop%26genre%3Durban%26device%3Dweb%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1682517159394&lmt=1682517144&dlt=1682517158329&idt=960&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fuser2.cloudconfigpure.top%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=26251790.1682517159&ga_sid=1682517159&ga_hid=656611628&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5759279142aa4511108413beea4eb4cb27d7e729963ba8bbfebcd95220524fe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 283
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://user2.cloudconfigpure.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 58 KB
13 KB 364ms
364ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738998216668075&correlator=223398564309437&eid=31072020&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=8328825%2Cnational%2CXXL%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=8&adks=3073756090&sfv=1-0-40&prev_scp=pos%3D300b%2C300d%2Cright300mid%26impressionkw%3D1&eri=1&cust_params=hasApp%3Dyes%26catid%3D%26tags%3D%26id%3D%26author%3D%26kw%3Dpagetype-home%252Chasonair%252Cdevice-desktop%26genre%3Durban%26device%3Dweb%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1682517159397&lmt=1682517144&dlt=1682517158329&idt=960&adxs=1123&adys=1202&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fuser2.cloudconfigpure.top%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=512&ohw=0&ga_vid=26251790.1682517159&ga_sid=1682517159&ga_hid=656611628&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

594c386db94a8b300053de3bbf4141b3f91897d432fd08a739e60b9edf609483

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12939
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://user2.cloudconfigpure.top
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
11 KB 391ms
390ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738998216668075&correlator=3966095053836896&eid=31072020&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=8328825%2Cnational%2CXXL%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=9&adks=1315437026&sfv=1-0-40&prev_scp=pos%3D300c%26impressionkw%3D1&eri=1&cust_params=hasApp%3Dyes%26catid%3D%26tags%3D%26id%3D%26author%3D%26kw%3Dpagetype-home%252Chasonair%252Cdevice-desktop%26genre%3Durban%26device%3Dweb%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1682517159400&lmt=1682517144&dlt=1682517158329&idt=960&adxs=1123&adys=2808&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fuser2.cloudconfigpure.top%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=512&ohw=0&ga_vid=26251790.1682517159&ga_sid=1682517159&ga_hid=656611628&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70e33b2e27728c3bbda82665eff00313bfffbac711153a5ff682f6df7f4a4e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11564
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://user2.cloudconfigpure.top
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 teju-webclient.min.js Show response
static.solutionshindsight.net/teju-webclient/ 94 KB
28 KB 475ms
423ms Script
application/javascript 18.66.112.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/teju-webclient/teju-webclient.min.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-92.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29089eadba5807130cfb24959fa976ee2feb045de332e2e4d1d8dff1036593e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
content-encoding: gzip
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
last-modified: Wed, 26 Apr 2023 01:37:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
etag: "374dcbf22212fdeb8d6780d03dfc5b61"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
content-length: 28605
x-amz-cf-id: DX22MxDA2POqgrYCK8bG4LZWSysUJsOieoBh9ewoPdjoSX9nSIPNlQ==

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 97ms
22ms Script
text/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date: Wed, 26 Apr 2023 13:52:39 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id: 7M143009WAXN3Q25
etag: "6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3391
x-amz-id-2: STRx0Ic7Ail0QBZUMyPwaOMFfBJYtqEH2QK9RThy959S4vh7bnHagkR7gXzbW7US0LujPxZb7RI=

GET
H3 200 subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 5BD2 156 B
179 B 21ms
21ms Image
image/png 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:20:08 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 20:15:00 GMT
server: sffe
age: 318751
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 156
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 21 Apr 2024 21:20:08 GMT

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 09FB 565 B
805 B 121ms
73ms Document
text/html 2a00:1450:4001:812::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fuser2.cloudconfigpure.top&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.quWKHAGG1QE.O%2Fd%3D1%2Frs%3DAHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ%2Fm%3D__features__

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f433c7cd7bbf0f6d2766aff1d2cd8b2cd16d831b323cac861bb4aff99eda7dad

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f1p-101cJBqhqodIRVOQng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://user2.cloudconfigpure.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-f1p-101cJBqhqodIRVOQng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Wed, 26 Apr 2023 13:52:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/ Frame 5BD2 134 KB
45 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05aab08beef56b64bc4f87314e6bca6d5c58095bdec0e704e91c38c21fa69ed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 22:20:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46005
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 15:23:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 22:20:37 GMT

GET
H/1.1 200
OK button.e7f9415a2e000feaab02c86dd5802747.js Show response
platform.twitter.com/js/ 8 KB
3 KB 19ms
19ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) /
Resource Hash: ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 13:52:39 GMT
Content-Encoding: gzip
Age: 3603592
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2618
Last-Modified: Tue, 24 Jan 2023 21:41:06 GMT
Server: ECS (frb/67C0)
Etag: "506673dbdb9085e7201e137e893cc152+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK follow_button.2b2d73daf636805223fb11d48f3e94f7.en.html Show response
platform.twitter.com/widgets/ Frame AF4D 40 KB
15 KB 18ms
18ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) /
Resource Hash: 2a19f79bd2859fb1dffdd7c8643dc5e58fc7a9b7fb493d68359f400c420467b3

Request headers

Referer: https://user2.cloudconfigpure.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 3603592
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 14965
Content-Type: text/html; charset=utf-8
Date: Wed, 26 Apr 2023 13:52:39 GMT
Etag: "4fdb0b5f121db02fe652a6f4fe49d886+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:07 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67C0)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
104 B 132ms
132ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.xxlmag.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22XXL%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1682517159516%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=37dcf4481eaeefb3dd8536c7a688bd73208b5616

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 113
date: Wed, 26 Apr 2023 13:52:39 GMT
strict-transport-security: max-age=631138519
last-modified: Wed, 26 Apr 2023 13:52:39 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 6f3294465f26003b
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 4b5ad515dd3e79a5c093001cdf47666816213763c3a92eaafc80a2fd0f5bdc2f
content-length: 43

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 0
348 B 133ms
53ms XHR
text/plain 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_19545&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=8480ba3&
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Apr 2023 13:52:39 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://user2.cloudconfigpure.top
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H3 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/ 27 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/cb=gapi.loaded_2?le=scs

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2824338f8de5dcb304f20e8b1c7174d38f381879b4506095ad9e0320f1bb559

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 06:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 15:23:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 06:27:20 GMT

GET
DATA 200
OK truncated
/ Frame AF4D 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 subscribe_embed Show response
www.youtube.com/ Frame F162 604 B
294 B 50ms
50ms Document
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCbg_UMjlHJg_19SZckaKajg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.quWKHAGG1QE.O%2Fd%3D1%2Frs%3DAHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ%2Fm%3D__features__

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2439764134f92ee4e6ea8744ed98fd06a99f41ff88b2d823f294c3c82825fc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://user2.cloudconfigpure.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Wed, 26 Apr 2023 13:52:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
141 B 69ms
22ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:52:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 309620
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 21 Apr 2024 23:52:19 GMT

GET
H2 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
130 B 71ms
23ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:30:06 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 310953
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 21 Apr 2024 23:30:06 GMT

POST
H2 204 cspreport
accounts.google.com/o/ Frame 09FB 0
250 B 30ms
29ms Other
text/html 2a00:1450:4001:812::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-BPHkm95d39GBoXN44R6HWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fuser2.cloudconfigpure.top&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.quWKHAGG1QE.O%2Fd%3D1%2Frs%3DAHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ%2Fm%3D__features__
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 13:52:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-BPHkm95d39GBoXN44R6HWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 611095756-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 09FB 10 KB
5 KB 65ms
20ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/611095756-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fuser2.cloudconfigpure.top&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.quWKHAGG1QE.O%2Fd%3D1%2Frs%3DAHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f173bffef77f251b9bea649b2ac1ce118c9b1daf0fc812bf22cba42a3a7bc293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4526
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 00:10:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 21:13:51 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 09FB 17 KB
7 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1112a1329527e451ddcb914e1665d0eeb29bba8efeb2a0ec648f5e558545e08

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Apr 2023 13:52:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6902
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "b876ffdf41c83d5b"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
409 B 66ms
23ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:07:08 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 524731
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 318
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 19 Apr 2024 12:07:08 GMT

GET
H2 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
206 B 65ms
22ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 09:55:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 359831
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 21 Apr 2024 09:55:28 GMT

GET
H2 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
406 B 63ms
21ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 18:01:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 330651
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 21 Apr 2024 18:01:48 GMT

GET
H2 200 tag Show response
btloader.com/ 51 KB
13 KB 90ms
29ms Script
application/javascript 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5642230212591616&upapi=true
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dacf7f7247f1b6636dc614f914202acab702d2cbb0ce1127402dfe8767e810d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Apr 2023 13:24:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1576
etag: W/"bada562d9f0dc2d113f5e6f772e6e061"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rckYPHMkfNlrBpzi%2BGEUITrrGNqhpqaT2GSYrfymUqgYjMXk%2BRkQq7JWx8CdIal7lMbBLrOVsPTcWfT07XmW5hvcmUOMFiDe2KAwra7eGEUghIxW8dkzl95iRA6BDZyF1eiLgkNL3uGndw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7bdf4eb7eb72694c-FRA

GET
H3 200 www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame F162 9 KB
2 KB 21ms
21ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCbg_UMjlHJg_19SZckaKajg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.quWKHAGG1QE.O%2Fd%3D1%2Frs%3DAHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCbg_UMjlHJg_19SZckaKajg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.quWKHAGG1QE.O%2Fd%3D1%2Frs%3DAHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474434
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2447
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 01:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 20 Apr 2024 02:05:25 GMT

GET
H3 200 www-subscribe-embed-card_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame F162 149 KB
44 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCbg_UMjlHJg_19SZckaKajg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.quWKHAGG1QE.O%2Fd%3D1%2Frs%3DAHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474434
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44975
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 20 Apr 2024 02:05:25 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/ Frame 09FB 57 KB
20 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484dcabfc0c1681e08e9620b7eb4f217625a607afaaa14fe32909f029de30100

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20758
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 15:23:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 17:26:59 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/ Frame F162 134 KB
45 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05aab08beef56b64bc4f87314e6bca6d5c58095bdec0e704e91c38c21fa69ed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 22:20:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46005
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 15:23:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 22:20:37 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A761 0
0 58ms
57ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssn3Lp5T4Jh2KIyDDMpACPpQBrstvlfVddyD2rkkopVXVPwLfZHCblTswEzhn-DJVRjN5NIK-mR1pASPyicvMJfuBJX9X-NHfNRXvftt2JoNtMzzfjBGA9r3RN2a9yd-jfEVR5xi-Zekil6vw6fDl_XdI0qMWOt6dn-FT3hCtNt8-uzFBs2opOLHqpGgywJmjR7UVxHNpt5IR-DsxVo5J9LViOvbaN2jvay2gEih5ISjwhxBY9ulYqCo0DTZhrmX9KtdU83vw0kPFGdzSOgV4RHvI2vHoJrZwwjEFHZzYlLYuSYBww7IPc1kP5z216YmJ3lIB9OA6OMFtS3rf0d&sai=AMfl-YReHZCPZHxrBF_6bUJXqIQCY0UmP1DMVjaXAfKOpDE0Fz_REUG35JvdSJe8v67TIVJSzHW2ckJcHj-CKmu2WKXC8mD5lYiaHT0CddnLT3xNuf9MUL_TU9VtL5dyEhcJSuAffPBpu3QAwsbgvlo&sig=Cg0ArKJSzEfOTg96FVecEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 48955
stags.bluekai.com/site/ Frame A761 62 B
0 272ms
193ms Fetch
image/gif 104.111.217.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/48955?phint=event%3Dimp&phint=aid%3D18081065&phint=adid%3D15785705&phint=cid%3D124674305&phint=crid%3D138395602298
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-14.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 13:52:40 GMT
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control: max-age=0, no-cache, no-store
content-length: 62
bk-server: 22bc
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 / Show response
ignitecampaigns.com/national/rsspromo/ Frame 425C 3 KB
1 KB 31ms
21ms Document
text/html 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ignitecampaigns.com/national/rsspromo/?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&limit=12&trackback=dynamic-ad-300
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668B) /
Resource Hash: 7d7293e8ab23697d4f5bd001bd3ede412c7b7ad44dca270d7cb440c5299020b2

Request headers

Referer: https://user2.cloudconfigpure.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 105267
cache-control: no-cache
content-encoding: gzip
content-length: 1093
content-type: text/html; charset=UTF-8
date: Wed, 26 Apr 2023 13:52:39 GMT
expires: Wed, 26 Apr 2023 13:52:38 GMT
gdpr-source: DE
last-modified: Tue, 25 Apr 2023 08:38:12 GMT
server: ECS (frb/668B)
vary: Accept-Encoding
x-cache: HIT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A761 158 KB
49 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79159c859ad82bb982f7f91b91d4b50cf81faef5611aca61321908c656ebad6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49532
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682335668691775"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304132133000/ Frame 4FFE 222 KB
61 KB 105ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f5a74ea4fa94eaadca122239fe4031ac54bc6ccd5dc4324c2751ea86a943124

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Apr 2023 12:11:36 GMT
age: 92463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61827
x-xss-protection: 0
server: sffe
etag: "1754d270d28e2ea6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 24 Apr 2024 12:11:36 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 4FFE 15 KB
5 KB 151ms
65ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304132133000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85afe5d6b60132a4c60a797263462587cbedf641bf528a053b9a63753b7a53b8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Apr 2023 12:11:36 GMT
age: 92463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5222
x-xss-protection: 0
server: sffe
etag: "8e65ad5048245435"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 24 Apr 2024 12:11:36 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 4FFE 94 KB
28 KB 152ms
66ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304132133000/v0/amp-analytics-0.1.mjs

