www.baixaki.com Open in urlscan Pro
194.126.175.195 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://baixaki.com/
Effective URL:
https://www.baixaki.com/
Submission: On November 24 via manual (November 24th 2021, 7:50:43 pm UTC) from US — Scanned from DE

Summary HTTP 218 Redirects Links 77 Behaviour Indicators

Summary

This website contacted 49 IPs in 9 countries across 33 domains to perform 218 HTTP transactions. The main IP is 194.126.175.195, located in Amsterdam, Netherlands and belongs to HVC-AS, US. The main domain is www.baixaki.com.
TLS certificate: Issued by GlobalSign ECC CloudSSL CA - SHA384 - G3 on October 13th 2021. Valid for: a year.

This is the only time www.baixaki.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	169.45.94.235 169.45.94.235	36351 (SOFTLAYER) (SOFTLAYER)
49	194.126.175.195 194.126.175.195	29802 (HVC-AS) (HVC-AS)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
5	142.250.186.142 142.250.186.142	15169 (GOOGLE) (GOOGLE)
2	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
5	172.217.16.131 172.217.16.131	15169 (GOOGLE) (GOOGLE)
1	13.225.78.103 13.225.78.103	16509 (AMAZON-02) (AMAZON-02)
1 3	13.32.121.37 13.32.121.37	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:786	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.142 142.250.185.142	15169 (GOOGLE) (GOOGLE)
5	2606:4700:20:... 2606:4700:20::681a:1e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:303... 2606:4700:3039::6815:c0b3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:bf3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.193.122 13.224.193.122	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.123 143.204.98.123	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1 7	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
4	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
28	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	185.86.139.58 185.86.139.58	201081 (SMARTADSE...) (SMARTADSERVER)
1	2602:803:c004... 2602:803:c004:200::143	26667 (RUBICONPR...) (RUBICONPROJECT)
4 8	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2606:4700:20:... 2606:4700:20::681a:b19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
5	142.250.186.97 142.250.186.97	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	142.250.185.97 142.250.185.97	15169 (GOOGLE) (GOOGLE)
6	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
6 8	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
4 8	2.20.157.55 2.20.157.55	16625 (AKAMAI-AS) (AKAMAI-AS)
1	216.58.212.134 216.58.212.134	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
4	138.201.135.164 138.201.135.164	24940 (HETZNER-AS) (HETZNER-AS)
1 3	138.201.84.245 138.201.84.245	24940 (HETZNER-AS) (HETZNER-AS)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	46.236.13.147 46.236.13.147	12703 (PULSANT-AS) (PULSANT-AS)
1 2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1	104.92.94.3 104.92.94.3	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	13.225.78.56 13.225.78.56	16509 (AMAZON-02) (AMAZON-02)
2	52.215.101.139 52.215.101.139	16509 (AMAZON-02) (AMAZON-02)
218	49

1 169.45.94.235 (Baton Rouge, United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: eb.5e.2da9.ip4.static.sl-reverse.com

baixaki.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 194.126.175.195 (Amsterdam, Netherlands)

ASN29802 (HVC-AS, US)
PTR: 194-126-175-195.static.hvvc.us

www.baixaki.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.ibxk.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
obj.ibxk.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-103.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.37 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:786 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.unblockia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:1e8 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.goadopt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
disclaimer-api.goadopt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.goadopt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3039::6815:c0b3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
osp-assets.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cookies.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:bf3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-122.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-123.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.228 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.86.139.58 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.33.220.241 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:b19 (United States)

ASN13335 (CLOUDFLARENET, US)

rtb.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net

03c2082887de46441b746706636b926f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:e8 (United States)