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87164df907b04e7cc17ecf6cc67fc70758df16f4abe9ae99fdbb24ff5d2ff3ca

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Apr 2023 12:11:36 GMT
age: 92463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28942
x-xss-protection: 0
server: sffe
etag: "73bf4bf39cc8fedd"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 24 Apr 2024 12:11:36 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 4FFE 5 KB
2 KB 158ms
72ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304132133000/v0/amp-fit-text-0.1.mjs

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68c8c5b10569e4cfa7a8eb1f137a96a5a6b6623e02e24170d837afe8fe0842e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Apr 2023 12:11:36 GMT
age: 92463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1921
x-xss-protection: 0
server: sffe
etag: "f061d9295cdc41bd"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 24 Apr 2024 12:11:36 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 4FFE 40 KB
13 KB 159ms
73ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304132133000/v0/amp-form-0.1.mjs

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3532a807c3416a321a14d2e03f65872f747837a3eb23aa8571304ca6ddc1bec4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Apr 2023 12:11:36 GMT
age: 92463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12962
x-xss-protection: 0
server: sffe
etag: "8013fcb40cf8ec28"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 24 Apr 2024 12:11:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4FFE 6 KB
791 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Apr 2023 13:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 13:10:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4FFE 2 KB
3 KB 26ms
25ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 08:26:03 GMT
x-content-type-options: nosniff
server: cafe
age: 19596
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 27 Apr 2023 08:26:03 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4FFE 295 B
519 B 22ms
22ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 11:14:15 GMT
x-content-type-options: nosniff
server: cafe
age: 9504
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Thu, 27 Apr 2023 11:14:15 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4FFE 0
0 68ms
67ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C5GjqpyxJZO_JG--amLAPk-G_4ASZ3-zZb-Dg5o6lDN3rxdOiGxABILu6tRlglYr_gZQHoAGumIqiAsgBCakCCcPyHGBssj7gAgCoAwHIAwqqBJYCT9CKGjC-PHcEySrZDROJuId2yDcJYnoEReDi3WFeH5VoB0DVL-E1bO02fW2ABKM-ATg0-F-P5v2Gklz_cPHLQqQQsBRDRTjb68qF45oiPDQpe6QiFzJIfstLXneuWyYTTmsNwoI_otEVrLyD1mTlnFZtZw-L6UgPEJgBB-XTlzt2QvRL1X9224s4zpo3l9JDibRhbowwI6dEFH9R8PWBUTP9heSN5vvFSab57I2OqaX4uQgsqiC31Nc1oxyzdceC7SIyu_deXVC7LWOHCaxZ4tBuUC6J3_DOl4txr2gZRZteyN07BaA9MB7QVEjodF1A-Y17PU7_nhuyjxCdRhloI9DKZjmFuMNV-6hj_9ElJb59IShAtcbABJ6BxOv_AuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe65_XdAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKiiDNIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsBuBPkA9gTDIgUA9AVAYAXAbIXHgocCAASFHB1Yi02NzU0NDEwODc5Mjg1NjE5GMGOEQ&sigh=rFdvAkxAuzU&uach_m=[UACH]&cid=CAQSSwBygQiDQcFdoG1OcxgLXvUw8IJT-NI2jXmf1XVtjDVIIqO4Qbshl1-i68vPF5P4O5Kv2gpcYqdQXJjWfN9oISMvyVVrmlOlzTzHfBgB&template_id=484
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/12658890777677567190/ Frame 4FFE 32 KB
32 KB 30ms
30ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12658890777677567190/2076313506083323656

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62c51f72441e8df1b4fd9a97b8b445bef5604d14061c1db76e09be186ed75e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:25:20 GMT
x-content-type-options: nosniff
age: 318439
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32440
x-xss-protection: 0
last-modified: Wed, 02 Dec 2020 23:24:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 21 Apr 2024 21:25:20 GMT

GET
H2 200 15334278864553842226
tpc.googlesyndication.com/simgad/ Frame 4FFE 7 KB
7 KB 26ms
26ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15334278864553842226?w=100&h=100

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7158b0ea4f182e9658f45c37ecc1da902babf9afa0a3f92f933ea2838e44694

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 16:44:53 GMT
x-content-type-options: nosniff
age: 335266
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7204
x-xss-protection: 0
last-modified: Sat, 01 Aug 2020 11:26:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 21 Apr 2024 16:44:53 GMT

GET
DATA 200
OK truncated
/ Frame 4FFE 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4FFE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bde858def7592a69d9f5469720180136dfd5b24f434b486080198a6c2fe417ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 px.gif
ad-delivery.net/ 43 B
341 B 79ms
28ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 566937
x-guploader-uploadid: ADPycdttsfnevQBjH5Rq64zK7sYQ3JwCsjln_o8qR38o2jcTkcMENwQ9GueQFkjAUfBxkDn_6XCAc3jF4M4Gcr-n502tFg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKy0%2BvlLX4m13nU5rM7Kvdk%2FvZrxkxy8r522rg6n2QnvCGsvE0DGmQkmDeMPOZyFNAy%2BCDwegXbXCm8IpYZzj14gQg5uIq55BIaXd0zYdnq4kV9sutIOBg6142xYsq0TXk26CL%2BfuoiH%2BXlu8g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7bdf4eb94db09170-FRA
expires: Thu, 20 Apr 2023 01:10:53 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 86ms
20ms Image
image/x-icon 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Apr 2023 03:18:36 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
924 B 76ms
25ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.2545071052966372
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 566937
x-guploader-uploadid: ADPycdttsfnevQBjH5Rq64zK7sYQ3JwCsjln_o8qR38o2jcTkcMENwQ9GueQFkjAUfBxkDn_6XCAc3jF4M4Gcr-n502tFg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdxwQ%2F4xJf233IJOsCebVDeniNmvEOPjE95OdTi1h7W4tIspRZiDoi5aHFDdwR7noRIVQ2IhkIpX2dxSVhHz3t9OOSxHjKQZcxMn07Yrj9O40JWC9rveq2PxRFSNIF4clWMmHXWn8tD9rYzYPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7bdf4eb94db29170-FRA
expires: Thu, 20 Apr 2023 01:10:53 GMT

GET
H2 200 reset.css
ignitecampaigns.com/global/css/ Frame 425C 2 KB
1022 B 23ms
21ms Stylesheet
text/css 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ignitecampaigns.com/global/css/reset.css
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&limit=12&trackback=dynamic-ad-300
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669F) /
Resource Hash: 50b9675ba9574e183a1977c010855d67f334a8c8c16391e33bf7d8e9cbb480c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&limit=12&trackback=dynamic-ad-300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
content-encoding: gzip
last-modified: Tue, 24 Sep 2019 20:13:04 GMT
server: ECS (frb/669F)
age: 35783
etag: "96a-5935229fb3863-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 899
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2 200 styles.css
ignitecampaigns.com/national/rsspromo/css/ Frame 425C 8 KB
2 KB 23ms
22ms Stylesheet
text/css 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ignitecampaigns.com/national/rsspromo/css/styles.css
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&limit=12&trackback=dynamic-ad-300
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) /
Resource Hash: 07264ff14aec297fb09ddf16cf8351b323cca837da8a4a14fc5ecc2ebac327d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&limit=12&trackback=dynamic-ad-300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
content-encoding: gzip
last-modified: Tue, 24 Sep 2019 18:37:03 GMT
server: ECS (frb/67C0)
age: 581011
etag: "2027-59350d29207f9-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 2208
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2 200 json2.min.js Show response
ignitecampaigns.com/global/js/ Frame 425C 3 KB
1 KB 24ms
23ms Script
application/javascript 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ignitecampaigns.com/global/js/json2.min.js
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&limit=12&trackback=dynamic-ad-300
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6762) /
Resource Hash: a846220a05f602bdb8899418978032bfae1e835a38f0fb5c4ba94adb080f78da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&limit=12&trackback=dynamic-ad-300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
content-encoding: gzip
last-modified: Sun, 23 Apr 2023 10:49:37 GMT
server: ECS (frb/6762)
age: 270182
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 1297
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2 200 ignite.ajax.min.js Show response
ignitecampaigns.com/global/js/ Frame 425C 1 KB
701 B 24ms
23ms Script
application/javascript 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ignitecampaigns.com/global/js/ignite.ajax.min.js
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&limit=12&trackback=dynamic-ad-300
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: f202d3a6fd36970e94499024216a662dda0e306becd09d014895a6859fe8c7c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&limit=12&trackback=dynamic-ad-300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
content-encoding: gzip
last-modified: Sun, 23 Apr 2023 02:47:26 GMT
server: ECS (frb/668C)
age: 299113
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 606
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2 200 launchrsspromo.js Show response
ignitecampaigns.com/national/rsspromo/js/ Frame 425C 11 KB
3 KB 25ms
24ms Script
application/javascript 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ignitecampaigns.com/national/rsspromo/js/launchrsspromo.js
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&limit=12&trackback=dynamic-ad-300
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: 64939600191f0e7d591dcf51f5b9b9b2f175ed6c557a23a7f401d746fb02c239

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&limit=12&trackback=dynamic-ad-300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
content-encoding: gzip
last-modified: Fri, 21 Apr 2023 20:52:15 GMT
server: ECS (frb/67BA)
age: 406824
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 3434
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304132133000/ Frame FFA3 222 KB
60 KB 63ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f5a74ea4fa94eaadca122239fe4031ac54bc6ccd5dc4324c2751ea86a943124

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Apr 2023 12:11:36 GMT
age: 92463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61827
x-xss-protection: 0
server: sffe
etag: "1754d270d28e2ea6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 24 Apr 2024 12:11:36 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304132133000/v0/ Frame FFA3 15 KB
5 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304132133000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85afe5d6b60132a4c60a797263462587cbedf641bf528a053b9a63753b7a53b8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Apr 2023 12:11:36 GMT
age: 92463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5222
x-xss-protection: 0
server: sffe
etag: "8e65ad5048245435"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 24 Apr 2024 12:11:36 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304132133000/v0/ Frame FFA3 94 KB
28 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304132133000/v0/amp-analytics-0.1.mjs

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87164df907b04e7cc17ecf6cc67fc70758df16f4abe9ae99fdbb24ff5d2ff3ca

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Apr 2023 12:11:36 GMT
age: 92463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28942
x-xss-protection: 0
server: sffe
etag: "73bf4bf39cc8fedd"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 24 Apr 2024 12:11:36 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304132133000/v0/ Frame FFA3 5 KB
2 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304132133000/v0/amp-fit-text-0.1.mjs

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68c8c5b10569e4cfa7a8eb1f137a96a5a6b6623e02e24170d837afe8fe0842e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Apr 2023 12:11:36 GMT
age: 92463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1921
x-xss-protection: 0
server: sffe
etag: "f061d9295cdc41bd"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 24 Apr 2024 12:11:36 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304132133000/v0/ Frame FFA3 40 KB
13 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304132133000/v0/amp-form-0.1.mjs

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3532a807c3416a321a14d2e03f65872f747837a3eb23aa8571304ca6ddc1bec4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Apr 2023 12:11:36 GMT
age: 92463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12962
x-xss-protection: 0
server: sffe
etag: "8013fcb40cf8ec28"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 24 Apr 2024 12:11:36 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FFA3 2 KB
3 KB 22ms
21ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 08:26:03 GMT
x-content-type-options: nosniff
server: cafe
age: 19596
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 27 Apr 2023 08:26:03 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FFA3 295 B
353 B 21ms
20ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 11:14:15 GMT
x-content-type-options: nosniff
server: cafe
age: 9504
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Thu, 27 Apr 2023 11:14:15 GMT

GET
DATA 200
OK truncated
/ Frame FFA3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5f371d40c21dcaacc4a5aea4a0cda43f48c05d0e59fd71ab9a2d665a9913c89

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 14611971412026527251
tpc.googlesyndication.com/daca_images/simgad/ Frame FFA3 60 KB
61 KB 23ms
21ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/14611971412026527251

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16a3bfe731be662392a3344f10561bd3f054ed6435e23fa931fd7b4f3c3cfd50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:45:06 GMT
x-content-type-options: nosniff
age: 310053
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61852
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 08:33:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 21 Apr 2024 23:45:06 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FFA3 0
0 66ms
65ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9nP0pyxJZMHGG9ek1gaG3J6QCqev6Yhw6o3t6MURFBABILu6tRlglYr_gZQHoAGHg7_3A8gBAuACAKgDAcgDCKoEiAJP0JEGJXS8_EJt_w4-02OR0ZiL2o3aed-3JpIBBnGEC9LXFlI2qPTD95UYgPAjS-dgIURpx173cdPs_43S59SlKD5dUX5z7dHYM0Ws17KItBQOCDK5uwyeBVN8qA6-Nj9ZsL6JrXH6JPXG8OiqQZMH3q6FV2z_uYnrj9u-8QQcrj-S9oRuK5Ww2uGR-JKVHZbDvvC6F1YJ8ZPs0b46eRZYQ8pjW5ZNkvZugNibKuG6-etOHcDrdBOhvls3PdtPkkhgnZR945MB5GAjVwK8YVgYnRK2dVDSjKPHr-7OKbKEUTfCfMWYBwjOCtAOwQcN0ocS_12dsMOdbzihgrLwOc56zoXhV_NZdqXABPzU1PqpBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfVzMeIAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMGtEdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTY3NTQ0MTA4NzkyODU2MTkYwY4R&sigh=A3J896RJux0&uach_m=[UACH]&cid=CAQSTABygQiDLqlVlglFmzhxY76WhRlT55HhKd2H3vlLGMht2ddYZki1gm1QDRXsggq8yD4SUOmp5Hf3gE2QawUkQupUy5fy-1wfrzpbA6gYAQ
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4FFE 15 KB
16 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://user2.cloudconfigpure.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 334104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 17:04:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4FFE 15 KB
15 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://user2.cloudconfigpure.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 340066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 15:24:53 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A761 0
0 56ms
56ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1cq_GzZHik1ZG_ZFOuf204zNbXfsspd059oSD9vjGauVp-yQ4-w5nNrU-fpRKC37H_NoU53LIkzhD6_lqF3elJZcbFdAKj3LzdXgmDRDfs-GSXJgp_XsPK7QIYBoG20itZhJdHT4CYgs830srshR6ymkwkIpubqX414eHdGNJ7tW1y8UheN_bvnGnu5nSlV0pcQ5VFxe1YfVpfglBhSYfwXf4lvj_ZEx65QiiK-ljJMP3RU1WWcDDgbDa58nHURGTGoF3k0kzztY-hHaNzN-XSyaxqmLvCml2GlTeMTLSerp2bsZxV2rSBNqDp-3N5_9DAajy-Fy13jiluRsY6Z8&sai=AMfl-YSBUPBPQTSxJnIA3T2mAbCD1dMLHyFcV8xpIqt_0EaaREIbAVv6Dptztqls7qA25BrVfsprByQCrmkDy_yb4bmWv4EQ7YLcdHjwVZNsti4712BUbUUh9AxED3ofE0nXL2sSS-pMN3hgGoZ-YV8&sig=Cg0ArKJSzGehoILgnpuqEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
DATA 200
OK truncated
/ Frame A761 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e20118be99803e64e6b3acf68e6597f3bb41e824c9ad0df68dc568161196b85

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
ignitecampaigns.com/utils/rssmerge/ Frame 425C 5 KB
6 KB 21ms
21ms XHR
application/json 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ignitecampaigns.com/utils/rssmerge/?template=tsmnational&limit=12&format=json&timeout=0&feeds=http%3A%2F%2Fpopcrush.com%2Fts_private_tag%2Fbig-data-trending%2Ffeed%2F%3Fcount%3D3,http%3A%2F%2Ftasteofcountry.com%2Fts_private_tag%2Fbig-data-trending%2Ffeed%2F%3Fcount%3D3,http%3A%2F%2Fwww.xxlmag.com%2Fts_private_tag%2Fbig-data-trending%2Ffeed%2F%3Fcount%3D3,http%3A%2F%2Fscreencrush.com%2Fts_private_tag%2Fbig-data-trending%2Ffeed%2F%3Fcount%3D3&timestamp=2804195
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/global/js/ignite.ajax.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668B) /
Resource Hash: 3630435bc7749cf5348d62f1263c0b4042fecb5f251dfd9652ea9b7708753c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&limit=12&trackback=dynamic-ad-300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
last-modified: Wed, 26 Apr 2023 13:50:03 GMT
server: ECS (frb/668B)
age: 156
access-control-allow-methods: POST, GET, PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: HIT
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
access-control-allow-headers: X-Ignite
content-length: 5578
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2 200 bg-holder.jpg
ignitecampaigns.com/national/rsspromo/img/ Frame 425C 26 KB
26 KB 21ms
21ms Image
image/jpeg 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ignitecampaigns.com/national/rsspromo/img/bg-holder.jpg
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/css/styles.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674D) /
Resource Hash: b11fdc22fde82854efcf3c3094f1588d15da2dcbdc47ef035d7d4c501e7c3342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:39 GMT
last-modified: Tue, 24 Sep 2019 20:13:10 GMT
server: ECS (frb/674D)
age: 321135
etag: "679b-593522a5c9242"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 26523
expires: Wed, 26 Apr 2023 13:52:38 GMT

GET
H2 200 bobbyshmurda.jpg
townsquare.media/site/812/files/2020/09/ Frame 425C 41 KB
41 KB 22ms
20ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2020/09/bobbyshmurda.jpg?w=300&h=250

Requested by

Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&limit=12&trackback=dynamic-ad-300

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67A8) / Express

Resource Hash

172d5e558985055f3186609c3c1c776a3e26316aa022773a969a8f7efec2ff8b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 26154671
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 41697
last-modified: Tue, 22 Sep 2020 12:35:26 GMT
server: ECS (frb/67A8)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 1006007303 1005702326
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 Kanye-Boosie-Drake.jpg
townsquare.media/site/812/files/2020/09/ Frame 425C 34 KB
34 KB 23ms
20ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2020/09/Kanye-Boosie-Drake.jpg?w=300&h=250

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669E) / Express

Resource Hash

26f278693a1ac7f7bceb4ca9fd15fb5bfdaf9f4b5507ca3c7a05555cc5983247

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 26154931
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 35092
last-modified: Sat, 19 Sep 2020 18:47:10 GMT
server: ECS (frb/669E)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 1005639198
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-american-idol-whos-left.jpg
townsquare.media/site/204/files/2023/04/ Frame 425C 37 KB
37 KB 23ms
21ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/204/files/2023/04/attachment-american-idol-whos-left.jpg?w=300&h=250

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67A7) / Express

Resource Hash

ea0cfcdf22f9ea86cdc3ba0296bbb022ce51e4159726069753a95b55746a6fcf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 86586
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 37726
last-modified: Tue, 25 Apr 2023 13:46:48 GMT
server: ECS (frb/67A7)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 198376326
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-morgan-wallen-cancelled-concert.jpg
townsquare.media/site/252/files/2023/04/ Frame 425C 19 KB
19 KB 23ms
21ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/252/files/2023/04/attachment-morgan-wallen-cancelled-concert.jpg?w=300&h=250

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669F) / Express

Resource Hash

5531d5f00f59227ec399741863a42bd40ab03f940f5c1a25f2e3268c231051a0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 155911
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 19524
last-modified: Mon, 24 Apr 2023 18:33:08 GMT
server: ECS (frb/669F)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 183887060
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-godilla-kong-new-empire-555.jpg
townsquare.media/site/442/files/2023/04/ Frame 425C 16 KB
16 KB 24ms
22ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/442/files/2023/04/attachment-godilla-kong-new-empire-555.jpg?w=300&h=250

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/675D) / Express

Resource Hash

f252844f3a8faba798f4cd4894baf3c7235549c3a8b0f3cfdf8d5840a7cca562

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 508104
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 16674
last-modified: Thu, 20 Apr 2023 16:44:09 GMT
server: ECS (frb/675D)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3893311079
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-alabama-barker-music-rap.jpg
townsquare.media/site/252/files/2023/04/ Frame 425C 20 KB
20 KB 24ms
22ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/252/files/2023/04/attachment-alabama-barker-music-rap.jpg?w=300&h=250

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C1) / Express

Resource Hash

f68c3d70279465c9c546e946c16a3bc82a56dba52d81a6260f4ca0d4a857a00e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 670109
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 20268
last-modified: Tue, 18 Apr 2023 19:44:07 GMT
server: ECS (frb/67C1)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 76374791
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-1.jpg
townsquare.media/site/442/files/2023/04/ Frame 425C 21 KB
21 KB 25ms
23ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/442/files/2023/04/attachment-1.jpg?w=300&h=250

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C1) / Express

Resource Hash

b88a2d7624c6b4dd3b2baf842a77ab5a4e8742dd6f83375ed7a5176d53dab3f7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 82195
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 21646
last-modified: Tue, 25 Apr 2023 15:02:30 GMT
server: ECS (frb/67C1)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3981565188
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-RebaMcEntire.jpg
townsquare.media/site/204/files/2023/04/ Frame 425C 26 KB
26 KB 25ms
23ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/204/files/2023/04/attachment-RebaMcEntire.jpg?w=300&h=250

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BA) / Express

Resource Hash

538443631eacd78989bc09b6369c6733f06412802c57bfa6f61d5aba9f9d20a7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 771111
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 26659
last-modified: Mon, 17 Apr 2023 15:40:52 GMT
server: ECS (frb/67BA)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 54683247
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-taylor-swift-drunk-driver-fan-killed.jpg
townsquare.media/site/252/files/2023/04/ Frame 425C 24 KB
24 KB 26ms
24ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/252/files/2023/04/attachment-taylor-swift-drunk-driver-fan-killed.jpg?w=300&h=250

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C1) / Express

Resource Hash

f0ad8643f4e49bea83eab9421dddb844f347583829600fac0df631be848634a1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 129439
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 24510
last-modified: Tue, 25 Apr 2023 01:53:54 GMT
server: ECS (frb/67C1)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3972278547
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 dr-dre-wife-nicole-young.jpg
townsquare.media/site/812/files/2020/07/ Frame 425C 34 KB
34 KB 26ms
25ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2020/07/dr-dre-wife-nicole-young.jpg?w=300&h=250

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6713) / Express

Resource Hash

916cdfd8c5919cac1afdb512c29fbd1b8df7f08c7c792bba40e1fb72e29fe821

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 26154931
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 34884
last-modified: Mon, 21 Sep 2020 19:48:54 GMT
server: ECS (frb/6713)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 2358039567
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-attachment-black-widow.jpg
townsquare.media/site/442/files/2022/05/ Frame 425C 27 KB
27 KB 39ms
38ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/442/files/2022/05/attachment-attachment-black-widow.jpg?w=300&h=250

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6725) / Express

Resource Hash

4d5c82f398df1f66e659c868f2d8ed9e9c2c75e56b44ba5893871ed09b02c7d2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 150396
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 27444
last-modified: Mon, 24 Apr 2023 20:04:25 GMT
server: ECS (frb/6725)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 185233975
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-garth-brooks-best-living-performer.jpg
townsquare.media/site/204/files/2023/04/ Frame 425C 38 KB
38 KB 39ms
38ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/204/files/2023/04/attachment-garth-brooks-best-living-performer.jpg?w=300&h=250

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6776) / Express

Resource Hash

3f723025984a9e2977afb73542a3eae55562d07f1787a95c210884f002732dcf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 781232
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 38491
last-modified: Mon, 17 Apr 2023 12:52:08 GMT
server: ECS (frb/6776)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 52334405
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 fontello.woff
ignitecampaigns.com/global/fonts/fontello/ Frame 425C 3 KB
3 KB 21ms
21ms Font
application/font-woff 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ignitecampaigns.com/global/fonts/fontello/fontello.woff?66834837
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/css/styles.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 24380a4865abd76bdaa48660af824856e328f6612b2a9d7caf9a50e1a1baa4a9

Request headers

Referer: https://ignitecampaigns.com/national/rsspromo/css/styles.css
Origin: https://ignitecampaigns.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
last-modified: Tue, 24 Sep 2019 18:36:56 GMT
server: ECS (frb/6795)
age: 371852
etag: "bbc-59350d235af3c"
x-cache: HIT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 3004
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame FFA3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

77ms
31ms

Image
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/
Protocol: H2
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

date: Wed, 26 Apr 2023 13:52:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2E59 0
0 58ms
57ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOJkPCa7kQi-PGcRIuPnxMeBpYz0v9scioWHkeeJOj2LMzymZaBRBEQnBOe0yjc7gQ-0Xbjq1cVhzL4QAVuXNZtalrkvtcTwpXcRqzdRsKAVo3GtCtbKMEFzEW8i3gWzJfQRlhtQnxCdtP16lzw6F6egICGYHRRQHDTagdOmM3zlPRMp8_hx9jg__FE8m04lPUZlGxz2hWGOJB-EjHfV0owEZftnKk8FTXSIkLRWJR9lCGbNVVl_IXVbFmS7N0qWVZ44jzidqL2z6vYjRxCFt1jaUtlJ-0LjSc8pxaG2UukNyHEg5Vx-5VuGB_pASsiTMzDrBtYcIS_-019VS1Kw&sai=AMfl-YRKYM9YkXDByO4nZ-FblE5HaKt84kkXoxgmdBAiCNgdXtQ2vwxRfwGiQo_CagvQzPtuNb0WXANEReOQbYaI_mZ-o6COMWZH5Ygum0P6_yNLR41nvIL-PH5fzdWah46BrQ&sig=Cg0ArKJSzDs1d2lxgExjEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 48953
stags.bluekai.com/site/ Frame 2E59 62 B
0 258ms
257ms Fetch
image/gif 104.111.217.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/48953?phint=event%3Dimp&phint=aid%3D18081065&phint=adid%3D15785705&phint=cid%3D124674305&phint=crid%3D138395689182
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-14.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 13:52:40 GMT
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control: max-age=0, no-cache, no-store
content-length: 62
bk-server: 7f91
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 rsspromo728.php Show response
ignitecampaigns.com/national/rsspromo/ Frame F12C 2 KB
748 B 119ms
119ms Document
text/html 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ignitecampaigns.com/national/rsspromo/rsspromo728.php?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&trackback=dynamic-house-728
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: 756bbfad0e6e42c8ebaa6b363ce3bc33c5fc27f48fe16916b5916aeae3171511

Request headers

Referer: https://user2.cloudconfigpure.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-length: 701
content-type: text/html; charset=UTF-8
date: Wed, 26 Apr 2023 13:52:40 GMT
expires: Wed, 26 Apr 2023 13:52:39 GMT
gdpr-source: DE
server: nginx
vary: Accept-Encoding