ASN13335 (CLOUDFLARENET, US)

disclaimer-api.goadopt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.130 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.20.157.55 (Milan, Italy) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-55.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.134 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f134.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.135.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.84.245 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de

hal900025.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Schwaig, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.92.94.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-94-3.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-56.fra2.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.101.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-101-139.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	googlesyndication.com pagead2.googlesyndication.com 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com tpc.googlesyndication.com	273 KB
39	ibxk.com.br img.ibxk.com.br obj.ibxk.com.br	259 KB
25	doubleclick.net 7 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net 8019191.fls.doubleclick.net	245 KB
11	baixaki.com 1 redirects baixaki.com www.baixaki.com	202 KB
10	google.com 1 redirects fundingchoicesmessages.google.com www.google.com adservice.google.com	12 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com	7 KB
8	adnxs.com 4 redirects ib.adnxs.com	8 KB
7	redintelligence.net 1 redirects hal9000.redintelligence.net hal900025.redintelligence.net	242 KB
6	pn.vg cdn.pn.vg osp-assets.pn.vg cookies.pn.vg api.pn.vg	63 KB
6	goadopt.io tag.goadopt.io disclaimer-api.goadopt.io api.goadopt.io	39 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	96 KB
5	adpone.com rtb.adpone.com	4 KB
5	smartadserver.com prg.smartadserver.com	3 KB
5	google-analytics.com www.google-analytics.com	20 KB
4	googletagservices.com www.googletagservices.com	146 KB
4	google.de www.google.de adservice.google.de	1 KB
3	webgains.io analytics.webgains.io api.webgains.io	51 KB
3	medialead.de 3 redirects pv.medialead.de medialead.de	2 KB
3	2mdn.net s0.2mdn.net	38 KB
3	yahoo.com c2shb.ssp.yahoo.com	10 KB
3	navdmp.com tag.navdmp.com usr.navdmp.com cdn.navdmp.com	5 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	63 KB
3	googletagmanager.com www.googletagmanager.com	132 KB
2	webgains.com track.webgains.com	5 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	awin1.com www.awin1.com	702 B
1	ad-server.eu ad-server.eu	312 B
1	office-partner.de adv.office-partner.de	1 KB
1	media01.eu pb.media01.eu	628 B
1	rubiconproject.com fastlane.rubiconproject.com	4 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	unblockia.com cdn.unblockia.com	23 KB
218	33

	Domain	Requested by
38	img.ibxk.com.br	www.baixaki.com
28	pagead2.googlesyndication.com	cdn.unblockia.com securepubads.g.doubleclick.net 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
22	tpc.googlesyndication.com	securepubads.g.doubleclick.net 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
10	www.baixaki.com	www.baixaki.com cdn.pn.vg
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	ib.adnxs.com	4 redirects obj.ibxk.com.br googleads.g.doubleclick.net
7	www.google.com	1 redirects www.baixaki.com 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	03c2082887de46441b746706636b926f.safeframe.googlesyndication.com www.baixaki.com
5	03c2082887de46441b746706636b926f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	rtb.adpone.com	obj.ibxk.com.br
5	prg.smartadserver.com	obj.ibxk.com.br
5	securepubads.g.doubleclick.net	www.googletagmanager.com securepubads.g.doubleclick.net www.baixaki.com
5	fonts.gstatic.com	fonts.googleapis.com
5	www.google-analytics.com	www.baixaki.com www.googletagmanager.com www.google-analytics.com
4	hal9000.redintelligence.net	03c2082887de46441b746706636b926f.safeframe.googlesyndication.com hal900025.redintelligence.net
4	www.googletagservices.com	03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
3	hal900025.redintelligence.net	1 redirects 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com hal900025.redintelligence.net
3	s0.2mdn.net	www.baixaki.com s0.2mdn.net
3	c2shb.ssp.yahoo.com	obj.ibxk.com.br
3	www.google.de	www.baixaki.com
3	stats.g.doubleclick.net	www.google-analytics.com
3	cdn.pn.vg	www.googletagmanager.com cdn.pn.vg
3	tag.goadopt.io	www.googletagmanager.com tag.goadopt.io
3	sb.scorecardresearch.com	1 redirects www.baixaki.com
3	www.googletagmanager.com	www.baixaki.com www.googletagmanager.com adv.office-partner.de
2	api.webgains.io	analytics.webgains.io
2	8019191.fls.doubleclick.net	1 redirects www.baixaki.com
2	track.webgains.com	www.baixaki.com 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
2	pv.medialead.de	2 redirects
2	adservice.google.com	securepubads.g.doubleclick.net 8019191.fls.doubleclick.net
2	disclaimer-api.goadopt.io	tag.goadopt.io
2	fonts.googleapis.com	www.baixaki.com hal900025.redintelligence.net s0.2mdn.net
1	api.goadopt.io	tag.goadopt.io
1	analytics.webgains.io	track.webgains.com
1	www.awin1.com	03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
1	ad-server.eu	03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
1	medialead.de	1 redirects
1	adv.office-partner.de	hal900025.redintelligence.net
1	pb.media01.eu	hal900025.redintelligence.net
1	googleads4.g.doubleclick.net	www.baixaki.com
1	www.gstatic.com	03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
1	cdn.navdmp.com	tag.navdmp.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	fastlane.rubiconproject.com	obj.ibxk.com.br
1	cdn.jsdelivr.net	obj.ibxk.com.br
1	api.pn.vg	cdn.pn.vg
1	usr.navdmp.com	tag.navdmp.com
1	obj.ibxk.com.br	www.googletagmanager.com
1	cookies.pn.vg	cdn.pn.vg
1	osp-assets.pn.vg	cdn.pn.vg
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	tag.navdmp.com	www.googletagmanager.com
1	fundingchoicesmessages.google.com	www.baixaki.com
1	cdn.unblockia.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	baixaki.com	1 redirects
218	58