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E59 158 KB
48 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79159c859ad82bb982f7f91b91d4b50cf81faef5611aca61321908c656ebad6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49532
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682335668691775"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 13:52:40 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2E59 0
0 56ms
56ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNf-kF8B2xkIimvbiHCKUVHyuhshqR14lehaMUi_b-3RL_Jk1o8i2_laTxo1DTiJ2bhgxW1EX-1WdmTyahbCuoV80zeGQ_NR9yyTyo2n1ZKF0v3gjZ8l3FrJB6v5dJPZ1qcVThr06wDIl4-gH_jgGrLgrFdYsctI-grGBhRIqXd6Fxl8dpWHy8emk0mjvaBGLWliciVTXRqj8sEZddaGI9ZlwDz-WHQrG-BmWkaUIlN5Eh_euUXtUmNpWLHTlFp3jGjfBWITo7t5NCebZI4_4ShhlHWfttftQzLq9indGZgNOA2QARZVUDXh9T2rM2tshxU7uZ7vYxzknH1ARisrEH&sai=AMfl-YSRwMLKYOdI_5UCS1XEQhRokt-QkuwEZVVZCQgjyK2jDGgUjkvlkup2s_P-Ja5hmES5Ef_p6VG3dlkFPGpEm1-9goNvhL1CTmVGUFKyB4fQXESsaNiibo9rXjHsNaRYjQ&sig=Cg0ArKJSzGoBs__YvS1aEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Apr 2023 13:52:40 GMT

GET
DATA 200
OK truncated
/ Frame 2E59 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98d9667d5fa5ff963ae0b644e5faa3d77361e901cdc15f3381da114048f132b3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=XXL&ncv=24
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=XXL&ncv=24

5 B
230 B

158ms
148ms

Script
text/html

2606:4700::6812:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=XXL&ncv=24
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/
Protocol: H2
Server: 2606:4700::6812:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 13:52:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=ISO-8859-1
content-language: de-DE
access-control-allow-origin: *
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
cf-ray: 7bdf4ebe18865c5c-FRA

Redirect headers

location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=XXL&ncv=24
access-control-allow-origin: *
date: Wed, 26 Apr 2023 13:52:40 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7bdf4ebbbc765c5c-FRA
content-type: text/html; charset=iso-8859-1

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24

5 B
143 B

135ms
134ms

Script
text/html

2606:4700::6812:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/
Protocol: H2
Server: 2606:4700::6812:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 13:52:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=ISO-8859-1
content-language: de-DE
access-control-allow-origin: *
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
cf-ray: 7bdf4ebe28ca5c5c-FRA

Redirect headers

location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
access-control-allow-origin: *
date: Wed, 26 Apr 2023 13:52:40 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7bdf4ebbbc7b5c5c-FRA
content-type: text/html; charset=iso-8859-1

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 298 KB
57 KB 77ms
25ms Script
application/javascript 13.32.99.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=LT1Yn2pW9B5QzH6n4H2YlkQyVEfXVOOu82lt
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59aa32157130fa4321b3bd4a33828acb57c124f218f05f0da4e3581828d575e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:45:36 GMT
content-encoding: gzip
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
last-modified: Tue, 25 Apr 2023 20:00:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 502
x-amz-server-side-encryption: AES256
etag: W/"c8caafc25721e46604e1c0e802befff0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: MQ6fCXE1n_rBA07OD2ZfyFpbu-6yKj-krs4fwK0VqjhInLDwPUMaFQ==

GET
H2 200 reset.css
ignitecampaigns.com/global/css/ Frame F12C 2 KB
979 B 23ms
22ms Stylesheet
text/css 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ignitecampaigns.com/global/css/reset.css
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/rsspromo728.php?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&trackback=dynamic-house-728
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669F) /
Resource Hash: 50b9675ba9574e183a1977c010855d67f334a8c8c16391e33bf7d8e9cbb480c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/rsspromo728.php?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&trackback=dynamic-house-728
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
content-encoding: gzip
last-modified: Tue, 24 Sep 2019 20:13:04 GMT
server: ECS (frb/669F)
age: 35784
etag: "96a-5935229fb3863-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 899
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 styles728.css
ignitecampaigns.com/national/rsspromo/css/ Frame F12C 9 KB
2 KB 21ms
20ms Stylesheet
text/css 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/rsspromo728.php?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&trackback=dynamic-house-728
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) /
Resource Hash: 50c515c72e352ca7a244a2a8b703c3263f572750928a882b6998921896ab6bab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/rsspromo728.php?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&trackback=dynamic-house-728
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
content-encoding: gzip
last-modified: Tue, 24 Sep 2019 20:13:10 GMT
server: ECS (frb/67C0)
age: 113029
etag: "2332-593522a5c9242-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 2359
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 jquery-1.7.2.min.js Show response
ignitecampaigns.com/global/js/ Frame F12C 93 KB
33 KB 22ms
21ms Script
application/javascript 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ignitecampaigns.com/global/js/jquery-1.7.2.min.js
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/rsspromo728.php?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&trackback=dynamic-house-728
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668B) /
Resource Hash: d72fcb8924d1e14dbd4b04aff994c1183ee86c620f0aaac034f75fc508548220

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/rsspromo728.php?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&trackback=dynamic-house-728
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
content-encoding: gzip
last-modified: Mon, 24 Apr 2023 23:44:25 GMT
server: ECS (frb/668B)
age: 137295
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 33632
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 launchrsspromo728x90.js Show response
ignitecampaigns.com/national/rsspromo/js/ Frame F12C 12 KB
4 KB 22ms
22ms Script
application/javascript 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ignitecampaigns.com/national/rsspromo/js/launchrsspromo728x90.js
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/rsspromo728.php?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&trackback=dynamic-house-728
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E0) /
Resource Hash: 2594e42bb0f6644cce4330f718ad72360024056159b5eb979fe4f4cebcd049a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/rsspromo728.php?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&trackback=dynamic-house-728
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
content-encoding: gzip
last-modified: Sun, 23 Apr 2023 02:45:43 GMT
server: ECS (frb/67E0)
age: 299217
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 3596
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 / Show response
ignitecampaigns.com/utils/rssmerge/ Frame F12C 5 KB
6 KB 21ms
20ms XHR
application/json 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ignitecampaigns.com/utils/rssmerge/?format=json&template=tsmnational&limit=0&feeds=http%253A%252F%252Fpopcrush.com%252Fts_private_tag%252Fbig-data-trending%252Ffeed%252F%253Fcount%253D3%2Chttp%253A%252F%252Ftasteofcountry.com%252Fts_private_tag%252Fbig-data-trending%252Ffeed%252F%253Fcount%253D3%2Chttp%253A%252F%252Fwww.xxlmag.com%252Fts_private_tag%252Fbig-data-trending%252Ffeed%252F%253Fcount%253D3%2Chttp%253A%252F%252Fscreencrush.com%252Fts_private_tag%252Fbig-data-trending%252Ffeed%252F%253Fcount%253D3
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/global/js/jquery-1.7.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) /
Resource Hash: 3630435bc7749cf5348d62f1263c0b4042fecb5f251dfd9652ea9b7708753c2f

Request headers

Accept: */*
Referer: https://ignitecampaigns.com/national/rsspromo/rsspromo728.php?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&trackback=dynamic-house-728
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
last-modified: Tue, 25 Apr 2023 20:49:06 GMT
server: ECS (frb/67C0)
age: 61414
access-control-allow-methods: POST, GET, PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: HIT
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
access-control-allow-headers: X-Ignite
content-length: 5578
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 bg-holder.jpg
ignitecampaigns.com/national/rsspromo/img/ Frame F12C 26 KB
26 KB 21ms
21ms Image
image/jpeg 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ignitecampaigns.com/national/rsspromo/img/bg-holder.jpg
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674D) /
Resource Hash: b11fdc22fde82854efcf3c3094f1588d15da2dcbdc47ef035d7d4c501e7c3342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
last-modified: Tue, 24 Sep 2019 20:13:10 GMT
server: ECS (frb/674D)
age: 321136
etag: "679b-593522a5c9242"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 26523
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 /
log.pinterest.com/ 0
338 B 104ms
47ms Image
text/plain 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=HmiBSLwGWN32&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fwww.xxlmag.com%2F&viaSrc=canonical
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 0
x-pinterest-rid: 3567885372310513
content-length: 0
x-served-by: cache-hhn-etou8220032-HHN
pragma: no-cache
server: envoy
x-timer: S1682517160.317655,VS0,VE28
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 attachment-attachment-black-widow.jpg
townsquare.media/site/442/files/2022/05/ Frame F12C 6 KB
6 KB 20ms
18ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/442/files/2022/05/attachment-attachment-black-widow.jpg?w=182&h=90&a=m

Requested by

Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/rsspromo728.php?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&trackback=dynamic-house-728

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6762) / Express

Resource Hash

58e539b6e841c653911af5d9d1112a2c3d976eafbe2fba36c7726289f6920d16

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 143856
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 6460
last-modified: Mon, 24 Apr 2023 23:55:33 GMT
server: ECS (frb/6762)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3970574183 3968943049
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-alabama-barker-music-rap.jpg
townsquare.media/site/252/files/2023/04/ Frame F12C 7 KB
7 KB 22ms
20ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/252/files/2023/04/attachment-alabama-barker-music-rap.jpg?w=182&h=90&a=m

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BE) / Express

Resource Hash

5d09e9453863297b83e0e711591e3d3318c2fdeb996fbfb2af2ab4e21fd9a6c1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 666220
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 6720
last-modified: Tue, 18 Apr 2023 20:49:01 GMT
server: ECS (frb/67BE)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 77329065
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-RebaMcEntire.jpg
townsquare.media/site/204/files/2023/04/ Frame F12C 9 KB
9 KB 22ms
20ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/204/files/2023/04/attachment-RebaMcEntire.jpg?w=182&h=90&a=m

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6725) / Express

Resource Hash

efd207de9c4dcccf1b8703ef2ec14e94fc27ff6ba057f2c23475301108e1236a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 752319
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 8962
last-modified: Mon, 17 Apr 2023 16:27:43 GMT
server: ECS (frb/6725)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3844035441 3841304557
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 bobbyshmurda.jpg
townsquare.media/site/812/files/2020/09/ Frame F12C 12 KB
12 KB 23ms
21ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2020/09/bobbyshmurda.jpg?w=182&h=90&a=m

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6796) / Express

Resource Hash

cfb03552e2aa577b0cdcbaf9e41123c91298ff24ab39082c7eeeff0c3044f860

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 26143105
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 11957
last-modified: Tue, 22 Sep 2020 15:09:28 GMT
server: ECS (frb/6796)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 2360597152
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-garth-brooks-best-living-performer.jpg
townsquare.media/site/204/files/2023/04/ Frame F12C 11 KB
11 KB 22ms
21ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/204/files/2023/04/attachment-garth-brooks-best-living-performer.jpg?w=182&h=90&a=m

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6772) / Express

Resource Hash

2dd05289f53c79274021a2d0ac30f811a1f1a34b24eaccd2de8517db389bcca9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 781231
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 11466
last-modified: Mon, 17 Apr 2023 21:18:41 GMT
server: ECS (frb/6772)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 59430811 52334731
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-1.jpg
townsquare.media/site/442/files/2023/04/ Frame F12C 8 KB
9 KB 24ms
22ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/442/files/2023/04/attachment-1.jpg?w=182&h=90&a=m

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6713) / Express

Resource Hash

c16fdedbd44ab515b58842e6e361d4c5b6edf25a5e5bf38679bc5066848b4e8d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 82147
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 8652
last-modified: Tue, 25 Apr 2023 15:03:33 GMT
server: ECS (frb/6713)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 199449863
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-american-idol-whos-left.jpg
townsquare.media/site/204/files/2023/04/ Frame F12C 11 KB
11 KB 23ms
22ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/204/files/2023/04/attachment-american-idol-whos-left.jpg?w=182&h=90&a=m

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E0) / Express

Resource Hash

c805d1b48cf6d25d781de83b120dc1bea7b555f5e143c78c2bb870549b99e05c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 84583
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 11022
last-modified: Tue, 25 Apr 2023 13:49:30 GMT
server: ECS (frb/67E0)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3981576783 3981004041
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 dr-dre-wife-nicole-young.jpg
townsquare.media/site/812/files/2020/07/ Frame F12C 8 KB
8 KB 24ms
23ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2020/07/dr-dre-wife-nicole-young.jpg?w=182&h=90&a=m

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6760) / Express

Resource Hash

42a2c0b89530d265acbf8ef5b899c80bb05e8f64bca8100ebe8beba3fc50355d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 26143105
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 7827
last-modified: Mon, 21 Sep 2020 23:09:57 GMT
server: ECS (frb/6760)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 2360597147
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-godilla-kong-new-empire-555.jpg
townsquare.media/site/442/files/2023/04/ Frame F12C 5 KB
5 KB 24ms
23ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/442/files/2023/04/attachment-godilla-kong-new-empire-555.jpg?w=182&h=90&a=m

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6723) / Express

Resource Hash

5aa78630dee33e3d5cb07644a31ff50f20f1628d82af20dad2ed8ad60b461d13

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 503833
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 4705
last-modified: Thu, 20 Apr 2023 17:22:29 GMT
server: ECS (frb/6723)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3894340444 3894316140
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 Kanye-Boosie-Drake.jpg
townsquare.media/site/812/files/2020/09/ Frame F12C 10 KB
10 KB 25ms
24ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2020/09/Kanye-Boosie-Drake.jpg?w=182&h=90&a=m

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6794) / Express

Resource Hash

912205200da68b393e709e16e40f045fa853f5cfc87b1d44649464c479eca21f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 26143105
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 10461
last-modified: Sun, 20 Sep 2020 06:47:07 GMT
server: ECS (frb/6794)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 2360597151
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-taylor-swift-drunk-driver-fan-killed.jpg
townsquare.media/site/252/files/2023/04/ Frame F12C 7 KB
7 KB 25ms
24ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/252/files/2023/04/attachment-taylor-swift-drunk-driver-fan-killed.jpg?w=182&h=90&a=m

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6793) / Express

Resource Hash

0c5d494cf4551bed318481d3b90b5c702473426884dd234534366193ae2fc986

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 113694
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 7226
last-modified: Tue, 25 Apr 2023 07:07:44 GMT
server: ECS (frb/6793)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3975878893 3975381163
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-morgan-wallen-cancelled-concert.jpg
townsquare.media/site/252/files/2023/04/ Frame F12C 7 KB
7 KB 25ms
24ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/252/files/2023/04/attachment-morgan-wallen-cancelled-concert.jpg?w=182&h=90&a=m

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6713) / Express

Resource Hash

86b6c7137e69aa1157b97b9a04a8c27e1d69ea99ab172a3ba99fde80d104557d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 134985
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 6888
last-modified: Mon, 24 Apr 2023 19:12:48 GMT
server: ECS (frb/6713)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3970939556
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 screencrush-news.png
ignitecampaigns.com/national/rsspromo/img/728/ Frame F12C 2 KB
2 KB 22ms
21ms Image
image/png 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ignitecampaigns.com/national/rsspromo/img/728/screencrush-news.png
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: 34e242e61a72222efa4b63180939a471d51ae36b40131b80f354f95b190a85b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
last-modified: Tue, 24 Sep 2019 20:13:10 GMT
server: ECS (frb/6760)
age: 68373
etag: "826-593522a5c9242"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 2086
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 popcrush-news.png
ignitecampaigns.com/national/rsspromo/img/728/ Frame F12C 2 KB
2 KB 22ms
21ms Image
image/png 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ignitecampaigns.com/national/rsspromo/img/728/popcrush-news.png
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: e5fad59e8f1ab819ddf8cdcc565d06e3c0ec28f9411a20a9c59d3bdb068064fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
last-modified: Tue, 24 Sep 2019 18:37:03 GMT
server: ECS (frb/673A)
age: 135421
etag: "7e1-59350d29207f9"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 2017
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 toc-news.png
ignitecampaigns.com/national/rsspromo/img/728/ Frame F12C 2 KB
2 KB 23ms
22ms Image
image/png 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ignitecampaigns.com/national/rsspromo/img/728/toc-news.png
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: b8a24f3e109aff90718417efc63938177a82eb2fa442f5153f7366f901de0af8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
last-modified: Tue, 24 Sep 2019 18:37:03 GMT
server: ECS (frb/67F3)
age: 515495
etag: "924-59350d29207f9"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 2340
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 xxlmag-news.png
ignitecampaigns.com/national/rsspromo/img/728/ Frame F12C 2 KB
2 KB 23ms
23ms Image
image/png 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ignitecampaigns.com/national/rsspromo/img/728/xxlmag-news.png
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D4) /
Resource Hash: d2a6f45c1a295a6bed64926a2e3a48091dbe8f1f72c3b84659750ead4e65236c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
last-modified: Tue, 24 Sep 2019 18:37:03 GMT
server: ECS (frb/67D4)
age: 550405
etag: "676-59350d29207f9"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 1654
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 fontello.woff
ignitecampaigns.com/global/fonts/fontello/ Frame F12C 3 KB
3 KB 23ms
23ms Font
application/font-woff 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ignitecampaigns.com/global/fonts/fontello/fontello.woff?66834837
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 24380a4865abd76bdaa48660af824856e328f6612b2a9d7caf9a50e1a1baa4a9

Request headers

Referer: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
Origin: https://ignitecampaigns.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
last-modified: Tue, 24 Sep 2019 18:36:56 GMT
server: ECS (frb/6795)
age: 371852
etag: "bbc-59350d235af3c"
x-cache: HIT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 3004
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 pubcid.min.js Show response
townsquare.media/public/resources/js/ 57 KB
18 KB 20ms
20ms Script
application/javascript 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://townsquare.media/public/resources/js/pubcid.min.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BD) / Express

Resource Hash

f557eace0ab7f5c416209ea3b01c21e6bb36e52bb87b8e1ddc762c9b4ad2f94f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:40 GMT
content-encoding: gzip
via: 1.1 varnish
age: 42934
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 18369
last-modified: Tue, 30 Mar 2021 01:10:30 GMT
server: ECS (frb/67BD)
etag: W/"e26f-17880ae9f25"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 209165516 209165355
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E466 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsth3VgUxuLPnsFLc41ucIqT79GETFrr2UHJtXaCoO1zAqkEfDktdQg2jIUPeam1zwJcxZDxT7ALamicXtZoVbTxN6p46y08qOQjdDF-OPd41gnGNZtj6VH0zfZaomwIv-1V_UAKlPq91epZs_b_66JjWXNuBDZH-_CA4KpATWQxVvolhmy7lAstb0pF1CaUqe8Hpr9rkGRs0Lv8TwljPaUrYBnckDfv9IsavPIL9mCna5vIldSe7wNVPnyjv2ttAeevOXhDT3BBnRA5-JK5K0hP4J2NGWElS8yE-5URQ75PMfmb2nUgwHDysf_JGkxd9jmwV4KhzlehJt-ZphhzVA&sai=AMfl-YRAVQGE14w8ZsrewtvOFXJURDVa-CiY-B_p6faRxxQY5_k8ikMGP9bwNjs3Ts-U8Eikv4vdSz1jeqEOMy2P-jhgzUrZlyJp6lNwG8SnhOhUKpdpkehictvYIPjd70cCWs4&sig=Cg0ArKJSzOQsZ167B5XsEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 48953
stags.bluekai.com/site/ Frame E466 62 B
0 181ms
180ms Fetch
image/gif 104.111.217.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/48953?phint=event%3Dimp&phint=aid%3D18081065&phint=adid%3D15785705&phint=cid%3D124674305&phint=crid%3D138395602283
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-14.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 13:52:40 GMT
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control: max-age=0, no-cache, no-store
content-length: 62
bk-server: 3c93
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 rsspromo728.php Show response
ignitecampaigns.com/national/rsspromo/ Frame FDA8 2 KB
748 B 117ms
117ms Document
text/html 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ignitecampaigns.com/national/rsspromo/rsspromo728.php?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&trackback=dynamic-house-728
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: 756bbfad0e6e42c8ebaa6b363ce3bc33c5fc27f48fe16916b5916aeae3171511

Request headers

Referer: https://user2.cloudconfigpure.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-length: 701
content-type: text/html; charset=UTF-8
date: Wed, 26 Apr 2023 13:52:40 GMT
expires: Wed, 26 Apr 2023 13:52:39 GMT
gdpr-source: DE
server: nginx
vary: Accept-Encoding

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E466 158 KB
48 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79159c859ad82bb982f7f91b91d4b50cf81faef5611aca61321908c656ebad6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49532
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682335668691775"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 13:52:40 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E466 0
0 56ms
56ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvC3gMcfq8z2A153goTg3YGQxaH0XdpF5RBmO9YCERR078TlINqq29qW4-jVs-kST4w6QKwX1lMTeGUQmcxsn4463qefiaQR6dts2UzkmiPwCXecgZ01IIELiz4KseiBBT8tsThW0s1EqhQkx5TVKZ8P6k5COSYYRvd4ldENMSmMfCxvakJR-AjFttgw2ZyyddywRFYJQiv59IgwMu6i0I02CkUNLb4WQqP1aqZtvyoww85_Bt-nOauaUUgs0v2ryyVy1C2a60BVcFWV9iy7G4Xi2hl6Bv6gqZrc1OyoT9uv8DEBqh_P9SCMRiUSwgtBlQJy90EYqMgZfzndl62oAv2&sai=AMfl-YR5G_pWEUVmv1lyAQnXc0I_4rLnU4uYUplBCGBxSsZiNCmYXTom0Rpsj62vCIrJfKti8cox3AaFTdqX63DXl4nDUx6uN62D3W1VsAJK_PbCFyo8Z3Qt99ehqJHQgLxjnlI&sig=Cg0ArKJSzFT1DrB3tYfkEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Apr 2023 13:52:40 GMT

GET
DATA 200
OK truncated
/ Frame E466 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c112139a856a1fc373814ff49a7545c322b35d305f180f1a1ed901ca12007617

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 reset.css
ignitecampaigns.com/global/css/ Frame FDA8 2 KB
979 B 21ms
20ms Stylesheet
text/css 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ignitecampaigns.com/global/css/reset.css
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/rsspromo728.php?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&trackback=dynamic-house-728
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669F) /
Resource Hash: 50b9675ba9574e183a1977c010855d67f334a8c8c16391e33bf7d8e9cbb480c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/rsspromo728.php?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&trackback=dynamic-house-728
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
content-encoding: gzip
last-modified: Tue, 24 Sep 2019 20:13:04 GMT
server: ECS (frb/669F)
age: 35784
etag: "96a-5935229fb3863-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 899
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 styles728.css
ignitecampaigns.com/national/rsspromo/css/ Frame FDA8 9 KB
2 KB 22ms
21ms Stylesheet
text/css 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/rsspromo728.php?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&trackback=dynamic-house-728
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) /
Resource Hash: 50c515c72e352ca7a244a2a8b703c3263f572750928a882b6998921896ab6bab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/rsspromo728.php?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&trackback=dynamic-house-728
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
content-encoding: gzip
last-modified: Tue, 24 Sep 2019 20:13:10 GMT
server: ECS (frb/67C0)
age: 113029
etag: "2332-593522a5c9242-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 2359
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 jquery-1.7.2.min.js Show response
ignitecampaigns.com/global/js/ Frame FDA8 93 KB
33 KB 22ms
22ms Script
application/javascript 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ignitecampaigns.com/global/js/jquery-1.7.2.min.js
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/rsspromo728.php?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&trackback=dynamic-house-728
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668B) /
Resource Hash: d72fcb8924d1e14dbd4b04aff994c1183ee86c620f0aaac034f75fc508548220

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/rsspromo728.php?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&trackback=dynamic-house-728
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
content-encoding: gzip
last-modified: Mon, 24 Apr 2023 23:44:25 GMT
server: ECS (frb/668B)
age: 137295
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 33632
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 launchrsspromo728x90.js Show response
ignitecampaigns.com/national/rsspromo/js/ Frame FDA8 12 KB
4 KB 23ms
23ms Script
application/javascript 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ignitecampaigns.com/national/rsspromo/js/launchrsspromo728x90.js
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/rsspromo728.php?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&trackback=dynamic-house-728
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E0) /
Resource Hash: 2594e42bb0f6644cce4330f718ad72360024056159b5eb979fe4f4cebcd049a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/rsspromo728.php?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&trackback=dynamic-house-728
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
content-encoding: gzip
last-modified: Sun, 23 Apr 2023 02:45:43 GMT
server: ECS (frb/67E0)
age: 299217
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 3596
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 / Show response
ignitecampaigns.com/utils/rssmerge/ Frame FDA8 5 KB
6 KB 21ms
20ms XHR
application/json 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ignitecampaigns.com/utils/rssmerge/?format=json&template=tsmnational&limit=0&feeds=http%253A%252F%252Fpopcrush.com%252Fts_private_tag%252Fbig-data-trending%252Ffeed%252F%253Fcount%253D3%2Chttp%253A%252F%252Ftasteofcountry.com%252Fts_private_tag%252Fbig-data-trending%252Ffeed%252F%253Fcount%253D3%2Chttp%253A%252F%252Fwww.xxlmag.com%252Fts_private_tag%252Fbig-data-trending%252Ffeed%252F%253Fcount%253D3%2Chttp%253A%252F%252Fscreencrush.com%252Fts_private_tag%252Fbig-data-trending%252Ffeed%252F%253Fcount%253D3
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/global/js/jquery-1.7.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) /
Resource Hash: 3630435bc7749cf5348d62f1263c0b4042fecb5f251dfd9652ea9b7708753c2f

Request headers

Accept: */*
Referer: https://ignitecampaigns.com/national/rsspromo/rsspromo728.php?feeds[]=http://popcrush.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://tasteofcountry.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://www.xxlmag.com/ts_private_tag/big-data-trending/feed/?count=3&feeds[]=http://screencrush.com/ts_private_tag/big-data-trending/feed/?count=3&trackback=dynamic-house-728
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
last-modified: Tue, 25 Apr 2023 20:49:06 GMT
server: ECS (frb/67C0)
age: 61414
access-control-allow-methods: POST, GET, PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: HIT
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
access-control-allow-headers: X-Ignite
content-length: 5578
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 bg-holder.jpg
ignitecampaigns.com/national/rsspromo/img/ Frame FDA8 26 KB
26 KB 21ms
21ms Image
image/jpeg 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ignitecampaigns.com/national/rsspromo/img/bg-holder.jpg
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674D) /
Resource Hash: b11fdc22fde82854efcf3c3094f1588d15da2dcbdc47ef035d7d4c501e7c3342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
last-modified: Tue, 24 Sep 2019 20:13:10 GMT
server: ECS (frb/674D)
age: 321136
etag: "679b-593522a5c9242"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 26523
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-american-idol-whos-left.jpg
townsquare.media/site/204/files/2023/04/ Frame FDA8 11 KB
11 KB 22ms
20ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/204/files/2023/04/attachment-american-idol-whos-left.jpg?w=182&h=90&a=m