This site contains links to these domains. Also see Links.

Domain
nzn.me
www.tecmundo.com.br
comparador.tecmundo.com.br
bit.ly
amzn.to
www.baixaki.com.br
www.megacurioso.com.br
nzn.io
www.clickjogos.com.br
savecoins.app

Subject Issuer	Validity	Valid
azion.com GlobalSign ECC CloudSSL CA - SHA384 - G3	`2021-10-13` - `2022-11-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-13` - `2022-06-12`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
redintelligence.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
adv.office-partner.de R3	`2021-11-07` - `2022-02-05`	3 months	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://www.baixaki.com/
Frame ID: 9263A913035367D0A3364E5F341C3593
Requests: 117 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Frame ID: FABCA9267B42604EA7F2F21E861EE826
Requests: 1 HTTP requests in this frame

Frame: https://cookies.pn.vg/cookie.html
Frame ID: 05D4AD6A537141B493E50C16320F8E8E
Requests: 1 HTTP requests in this frame

Frame: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8B59256544F41901D6EEB251783881F8
Requests: 1 HTTP requests in this frame

Frame: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D2DE986656E2EA03AF8E9B2A1B157C2B
Requests: 17 HTTP requests in this frame

Frame: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B04C223691A59204F778D13472117A9E
Requests: 14 HTTP requests in this frame

Frame: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 21648783331A29DC36A5F7B0D6142068
Requests: 16 HTTP requests in this frame

Frame: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9A62DD7AE154AD5260F2C66065BC5429
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwurZlAEwAQ&v=APEucNX86YuUdj7NSeqepY_ary0ShPpd0y_UKZ_cgxQcF3y2kZbqXAE8thfHf6Q6j_DSTT6P2K8C_yoA63qbEXJHjONYjaGCWDmU6LNOQV3Feo9q_sSI2gqY2Dt5cy1MD5P8T7WRSHLuQrPSunggZ-ReeEJw7eswlDEo5ETodG1tWl_pgJ6Q8Tg
Frame ID: 83E506CEFBDAF375EFDA3642FCEB3E71
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYr8jFlQEwAQ&v=APEucNXZR4Q7RAdA-gXorhrdykflWX4hWEbQde-D_36TzCBoz_bZOOAijptKmka94VmNpTIQ1sKgJSzFoxX7C1jJp9QlQyVWfoeQmQVqY2hXsTbBud6Dn4NsivOZD_-ADGk-Azr9flflsHq-34WjtYh-U5iEJGHM8CFQEF3P_NZnm8SCZYi-Qy8
Frame ID: 4798C799E8974E3377EDC02AFC731D2F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8411C668E635E899328E674F8A00739C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A67D80E7E63976A7AE524110C22F76BB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3018B7C08C3FCF79ADFB17739902B448
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 877753A15174B23901907CDF3734AB9D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6103495451613787474/index.html
Frame ID: 5FE2B2B7202E4A8716FE8B6FED168121
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=70305000151387900710624011788025&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 6CCE12798F6D37BB0979E4D683B4872E
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 3B16D3A2497CE5DF78F08CAD44B618BD
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CNS5xeHisfQCFaofBgAd71MNYw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7247421676296.621
Frame ID: 9D737D35CF826BEA837FCFA37E7B67CA
Requests: 2 HTTP requests in this frame

Frame: https://hal900025.redintelligence.net/request_content.php?s=70305000151387900710624011788025&a=49e2f2d0
Frame ID: 49A865035FE181B30016803C1B1E6140
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2C199174BDB9A8FA3800935AB929B31F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Baixaki - Download and Games

Page URL History Show full URLs

http://baixaki.com/ HTTP 301
https://www.baixaki.com/ Page URL

Page Statistics

218
Requests

94 %
HTTPS

25 %
IPv6

33
Domains

58
Subdomains

49
IPs

9
Countries

1947 kB
Transfer

4714 kB
Size

36
Cookies

77 Outgoing links

These are links going to different origins than the main page.

URL: http://nzn.me/a4190
Title: Send a Tip

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/novidades
Title: News

Search URL Search Domain Scan URL

URL: https://comparador.tecmundo.com.br/?utm_source=baixaki.com.br&utm_medium=menu&utm_campaign=comparador
Title: Phone Finder

Search URL Search Domain Scan URL

URL: https://bit.ly/3qLJk3b

Search URL Search Domain Scan URL

URL: https://amzn.to/3kOkzj4

Search URL Search Domain Scan URL

URL: https://www.baixaki.com.br//top-semanal.htm
Title: Top Downloads Windows

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/mercado/206305-black-friday-tecmundo-te-ajuda-encontrar-promocoes-verdade.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://bit.ly/35JuCPL
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/mercado/146587-produtividade-conheca-melhores-metodos-organizar-trabalho.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.megacurioso.com.br/