Requested by

Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/js/launchrsspromo728x90.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E0) / Express

Resource Hash

c805d1b48cf6d25d781de83b120dc1bea7b555f5e143c78c2bb870549b99e05c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 84583
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 11022
last-modified: Tue, 25 Apr 2023 13:49:30 GMT
server: ECS (frb/67E0)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3981576783 3981004041
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-godilla-kong-new-empire-555.jpg
townsquare.media/site/442/files/2023/04/ Frame FDA8 5 KB
5 KB 23ms
20ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/442/files/2023/04/attachment-godilla-kong-new-empire-555.jpg?w=182&h=90&a=m

Requested by

Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/js/launchrsspromo728x90.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6723) / Express

Resource Hash

5aa78630dee33e3d5cb07644a31ff50f20f1628d82af20dad2ed8ad60b461d13

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 503833
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 4705
last-modified: Thu, 20 Apr 2023 17:22:29 GMT
server: ECS (frb/6723)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3894340444 3894316140
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-garth-brooks-best-living-performer.jpg
townsquare.media/site/204/files/2023/04/ Frame FDA8 11 KB
11 KB 23ms
21ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/204/files/2023/04/attachment-garth-brooks-best-living-performer.jpg?w=182&h=90&a=m

Requested by

Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/js/launchrsspromo728x90.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6772) / Express

Resource Hash

2dd05289f53c79274021a2d0ac30f811a1f1a34b24eaccd2de8517db389bcca9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 781231
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 11466
last-modified: Mon, 17 Apr 2023 21:18:41 GMT
server: ECS (frb/6772)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 59430811 52334731
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-RebaMcEntire.jpg
townsquare.media/site/204/files/2023/04/ Frame FDA8 9 KB
9 KB 24ms
22ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/204/files/2023/04/attachment-RebaMcEntire.jpg?w=182&h=90&a=m

Requested by

Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/js/launchrsspromo728x90.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6725) / Express

Resource Hash

efd207de9c4dcccf1b8703ef2ec14e94fc27ff6ba057f2c23475301108e1236a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 752319
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 8962
last-modified: Mon, 17 Apr 2023 16:27:43 GMT
server: ECS (frb/6725)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3844035441 3841304557
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 Kanye-Boosie-Drake.jpg
townsquare.media/site/812/files/2020/09/ Frame FDA8 10 KB
10 KB 24ms
22ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2020/09/Kanye-Boosie-Drake.jpg?w=182&h=90&a=m

Requested by

Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/js/launchrsspromo728x90.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6794) / Express

Resource Hash

912205200da68b393e709e16e40f045fa853f5cfc87b1d44649464c479eca21f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 26143105
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 10461
last-modified: Sun, 20 Sep 2020 06:47:07 GMT
server: ECS (frb/6794)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 2360597151
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-morgan-wallen-cancelled-concert.jpg
townsquare.media/site/252/files/2023/04/ Frame FDA8 7 KB
7 KB 27ms
25ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/252/files/2023/04/attachment-morgan-wallen-cancelled-concert.jpg?w=182&h=90&a=m

Requested by

Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/js/launchrsspromo728x90.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6713) / Express

Resource Hash

86b6c7137e69aa1157b97b9a04a8c27e1d69ea99ab172a3ba99fde80d104557d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 134985
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 6888
last-modified: Mon, 24 Apr 2023 19:12:48 GMT
server: ECS (frb/6713)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3970939556
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-attachment-black-widow.jpg
townsquare.media/site/442/files/2022/05/ Frame FDA8 6 KB
6 KB 27ms
25ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/442/files/2022/05/attachment-attachment-black-widow.jpg?w=182&h=90&a=m

Requested by

Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/js/launchrsspromo728x90.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6762) / Express

Resource Hash

58e539b6e841c653911af5d9d1112a2c3d976eafbe2fba36c7726289f6920d16

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 143856
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 6460
last-modified: Mon, 24 Apr 2023 23:55:33 GMT
server: ECS (frb/6762)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3970574183 3968943049
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 dr-dre-wife-nicole-young.jpg
townsquare.media/site/812/files/2020/07/ Frame FDA8 8 KB
8 KB 28ms
26ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2020/07/dr-dre-wife-nicole-young.jpg?w=182&h=90&a=m

Requested by

Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/js/launchrsspromo728x90.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6760) / Express

Resource Hash

42a2c0b89530d265acbf8ef5b899c80bb05e8f64bca8100ebe8beba3fc50355d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 26143105
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 7827
last-modified: Mon, 21 Sep 2020 23:09:57 GMT
server: ECS (frb/6760)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 2360597147
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 bobbyshmurda.jpg
townsquare.media/site/812/files/2020/09/ Frame FDA8 12 KB
12 KB 28ms
26ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2020/09/bobbyshmurda.jpg?w=182&h=90&a=m

Requested by

Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/js/launchrsspromo728x90.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6796) / Express

Resource Hash

cfb03552e2aa577b0cdcbaf9e41123c91298ff24ab39082c7eeeff0c3044f860

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 26143105
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 11957
last-modified: Tue, 22 Sep 2020 15:09:28 GMT
server: ECS (frb/6796)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 2360597152
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-taylor-swift-drunk-driver-fan-killed.jpg
townsquare.media/site/252/files/2023/04/ Frame FDA8 7 KB
7 KB 28ms
27ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/252/files/2023/04/attachment-taylor-swift-drunk-driver-fan-killed.jpg?w=182&h=90&a=m

Requested by

Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/js/launchrsspromo728x90.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6793) / Express

Resource Hash

0c5d494cf4551bed318481d3b90b5c702473426884dd234534366193ae2fc986

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 113694
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 7226
last-modified: Tue, 25 Apr 2023 07:07:44 GMT
server: ECS (frb/6793)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3975878893 3975381163
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-1.jpg
townsquare.media/site/442/files/2023/04/ Frame FDA8 8 KB
9 KB 39ms
38ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/442/files/2023/04/attachment-1.jpg?w=182&h=90&a=m

Requested by

Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/js/launchrsspromo728x90.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6713) / Express

Resource Hash

c16fdedbd44ab515b58842e6e361d4c5b6edf25a5e5bf38679bc5066848b4e8d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 82147
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 8652
last-modified: Tue, 25 Apr 2023 15:03:33 GMT
server: ECS (frb/6713)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 199449863
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 attachment-alabama-barker-music-rap.jpg
townsquare.media/site/252/files/2023/04/ Frame FDA8 7 KB
7 KB 40ms
39ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/252/files/2023/04/attachment-alabama-barker-music-rap.jpg?w=182&h=90&a=m

Requested by

Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/js/launchrsspromo728x90.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BE) / Express

Resource Hash

5d09e9453863297b83e0e711591e3d3318c2fdeb996fbfb2af2ab4e21fd9a6c1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 26 Apr 2023 13:52:40 GMT
via: 1.1 varnish
age: 666220
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 6720
last-modified: Tue, 18 Apr 2023 20:49:01 GMT
server: ECS (frb/67BE)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 77329065
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 toc-news.png
ignitecampaigns.com/national/rsspromo/img/728/ Frame FDA8 2 KB
2 KB 23ms
22ms Image
image/png 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ignitecampaigns.com/national/rsspromo/img/728/toc-news.png
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: b8a24f3e109aff90718417efc63938177a82eb2fa442f5153f7366f901de0af8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
last-modified: Tue, 24 Sep 2019 18:37:03 GMT
server: ECS (frb/67F3)
age: 515495
etag: "924-59350d29207f9"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 2340
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 screencrush-news.png
ignitecampaigns.com/national/rsspromo/img/728/ Frame FDA8 2 KB
2 KB 23ms
22ms Image
image/png 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ignitecampaigns.com/national/rsspromo/img/728/screencrush-news.png
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: 34e242e61a72222efa4b63180939a471d51ae36b40131b80f354f95b190a85b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
last-modified: Tue, 24 Sep 2019 20:13:10 GMT
server: ECS (frb/6760)
age: 68373
etag: "826-593522a5c9242"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 2086
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 xxlmag-news.png
ignitecampaigns.com/national/rsspromo/img/728/ Frame FDA8 2 KB
2 KB 23ms
23ms Image
image/png 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ignitecampaigns.com/national/rsspromo/img/728/xxlmag-news.png
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D4) /
Resource Hash: d2a6f45c1a295a6bed64926a2e3a48091dbe8f1f72c3b84659750ead4e65236c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
last-modified: Tue, 24 Sep 2019 18:37:03 GMT
server: ECS (frb/67D4)
age: 550405
etag: "676-59350d29207f9"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 1654
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 popcrush-news.png
ignitecampaigns.com/national/rsspromo/img/728/ Frame FDA8 2 KB
2 KB 23ms
23ms Image
image/png 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ignitecampaigns.com/national/rsspromo/img/728/popcrush-news.png
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: e5fad59e8f1ab819ddf8cdcc565d06e3c0ec28f9411a20a9c59d3bdb068064fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
last-modified: Tue, 24 Sep 2019 18:37:03 GMT
server: ECS (frb/673A)
age: 135421
etag: "7e1-59350d29207f9"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 2017
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 fontello.woff
ignitecampaigns.com/global/fonts/fontello/ Frame FDA8 3 KB
3 KB 24ms
24ms Font
application/font-woff 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ignitecampaigns.com/global/fonts/fontello/fontello.woff?66834837
Requested by: Host: ignitecampaigns.com
URL: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 24380a4865abd76bdaa48660af824856e328f6612b2a9d7caf9a50e1a1baa4a9

Request headers

Referer: https://ignitecampaigns.com/national/rsspromo/css/styles728.css
Origin: https://ignitecampaigns.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
last-modified: Tue, 24 Sep 2019 18:36:56 GMT
server: ECS (frb/6795)
age: 371852
etag: "bbc-59350d235af3c"
x-cache: HIT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-length: 3004
expires: Wed, 26 Apr 2023 13:52:39 GMT

GET
H2 200 like.php Show response
www.facebook.com/v2.8/plugins/ Frame 69CB 0
1 KB 49ms
48ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=184854740153433&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2490c31359b34%26domain%3Duser2.cloudconfigpure.top%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fuser2.cloudconfigpure.top%252Ff15ac4aa307b38%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fxxlmag&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&width=47px

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://user2.cloudconfigpure.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 26 Apr 2023 13:52:40 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: 4/3bowRohi5UXN9koupDo8S05VZ76GRKk/sxgD5C1jxCD/cWZXbdFuf88YbjUvHuEu/MYYygbJqcyZA973ccaQ==
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 70ms
70ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13190b1cd02171fe222aa8a263800460764c9d7731f632c465b59bf194131842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11166
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A761 42 B
64 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEqwXoZEURqO-AuqEfXkpEzL5Wok8is8ifjCDgebe-i2BBiQdbbhFphEeQGA_emv3lCR9VJBPeCyEsiKKQxe4c_8tmXFbsoJIiI3Q3j6oURRcvbO1C&sig=Cg0ArKJSzC8jIEgR_IxlEAE&id=lidar2&mcvt=1003&p=457,1123,712,1423&mtos=0,1003,1003,1003,1003&tos=0,1003,0,0,0&v=20230424&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=2412334268&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682517159735&rpt=201&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 13:52:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:41 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 441D 13 KB
5 KB 20ms
20ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://user2.cloudconfigpure.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6121
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 12:10:40 GMT
expires: Thu, 25 Apr 2024 12:10:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2E95 783 B
533 B 54ms
54ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ce7a40ea7ef5183e704285a1436a18f98369a9cfa0db8c7d87a2dc4adc6e9ece