Search URL Search Domain Scan URL

URL: https://www.megacurioso.com.br/saude-bem-estar/120477-aquecimento-global-pode-estar-por-tras-de-casos-de-doenca-renal.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.megacurioso.com.br/artes-cultura/120476-brasil-esta-entre-os-15-paises-que-menos-pagam-aos-trabalhadores.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.megacurioso.com.br/ciencia/120475-maceio-entenda-por-que-o-solo-da-cidade-esta-afundando.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.megacurioso.com.br/artes-cultura/120474-globalizacao-sul-coreana-os-bastidores-por-tras-do-sucesso-no-pais.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.megacurioso.com.br/artes-cultura/120473-por-que-travamos-a-lingua-no-trava-lingua.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.megacurioso.com.br/artes-cultura/120472-enem-o-que-a-prova-significa-para-a-populacao-mais-pobre-do-pais.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.megacurioso.com.br/ciencia/120468-cop26-entenda-o-que-deve-mudar-apos-o-evento.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.megacurioso.com.br/ciencia/120466-ilha-com-16-pessoas-batalha-para-nao-sumir-na-alemanha.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.megacurioso.com.br/ciencia/120465-grito-amigo-o-horrivel-som-emitido-por-abelhas-que-preveem-a-ameaca.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.megacurioso.com.br/ciencia/120464-conheca-midas-a-incrivel-gata-com-quatro-orelhas.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.megacurioso.com.br/artes-cultura/120463-irma-dulce-a-santa-brasileira-que-pode-ganhar-feriado-nacional.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.megacurioso.com.br/ciencia/120461-as-origens-e-a-incrivel-historia-da-genetica.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.megacurioso.com.br/ciencia/120459-conheca-o-programa-da-lego-para-incentivar-as-meninas-na-ciencia.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.megacurioso.com.br/ciencia/120462-5-animais-que-comem-seres-humanos.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.megacurioso.com.br/saude-bem-estar/120451-por-que-os-seres-humanos-ainda-possuem-unhas.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/mercado/229337-5-opcoes-notebook-desconto-voce-aproveitar-black-friday.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/minha-serie/229335-netflix-lancamentos-dezembro-2021-streaming.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/voxel/229332-jogos-xbox-80-desconto-black-friday-microsoft.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/seguranca/229319-falhas-chips-mediatek-permitiam-espionar-celulares.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/cultura-geek/229329-matrix-4-teaser-resurrections-cenas-ineditas-filme.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/ciencia/229299-novo-mineral-descoberto-dentro-diamante-africano.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/produto/229315-xiaomi-deve-lancar-programa-kit-reparos-caseiro.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/voxel/229317-street-fighter-6-revelado-2022-indicam-devs.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/minha-serie/229318-gaviao-arqueiro-tudo-estreia-serie-disney-recap.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/voxel/229316-nuuvem-lanca-promocao-black-week-2021-jogos-90-baratos.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/software/229314-whatsapp-permitira-apagar-qualquer-mensagem-7-dias.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/mercado/229313-nft-torna-palavra-2021-dicionario-collins.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/voxel/229271-resident-evil-4-vr-receber-modo-mercernaries-2022.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/voxel/229311-jogos-ps4-midias-fisicas-r-49-amazon.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/produto/229310-apple-adotar-chip-5g-proprio-2023-em-parceria-tsmc.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/voxel

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/voxel/229306-mod-zelda-breath-of-the-wild-desbloqueia-mecanica-queimadura-solar.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/voxel/229301-resident-evil-village-game-ano-golden-joystick-awards.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/voxel/229297-museu-xbox-revela-carta-microsoft-tentando-comprar-nintendo.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/voxel/229247-chrono-cross-misterioso-novo-remake-playstation.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/voxel/229246-desenvolvedora-pokemon-go-avaliada-us-9-bilhoes.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/voxel/229290-ps-plus-dezembro-tem-godfall-mortal-shell-lego-dc-rumor.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/voxel/229289-dragon-ball-the-breakers-tera-beta-fechado-inicio-dezembro.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/voxel/229245-star-citizen-arrecadou-us-400-milhoes-2012.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/voxel/229285-mass-effect-amazon-trabalha-serie-baseada-jogo.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/voxel/229243-xbox-comemora-20-anos-museu-virtual-voce-visitar.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/minha-serie

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/minha-serie/229307-gaviao-arqueiro-elenco-serie-disney-marvel.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/minha-serie/229305-cowboy-bebop-serie-netflix-mudancas-julia.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/minha-serie/229303-roda-tempo-serie-maior-estreia-do-ano-amazon-prime-video.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/minha-serie/229286-profecia-do-inferno-serie-coreana-netflix-critica.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/minha-serie/229273-gaviao-arqueiro-serie-marvel-estreia-disney.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/minha-serie/229236-the-good-doctor-5-temporada-episodio-7-shaun-lea-recap.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/minha-serie/229235-filmes-fox-lancados-tres-streamings-2022.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/minha-serie/229216-cowboy-bebop-atriz-ed-comenta-papel-futuro-personagem.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/minha-serie/229212-supernatural-jensen-ackles-celebra-aniversario-fim-serie-veja.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/minha-serie/229266-cowboy-bebop-ed-2-temporada-serie.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/minha-serie/229259-euphoria-hbo-lanca-teaser-data-lancamento-2-temporada.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/minha-serie/229249-profecia-inferno-diretor-conta-criou-demonios-serie.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/minha-serie/229240-inventando-anna-serie-shonda-rhimes-netflix-trailer.htm
Title: Pub

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/teste-de-velocidade.htm
Title: Internet Speed Test

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/institucional/284-sobre-o-baixaki.htm
Title: About Site

Search URL Search Domain Scan URL

URL: https://nzn.io/termos-de-privacidade
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/institucional/2382-rss-baixaki.htm
Title: RSS

Search URL Search Domain Scan URL

URL: https://nzn.io/
Title: About

Search URL Search Domain Scan URL

URL: https://nzn.io/contato
Title: Advertise

Search URL Search Domain Scan URL

URL: https://nzn.io/jobs
Title: Carrers

Search URL Search Domain Scan URL

URL: https://www.clickjogos.com.br/
Title: Click Jogos

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/the-brief
Title: The Brief

Search URL Search Domain Scan URL

URL: https://www.baixaki.com.br/
Title: Baixaki

Search URL Search Domain Scan URL

URL: https://savecoins.app/
Title: Save Coins

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://baixaki.com/ HTTP 301
https://www.baixaki.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://sb.scorecardresearch.com/b?c1=2&c2=8756095&ns__t=1637783436297&ns_c=UTF-8&cv=3.5&c8=Baixaki%20-%20Download%20and%20Games&c7=https%3A%2F%2Fwww.baixaki.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=8756095&ns__t=1637783436297&ns_c=UTF-8&cv=3.5&c8=Baixaki%20-%20Download%20and%20Games&c7=https%3A%2F%2Fwww.baixaki.com%2F&c9=

Request Chain 156

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOtrc0OUDuXWrFUnQheVm5I&google_cver=1

Request Chain 158

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZ6Xj7jbgvTQ.zj4eLSkuQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAOUtM7D-JyoNkkP8OWjXLk&google_cver=1&google_hm=2

Request Chain 159

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAiIwgl5xMoCsEFZ6_UHjZE&google_cver=1

Request Chain 160

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY1MTMzNzI1ODMyMDAyNDI0Mw%3D%3D

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOtrc0OUDuXWrFUnQheVm5I&google_cver=1

Request Chain 162

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZ6Xj7jbgvTQ.zj4eLSkuQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAOUtM7D-JyoNkkP8OWjXLk&google_cver=1&google_hm=2

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAiIwgl5xMoCsEFZ6_UHjZE&google_cver=1

Request Chain 164

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA4NzM2OTA3Njg1ODExMTA4Nw%3D%3D