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-N1w4FyyvAYXwnrcqyJyqfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://user2.cloudconfigpure.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-N1w4FyyvAYXwnrcqyJyqfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 13:52:41 GMT
expires: Wed, 26 Apr 2023 13:52:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js Show response
pagead2.googlesyndication.com/bg/ Frame 441D 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 09:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 09:48:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2E95 0
0 54ms
54ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304200101&jk=1738998216668075&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 441D 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Ui_rng
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 13:52:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304200101&jk=1738998216668075&bg=!IiGlIXXNAAYfNdXmPzU7ADkAdvg8Wtp6GL0WJdv1PqlNj9GcF0KHIGbAe_wWqK8qBKBno9fnp8taBq2tofZVJrXb62XOkfpj-ZwCAAAATlIAAAADaAEHCgCI1LFvb68ECL3kMsTcEJgLxyBjSuJSn0wHKwS-RqgVV-eDM4QQPnMTPHZZj1DeZLcInUWHTnGahH9ExgRECLZ8zAvEMRiF9dHTRG6paJfEX_qgylmhNZNp7eVx2HFLmWBdNIqcGhArdb1LjuJKkpXHkXtj0WSx9Aq0VvC-w2yruumojhl3TU-rdJkC8V8AqqE5-PJg5lp8XZdn5_hYnFLN3HhbqmCTiDqAAFf1VAQTiijpWW7j___H9qFfnNIb-CAi5P5kuuOcwsxzw_25zJF-p0VVUHkBj-gonEc8jt4UTZy2lNNxVxLmqGm2wG-4OB7dL8AAV16nP47tbbcTqdk_CnWrFehi-tYy9EPxLyoxBXybLppSs3BI78duQWvigOy1XImWXGWBSAw-680-ZsiTXgBheJCght5ooNjpSFj_nmW1qnSR-xplYXpy_WvfSK6VAWyqC6IID19eu0jVskesRIGC0-KHT7an-buJo6IxZ1fA6DVd0EzbLs47uKTyycUdzjrA2U_LjhQczUyKifRq7iTd-1O8uXq0y9zFIpy5vjPFmWAouBbEkjyHVVY2OArqqrLKqGknb05eUcJGMvFj3CFHyAqtruX0cITS62Kr2d0M-z0fizK7MxfH3NzRhI1TXIeechKAkRdT0S5gidHjsDwYCkavD4jNEIB-M8wsKhsP8Us4CWr2Rppd88uSZUHoCpmBGIDzapN5hqXGw0msCl29FpW8uar7iueinnKhRn_R-fBU_tJtP2wgLv307QOcBBuKYMbOCTsMSErXlB1rYkKTw9dX49sXSPhkgMYPPtpq02Do_3ZPSvbB81d1vCezz4PF8MztBGQW8Ebt17SVoiTT8344sM6NXg9bxW9LOBN4NalHmUbVkukIwce-8kP345G3IgSM3lSsmE3O6ieAUcRkVDUREbSmlsq24hkVrJyY_gfFY6GRtslWcif7k9zYV0fEj7xLNLodYkQA8Gx8O6CTXj2fkUpxOk2PWK7WsF0hw4r0UcJtNLgpec2DfA2ANkSw4vrfX2KfOaoYEIxXFPY8PROriU6mxcwqAI0frSUs5KHMLa_3go8sv4wZWZXTwM2RRbMr6XcAK4sY9axFd0b2Zq3zK1Dx8Exjpn5TKVO1GWruYIqP5kvlAAjl4vULcJX-O_6pl1_ssheJgr21afBC2UNjEAMEGbAhwQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E466 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssp_JSA_9T90NCAR7b0gTubf67J_a01fHj4pmhIv-ugV7qYIgP1nBZHsxYFg5m4ZeG8iWpnQeuSGBtMvPQ9cJGV6C2bCmGm_wwH98Y-tsOHTbWwQm-H&sig=Cg0ArKJSzDxnKTWVo_TfEAE&id=lidar2&mcvt=1000&p=10,441,100,1169&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230424&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=4035244530&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682517160692&rpt=115&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 13:52:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chunk-8.30fb7753db514c8a76d8.1680626138150.js Show response
user2.cloudconfigpure.top/public/dist/chunks/ 3 KB
2 KB 40ms
39ms Script
application/javascript 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user2.cloudconfigpure.top/public/dist/chunks/chunk-8.30fb7753db514c8a76d8.1680626138150.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.160.200.75.5.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

92bf30ab2eb0584730479c74bc5045115c3b1bc77b6806cbe9699696f04336c2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:43 GMT
content-encoding: gzip
via: 1.1 varnish
age: 63146
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
content-length: 1193
x-device: desktop
last-modified: Tue, 04 Apr 2023 20:16:17 GMT
server: nginx/1.24.0
etag: W/"cdd-1874de9be8f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 3986295812
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:42 GMT

GET
H2 200 chunk-13.f9c1522e8e3ca0f26a86.1680626138150.js Show response
user2.cloudconfigpure.top/public/dist/chunks/ 28 KB
8 KB 38ms
38ms Script
application/javascript 5.75.200.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user2.cloudconfigpure.top/public/dist/chunks/chunk-13.f9c1522e8e3ca0f26a86.1680626138150.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.75.200.160 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.160.200.75.5.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

10bc13d7a3ac8ce57cfac49d276f5286633ce83298efb3e04c69bfb32eee5480

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user2.cloudconfigpure.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 26 Apr 2023 13:52:43 GMT
content-encoding: gzip
via: 1.1 varnish
age: 63095
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
content-length: 7335
x-device: desktop
last-modified: Tue, 04 Apr 2023 20:16:01 GMT
server: nginx/1.24.0
etag: W/"70c2-1874de983a5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 204206660
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Wed, 26 Apr 2023 13:52:42 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 27ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-F4LDPKEEL7&gtm=45je34j0&_p=656611628&cid=26251790.1682517159&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&sid=1682517159&sct=1&seg=0&dl=https%3A%2F%2Fuser2.cloudconfigpure.top%2F&dt=Hip-Hop%20News%2C%20Rap%20Music%20-%20XXL&_s=2
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://user2.cloudconfigpure.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 13:52:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user2.cloudconfigpure.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 25ms
25ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GGT2X929YG&gtm=45je34j0&_p=656611628&cid=26251790.1682517159&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&sid=1682517159&sct=1&seg=0&dl=https%3A%2F%2Fuser2.cloudconfigpure.top%2F&dt=Hip-Hop%20News%2C%20Rap%20Music%20-%20XXL&_s=2
Requested by: Host: user2.cloudconfigpure.top
URL: https://user2.cloudconfigpure.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://user2.cloudconfigpure.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 13:52:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user2.cloudconfigpure.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
user2.cloudconfigpure.top/	1969-12-31 23:59:59	Name: gdpr-source Value: DE
user2.cloudconfigpure.top/	1970-01-20 13:31:33	Name: abgroup Value: A
user2.cloudconfigpure.top/	1970-01-20 11:21:58	Name: cogitoergosum Value: eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI2IEFwciAyMDIzIDEzOjUyOjM4IEdNVCJ9
user2.cloudconfigpure.top/	1970-01-20 12:05:09	Name: connect.sid Value: s%3APp35ti8StMKJmGsVMCP5BazDlWXM6qRh.X5cPAtdGpOIpb2PlcjoGNXiTh2z8K08vja4eXOKL%2Fdo
cdn.production.townsquareblogs.com/	1970-01-20 20:07:33	Name: aleph Value: 504a07d7-20cf-5a4a-a50f-c68571cf927b
.user2.cloudconfigpure.top/	1970-01-20 20:57:57	Name: _ga Value: GA1.3.26251790.1682517159
.user2.cloudconfigpure.top/	1970-01-20 11:23:23	Name: _gid Value: GA1.3.820732858.1682517159
.user2.cloudconfigpure.top/	1970-01-20 11:21:57	Name: _gat_primary Value: 1
user2.cloudconfigpure.top/	1970-01-20 20:57:57	Name: aleph Value: 504a07d7-20cf-5a4a-a50f-c68571cf927b
user2.cloudconfigpure.top/	1970-01-20 20:57:57	Name: aleph-count Value: 1
user2.cloudconfigpure.top/	1969-12-31 23:59:59	Name: blingblocksession Value: 1
.user2.cloudconfigpure.top/	1970-01-20 11:21:57	Name: _gat_UA1150030077 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: DVClgbbNiPI
.cloudconfigpure.top/	1970-01-20 20:57:57	Name: _ga Value: GA1.1.26251790.1682517159
.doubleclick.net/	1970-01-20 20:43:33	Name: IDE Value: AHWqTUliMmjZJIktVGvRriRPS3sxAzKDZMTGC3uCfQ9dPfHi4O-FmpBGnDRCOfLPjac
.doubleclick.net/	1970-01-20 11:21:58	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 11:22:00	Name: DSID Value: NO_DATA
.cloudconfigpure.top/	1970-01-20 20:43:33	Name: __gads Value: ID=b79818564433705f-221b2a2370dc003e:T=1682517159:S=ALNI_MYMDkFnmX1Er5cuke1OpZQyKIKmpw
.cloudconfigpure.top/	1970-01-20 20:43:33	Name: __gpi Value: UID=00000c0ab7524f50:T=1682517159:RT=1682517159:S=ALNI_MYjMFzkz7xzdEsOxdvGylBV8jDcZw
.cloudconfigpure.top/	1970-01-20 20:57:57	Name: _ga_GGT2X929YG Value: GS1.1.1682517159.1.0.1682517160.59.0.0

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://user2.cloudconfigpure.top/styles/desktop/FFF4F4F4 Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	warning	URL: https://doi3unldljdx6.cloudfront.net./script.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://doi3unldljdx6.cloudfront.net./script.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://doi3unldljdx6.cloudfront.net./script.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://doi3unldljdx6.cloudfront.net./script.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