Request Chain 189

https://hal900025.redintelligence.net/request.php?zone=ma1tq3l10cm4&nw=20&renderingType=javascript&namespace=d30a0d6f5f&subid=&uid=614d55df724f9f97&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzevtjpeeYdiRB8ik9u8PrvCugAK1zfmDV5zfuavlDPAuEAEgwqbWG2CV4pCCoAfIAQmpAktEnNnTzLI-qAMBqgSEAk_QK0gWpT6GHIp-5_9a9I04eR30z9cYM4JykytoCtyym9_JzLxVCv7FJRqxDB-KYwMbe-52ZxRGKQkuXSufwoIpKZf4WyUuG2_ycp487TMilDwlZHX4wUOnHRhwDn5mojCQFDOlD3jaMJeEvQuk6fCVP_Fb85l3uzlNrnmZGVnhsnqv6kMSKzRRNBPf-C8J76diZXzdtNys2MQXeoH0UlK8W0-at2G_aN5DdTdCrsKYorSiX3UgaWa1xH7hd7Sh5H5q4-ue6ncU6AzZVwgKTwzMgBuxeEFkpQHpguhrPZ0LcEhpl6oMPDksv2_yJqDrqNmSmOzU7NU0MFp866ccDmz-QhtzwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoOUnR45ANGIzgD41U6PX1qPX9vw%26sig%3DAOD64_16K6m_VYTjQw9ivGN7NX7lHGORBA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-C2blkOKwORKDaqGcF8tMUynm3UShyWPVCLxJOV86HHieA-31HB_vin-Mv23i8Njl3hMS4UQx31N85Ay7WOcYAcKECwjQxUUkbVYBreAvijrlNeiONw3z_GaOxXUkMD6Hwd-KZQ3NaIETfaoBnuNtTrIj2CMA%26cry%3D1%26dbm_d%3DAKAmf-DeCw3Tns_nTm9OAgx0Y-8SIP_LyLIzRFyWJ0ANOjUi4Gr_8URzNtSCBLp831_Xmc2IKMTkGfRqmQSrKcvCxGEIgbvj1Trr0ikXrkILFHqkyQbctmcB7aqj0EeZ8hRvlItwmlhAYOAjQujHYsMZ5sRYuneKjl0JR4T42DVyo7maFx_Odo3ONW2LsC32eZUfkzc6Ifg4e3_qIgRRY8TG0-1bWPAszuIKlHcTZ4bUi96DHhMr6BlekliEQ6DEGEMFQS1RxLiJHbFt7WU5bHZXPv8nfmuZBdVW1W7isAhFY8EV3Mh7JcTFvI4SQv9aan6918tTvVI_TvOAdL3iWDwLvbrwtD6EBIh_f4Myu1bzZqnC9QXqprN2-KZ0fEB6S5x4k1DrB2TIaMWhkT6MUwhH50jZ6udIOijEYRQEzdiCs9cbY62Af7CeJq-gkcy4QgDxE3q1FalV%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com&random=1830140073064&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900025.redintelligence.net/request.php?zone=ma1tq3l10cm4&nw=20&renderingType=javascript&namespace=d30a0d6f5f&subid=&uid=614d55df724f9f97&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzevtjpeeYdiRB8ik9u8PrvCugAK1zfmDV5zfuavlDPAuEAEgwqbWG2CV4pCCoAfIAQmpAktEnNnTzLI-qAMBqgSEAk_QK0gWpT6GHIp-5_9a9I04eR30z9cYM4JykytoCtyym9_JzLxVCv7FJRqxDB-KYwMbe-52ZxRGKQkuXSufwoIpKZf4WyUuG2_ycp487TMilDwlZHX4wUOnHRhwDn5mojCQFDOlD3jaMJeEvQuk6fCVP_Fb85l3uzlNrnmZGVnhsnqv6kMSKzRRNBPf-C8J76diZXzdtNys2MQXeoH0UlK8W0-at2G_aN5DdTdCrsKYorSiX3UgaWa1xH7hd7Sh5H5q4-ue6ncU6AzZVwgKTwzMgBuxeEFkpQHpguhrPZ0LcEhpl6oMPDksv2_yJqDrqNmSmOzU7NU0MFp866ccDmz-QhtzwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoOUnR45ANGIzgD41U6PX1qPX9vw%26sig%3DAOD64_16K6m_VYTjQw9ivGN7NX7lHGORBA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-C2blkOKwORKDaqGcF8tMUynm3UShyWPVCLxJOV86HHieA-31HB_vin-Mv23i8Njl3hMS4UQx31N85Ay7WOcYAcKECwjQxUUkbVYBreAvijrlNeiONw3z_GaOxXUkMD6Hwd-KZQ3NaIETfaoBnuNtTrIj2CMA%26cry%3D1%26dbm_d%3DAKAmf-DeCw3Tns_nTm9OAgx0Y-8SIP_LyLIzRFyWJ0ANOjUi4Gr_8URzNtSCBLp831_Xmc2IKMTkGfRqmQSrKcvCxGEIgbvj1Trr0ikXrkILFHqkyQbctmcB7aqj0EeZ8hRvlItwmlhAYOAjQujHYsMZ5sRYuneKjl0JR4T42DVyo7maFx_Odo3ONW2LsC32eZUfkzc6Ifg4e3_qIgRRY8TG0-1bWPAszuIKlHcTZ4bUi96DHhMr6BlekliEQ6DEGEMFQS1RxLiJHbFt7WU5bHZXPv8nfmuZBdVW1W7isAhFY8EV3Mh7JcTFvI4SQv9aan6918tTvVI_TvOAdL3iWDwLvbrwtD6EBIh_f4Myu1bzZqnC9QXqprN2-KZ0fEB6S5x4k1DrB2TIaMWhkT6MUwhH50jZ6udIOijEYRQEzdiCs9cbY62Af7CeJq-gkcy4QgDxE3q1FalV%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com&random=1830140073064&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 192