41e55f91de4c086014313d38b1e345c0.safeframe.googlesyndication.com
a.teads.tv
accounts.google.com
action.dstillery.com
action.media6degrees.com
ad-delivery.net
ad.doubleclick.net
adservice.google.com
adservice.google.de
api.rlcdn.com
apis.google.com
as-sec.casalemedia.com
assets.pinterest.com
at.teads.tv
btloader.com
c.amazon-adsystem.com
cdn.ampproject.org
cdn.p-n.io
cdn.production.townsquareblogs.com
cdn.taboola.com
connect.facebook.net
doi3unldljdx6.cloudfront.net.
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.clean.gg
ignitecampaigns.com
js-sec.indexww.com
log.pinterest.com
match.adsrvr.org
pagead2.googlesyndication.com
platform.instagram.com
platform.twitter.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
region1.analytics.google.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
ssl.gstatic.com
stags.bluekai.com
static.solutionshindsight.net
stats.g.doubleclick.net
syndication.twitter.com
townsquare.media
tpc.googlesyndication.com
user2.cloudconfigpure.top
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
www.youtube.com
104.111.217.14
104.111.217.42
104.18.10.47
104.18.25.185
104.244.42.8
104.86.47.65
108.138.1.25
13.32.99.21
13.32.99.91
142.250.181.230
15.197.193.217
151.101.129.44
151.101.64.84
18.66.112.92
192.229.233.181
192.229.233.218
2.18.232.7
2001:4860:4802:32::36
2600:9000:20eb:600:7:7419:8e80:21
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:246
2606:4700:20::ac43:4686
2606:4700::6812:17ea
2a00:1450:4001:801::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:812::2003
2a00:1450:4001:812::200d
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c0a::9a
2a02:2638:3::c
2a02:26f0:6c00:188::1931
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a03:2880:f276:d2:face:b00c:0:43fe
2a03:2880:f276:e8:face:b00c:0:4420
34.120.133.55
34.95.69.49
5.75.200.160
52.7.232.7
05aab08beef56b64bc4f87314e6bca6d5c58095bdec0e704e91c38c21fa69ed2
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07264ff14aec297fb09ddf16cf8351b323cca837da8a4a14fc5ecc2ebac327d2
0783bc3248dc4ea0715958e086f34700de75be411f850dc4ab67a338ea9024be
0932414823f8d8c3384c2749e3558adc72d4208bc4d41aab04ef9396ddbec339
0b835282600fdd110ce58b7cb7af0fe747c2a462ea0bb74df0f1e23a6011d3a0
0c5d494cf4551bed318481d3b90b5c702473426884dd234534366193ae2fc986
0dacf7f7247f1b6636dc614f914202acab702d2cbb0ce1127402dfe8767e810d
0e1070ef03510c03bf072fc9acc862eb3e3bc71cd0079472eb0dc10455e9838a
10bc13d7a3ac8ce57cfac49d276f5286633ce83298efb3e04c69bfb32eee5480
13190b1cd02171fe222aa8a263800460764c9d7731f632c465b59bf194131842
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
155cebe6fd831a4cb16869697357be150fe082c69dfdf1d3700c00f785a27046
16a3bfe731be662392a3344f10561bd3f054ed6435e23fa931fd7b4f3c3cfd50
172d5e558985055f3186609c3c1c776a3e26316aa022773a969a8f7efec2ff8b
17c048bfb0138677a5774ee0301b7858b6d3fa8620fcaf62b6b81a0b5a37996a
185e221bd8c9529a8b382c36fb57986c7e1b000ab5a1cfb2e109a2f6a8959609
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1996f8aa796e4a2d4be6992faa00bbe4a2c2f60ee4f7cad3bd9ad80cea1696f6
1abd6b8374d7864be72f77d5361b5a72aa7154d03b858666bfc62bb06270b3f0
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1bb3a6f5c7777210ad26542fdbeafffef069240a5cd733fc50a4efc1662a44c8
1bb3cf975da752fcd0e56dc12ba5af3b517f2c48477fd6f9208437250e65311c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e20118be99803e64e6b3acf68e6597f3bb41e824c9ad0df68dc568161196b85
20306e08e8f744cf0b6ab924669cef37d9c6c07874c0533e77e955d9d2d1b1b9
2078ed877a9edd20293ab8b8a54ae66029720d36103d3f0b15a55b26344f807e
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
220f32e74cb67aa10c1f2492b1e1bb9cb3410b443ec5be8776d358790061b7ec
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
24380a4865abd76bdaa48660af824856e328f6612b2a9d7caf9a50e1a1baa4a9
2594e42bb0f6644cce4330f718ad72360024056159b5eb979fe4f4cebcd049a8
26f278693a1ac7f7bceb4ca9fd15fb5bfdaf9f4b5507ca3c7a05555cc5983247
28c1898a4ec2cdf4a45897e4fa921cb648ea8fd1a7b005d3c7c6d229f625fed1
29089eadba5807130cfb24959fa976ee2feb045de332e2e4d1d8dff1036593e4
2a19f79bd2859fb1dffdd7c8643dc5e58fc7a9b7fb493d68359f400c420467b3
2dd05289f53c79274021a2d0ac30f811a1f1a34b24eaccd2de8517db389bcca9
3400c27c9329fc2805aa324d61c60db41f90c338450da456b31cde72fd83122c
34e242e61a72222efa4b63180939a471d51ae36b40131b80f354f95b190a85b7
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
3532a807c3416a321a14d2e03f65872f747837a3eb23aa8571304ca6ddc1bec4
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3630435bc7749cf5348d62f1263c0b4042fecb5f251dfd9652ea9b7708753c2f
388900687cb23375bb397d35b5368d2e1f82fe55e951af830a1bf54b6b8607a1
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3a52f6b0feecd9520f5987a3f8a2168ab5c538696fea7c2f7c854d96eca5003b
3b968b519ba81e71589150c32cbd507ed693e95fd908743619690cb119cedbba
3e8568352f38e38097c81b381f34996625088c0063b9cf9e196b7a75c9a164be
3f723025984a9e2977afb73542a3eae55562d07f1787a95c210884f002732dcf
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
3fe2c764810b3870ee166ae09a1d357a125b4ec3af7119d9295f6c066e304287
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
41f817efe6ecccc30fd330b0caa8bab7daf51cc88ac50ffb5b6f04e762c5fb6c
42a2c0b89530d265acbf8ef5b899c80bb05e8f64bca8100ebe8beba3fc50355d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44a48815a007cc60e8ba3bc0dab1f2945a35eb5ac0823baff6cc79ce99fc585b
45ee31bccaead69b046d6c2722245cdd202a761bb6b62f968bc85324fc165727
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
484dcabfc0c1681e08e9620b7eb4f217625a607afaaa14fe32909f029de30100
49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85
4d5c82f398df1f66e659c868f2d8ed9e9c2c75e56b44ba5893871ed09b02c7d2
5007dac1365dd925963e4bc2ff805516823a6d61e200ca67066b8e0b843887be
50b9675ba9574e183a1977c010855d67f334a8c8c16391e33bf7d8e9cbb480c0
50c515c72e352ca7a244a2a8b703c3263f572750928a882b6998921896ab6bab
538443631eacd78989bc09b6369c6733f06412802c57bfa6f61d5aba9f9d20a7
5531d5f00f59227ec399741863a42bd40ab03f940f5c1a25f2e3268c231051a0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5759279142aa4511108413beea4eb4cb27d7e729963ba8bbfebcd95220524fe7
58e539b6e841c653911af5d9d1112a2c3d976eafbe2fba36c7726289f6920d16
594c386db94a8b300053de3bbf4141b3f91897d432fd08a739e60b9edf609483
59aa32157130fa4321b3bd4a33828acb57c124f218f05f0da4e3581828d575e6
5aa78630dee33e3d5cb07644a31ff50f20f1628d82af20dad2ed8ad60b461d13
5d09e9453863297b83e0e711591e3d3318c2fdeb996fbfb2af2ab4e21fd9a6c1
5de74280aef7b518374e262ea176214682f49bb3b7e641c7dbc293ee1b2497be
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62c51f72441e8df1b4fd9a97b8b445bef5604d14061c1db76e09be186ed75e51
64939600191f0e7d591dcf51f5b9b9b2f175ed6c557a23a7f401d746fb02c239
654be1f08e06a93a4374c1797edee4849bcafb900cb1f8f08e06c5cfbb193d76
67ba6907d4538a7b11d378f5768f81a0ced212c65f4422556a642fb7467c68bb
681355e364b09eac068993790470f841a3f7189f63fca4b551f40664036c9e62
6a94cf33712d6fc71fb595d21ef25cfbf16679532755db7b6225770843641bad
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6df1f91380476cae296a8df5b4c1e30aa42ad36e9c33fe6a3fbfa18562b54f59
6f5a74ea4fa94eaadca122239fe4031ac54bc6ccd5dc4324c2751ea86a943124
70e33b2e27728c3bbda82665eff00313bfffbac711153a5ff682f6df7f4a4e1f
712ddc028019f1d024a8bc0632f7672b76d7e54cfc8b5acc56cda98b309e2cc6
7238af85600bbb7aa4d1294639e4d9ffbb85952e267777b3ccd19bfd114381ac
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
756bbfad0e6e42c8ebaa6b363ce3bc33c5fc27f48fe16916b5916aeae3171511
786c928472f1d08c4b781501e54740975e7403962d25174e37b78f41f82e4f4d
789044d8d9bdfb6fe2e807617e576d0ef5de3f275fe7eabe38f502fed3b5fc4a
79159c859ad82bb982f7f91b91d4b50cf81faef5611aca61321908c656ebad6e
7a823b5306feb5da6c4a9479007cc94cf484b3d425bf3b1e1fc28ce84574543a
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7d7293e8ab23697d4f5bd001bd3ede412c7b7ad44dca270d7cb440c5299020b2
7df813f4ff2e2e197aebf420358ff68fa60f852e424d4368e3bedabc5da92a10
7f7a776196b6b210ad2ae5f4070f19193390de89fc3c7cf5d639fdec5be8fc16
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
801aaa495fbdbc4ae4426152fc45aa0191c94002ddc1c0b1405cbe367f914528
8140445bd1600665f8a4178d309883e8d1cc80825f1f5fe3d60429912e4f2a11
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
841529b932c49e34833e7310f8ca85c6b97b5903a5a730f4f81518a9dea3b6ca
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
857bc36c665c935005b92c09e2fc642b7cf15c9877b0a6142113389f53524152
85afe5d6b60132a4c60a797263462587cbedf641bf528a053b9a63753b7a53b8
86b6c7137e69aa1157b97b9a04a8c27e1d69ea99ab172a3ba99fde80d104557d
87164df907b04e7cc17ecf6cc67fc70758df16f4abe9ae99fdbb24ff5d2ff3ca
895957c9d33639c59d5ec67601e8df51cf248d98747c24f90b513d75db695176
8abc450366cfb93e8b3e4ebb09261b3bb0970e59267cc29c6a4f31025e49d843
8da9b971da33391bacf49ffba350fa48557169ebf83e7e8fe9f10807bac196c3
8f2d7c46c4b97eee180ce56426c088860826fe1c28744b908993969214cc97c5
8f927d29b2753948b2e467e35837d58d47f8a1e1c855be21d3f5f64b72f6d94a
90eb99353d967dcf6ecf7e78666a956c2c23f4184e1454b1fc273dc225b45c2c
912205200da68b393e709e16e40f045fa853f5cfc87b1d44649464c479eca21f
916cdfd8c5919cac1afdb512c29fbd1b8df7f08c7c792bba40e1fb72e29fe821
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
92bf30ab2eb0584730479c74bc5045115c3b1bc77b6806cbe9699696f04336c2
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
9708c4f2dc4276a9d09678f7b252a71576bf7e8cd70c7d8fdbe798871da890f3
97975fe93d91fe485166ee97768ae1869d14acdf72d3b98dbeb1e075bc9137d6
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
98d9667d5fa5ff963ae0b644e5faa3d77361e901cdc15f3381da114048f132b3
9930e96b3d019b0fcb982c9bcb88ab70a8005c0cb451120c16b40d19fb37b6e6
9a605947a21374b8b2e4096af924ab7db6c0674770e198281bdbe9b80a9ee01a
9a803e500c6d1af660de5fa54297ac53c60a41fff53373f0240291455f4b5609
9c6023cab00377a76e324c23c6a99fd29716dd5ca0423a7f4127dc9e69438418
9d9b67b63fc03a2ceccac3992894a808436d7b4ea10daf566acf8eaa2e40cffa
a196f509ae2b70238869ae2a7100c6cb1a227051434af6855998c861d373ef83
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6b6497b2ab4ae6431fcb6739feac949bc75bbd4108bac5e26f055ddd65c7dec
a7158b0ea4f182e9658f45c37ecc1da902babf9afa0a3f92f933ea2838e44694
a846220a05f602bdb8899418978032bfae1e835a38f0fb5c4ba94adb080f78da
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ace0b1b00b83a7c6c54da7925cc91c16a62df5f1090cba44f45fac7ad0aca9f4
ae4bd83846293fa33ad76f1fb8228d3334fd5398d44763ffd6d5b15a2f86d510
ae4caa7e5b3aa4d1ae13ba2087d1dc06304e0fb0c9db0687fbf6eeef06b7e968
b11fdc22fde82854efcf3c3094f1588d15da2dcbdc47ef035d7d4c501e7c3342
b1eb50d6a7f3c1512ee599c7f7fe86a695639b3b963b0dfb6684c3f1267901fb
b34867628445d41d349719493990dcafbc94dd5c5a4d383605ae9901c9ca8320
b88a2d7624c6b4dd3b2baf842a77ab5a4e8742dd6f83375ed7a5176d53dab3f7
b8a24f3e109aff90718417efc63938177a82eb2fa442f5153f7366f901de0af8
bde858def7592a69d9f5469720180136dfd5b24f434b486080198a6c2fe417ea
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c1112a1329527e451ddcb914e1665d0eeb29bba8efeb2a0ec648f5e558545e08
c112139a856a1fc373814ff49a7545c322b35d305f180f1a1ed901ca12007617
c1667c72a920bde0decdaf560caf4a4733b0c6ddf5bf41039850adc8d53a1670
c16fdedbd44ab515b58842e6e361d4c5b6edf25a5e5bf38679bc5066848b4e8d
c1f87b6ebedfe2a978cb946c520baf745f8e3a4b47c690f9c7b353a84f7b53ca
c2824338f8de5dcb304f20e8b1c7174d38f381879b4506095ad9e0320f1bb559
c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579
c805d1b48cf6d25d781de83b120dc1bea7b555f5e143c78c2bb870549b99e05c
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
cd882defb22ef2297d82f4bcddaa81f33d3bf510f2cc0538fbc938e674363dab
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
ce7a40ea7ef5183e704285a1436a18f98369a9cfa0db8c7d87a2dc4adc6e9ece
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb03552e2aa577b0cdcbaf9e41123c91298ff24ab39082c7eeeff0c3044f860
d2a6f45c1a295a6bed64926a2e3a48091dbe8f1f72c3b84659750ead4e65236c
d569f42b26450731701e29f400ce9c3c48a8cd7b32aa0784d56e37dd9e7611f0
d624975c75f3d2450943ddb3d1520ef88f24975e62b54535eadc8cc9df2fda9c
d72fcb8924d1e14dbd4b04aff994c1183ee86c620f0aaac034f75fc508548220
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dafbff8de37a2d51439fc88afb4a38e89ae7dc215f6bebb3674ee2bac3398b08
e13e10683b36f8b59db04e4f030826596d4bb7a504b572311233b72fe7b83c05
e23b17dc2c86f30289adee7f0e77dd4bebc47ee1b2a9af6107ceb600af5b70cb
e2439764134f92ee4e6ea8744ed98fd06a99f41ff88b2d823f294c3c82825fc0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e455c9481ab43afb3fe882d539f47ad82eb560651f6c68a99f4dfb8ff4249d88
e5f371d40c21dcaacc4a5aea4a0cda43f48c05d0e59fd71ab9a2d665a9913c89
e5fad59e8f1ab819ddf8cdcc565d06e3c0ec28f9411a20a9c59d3bdb068064fe
e65d3a28754a09032aecc1241551d3a60d9b728b8d3ef8291845d1355e89e383
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e90161544651032b6d7e3cd43d820322b75fc8229b09579811173172e39deb69
ea0cfcdf22f9ea86cdc3ba0296bbb022ce51e4159726069753a95b55746a6fcf
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
eebca01c60b315a6937fea6c94dfaa2b2afcb61cd14cdf7e655cefec2fc32017
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd207de9c4dcccf1b8703ef2ec14e94fc27ff6ba057f2c23475301108e1236a
efda14f9011083c35c05e555316dd820de6d3a8b244ee5a6ae61db3ef422cb34
f0ad8643f4e49bea83eab9421dddb844f347583829600fac0df631be848634a1
f0b31f76007e59f5eeb0a01be04263de8b0d253c13b59612e76cb10d109c28ea
f173bffef77f251b9bea649b2ac1ce118c9b1daf0fc812bf22cba42a3a7bc293
f202d3a6fd36970e94499024216a662dda0e306becd09d014895a6859fe8c7c8
f252844f3a8faba798f4cd4894baf3c7235549c3a8b0f3cfdf8d5840a7cca562
f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4
f401bca92491fd896f975c54d89110ead3e9c561558f6aedacc34b54cde4f45e
f412a3faef885b4166d3d574d858d5ee015481ec36cab5f2db1a2a2711ab613c
f433c7cd7bbf0f6d2766aff1d2cd8b2cd16d831b323cac861bb4aff99eda7dad
f4f014cb74f3b341e5b43171bf87d57f3a7b878653f4a164d966cd6eea535a82
f557eace0ab7f5c416209ea3b01c21e6bb36e52bb87b8e1ddc762c9b4ad2f94f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68c3d70279465c9c546e946c16a3bc82a56dba52d81a6260f4ca0d4a857a00e
f68c8c5b10569e4cfa7a8eb1f137a96a5a6b6623e02e24170d837afe8fe0842e
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f984e705cfbdb209a17650c8ee53c3945e5022064da2750a8b4f4750c8e1537d
fcbaf17d46497729b16ce20fe44941012e7bf9b0f8427df6d2f95e07e8993787
fe43f043237d8db94d7b9413d66fd58fe5df6c6c64d94f4dfb67bd9ef5a9ecb5
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

user2.cloudconfigpure.top Open in urlscan Pro 5.75.200.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

277 Requests

99 %HTTPS

57 %IPv6

40 Domains

55 Subdomains

49 IPs

5 Countries

5481 kBTransfer

12046 kBSize

20 Cookies

61 Outgoing links

Redirected requests

277 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

user2.cloudconfigpure.top Open in urlscan Pro
5.75.200.160 Public Scan

Screenshot
Live screenshot

Full Image

277
Requests

99 %
HTTPS

57 %
IPv6

40
Domains

55
Subdomains

49
IPs

5
Countries

5481 kB
Transfer

12046 kB
Size

20
Cookies

277 HTTP transactions
8 data transactions