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=70305000151387900710624011788025&t=htlp HTTP 301
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=70305000151387900710624011788025&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 195

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7247421676296.621 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CNS5xeHisfQCFaofBgAd71MNYw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7247421676296.621

Request Chain 197

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=70305000151387900710624011788025 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=70305000151387900710624011788025 HTTP 301
https://ad-server.eu/wm/pb/native.png

218 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.baixaki.com/
Redirect Chain

http://baixaki.com/
https://www.baixaki.com/

113 KB
18 KB

922ms
406ms

Document
text/html

194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),

Reverse DNS

194-126-175-195.static.hvvc.us

Software

nginx /

Resource Hash

23277fcb3e32c1013186155c3042b6bcc011367775152a496e3bcdf2ac7dfa00

Security Headers

Name	Value
Strict-Transport-Security	max-age=666; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 24 Nov 2021 19:50:30 GMT
content-type: text/html; charset=utf-8
server: nginx
content-encoding: br
vary: Accept-Encoding
x-html-minification-powered-by: WebMarkupMin
strict-transport-security: max-age=666; includeSubDomains
expires: Wed, 24 Nov 2021 19:55:30 GMT
cache-control: max-age=300

Redirect headers

Server: nginx
Date: Wed, 24 Nov 2021 19:50:29 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.baixaki.com/
Strict-Transport-Security: max-age=666; includeSubDomains

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 5209ms
878ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:100,300,400,400i,600,700,800,900

Requested by

Host: www.baixaki.com
URL: https://www.baixaki.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98921e0a39f7da71f2cddc834a3433593eaf06ecda0b17d6497d4bbd1169708c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 19:50:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 24 Nov 2021 19:50:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Nov 2021 19:50:34 GMT

GET
H2 200 application-f74d2e95da.css
www.baixaki.com/assets/ 35 KB
6 KB 15ms
14ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com/assets/application-f74d2e95da.css

Requested by

Host: www.baixaki.com
URL: https://www.baixaki.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),

Reverse DNS

194-126-175-195.static.hvvc.us

Software

nginx /

Resource Hash

996ae9d3dcc9abd08d3a659df788e6a725ea47b665e6b96cf9f664680fa52e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=666; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:30 GMT
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 12:26:40 GMT
server: nginx
etag: W/"1d7bc3fbec18af8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=666; includeSubDomains
expires: Thu, 24 Nov 2022 19:50:30 GMT

GET
H2 200 view-home-index-0593350087.css
www.baixaki.com/assets/ 42 KB
7 KB 16ms
16ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com/assets/view-home-index-0593350087.css

Requested by

Host: www.baixaki.com
URL: https://www.baixaki.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),

Reverse DNS

194-126-175-195.static.hvvc.us

Software

nginx /

Resource Hash

d6ccf97320e8243001a889af66d83d01cbefd89412144c08310e3100828c39c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=666; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:30 GMT
content-encoding: gzip
last-modified: Tue, 09 Nov 2021 20:46:02 GMT
server: nginx
etag: W/"1d7d5aaceb7c65b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=666; includeSubDomains
expires: Thu, 24 Nov 2022 19:50:30 GMT

GET
H2 200 2021111716292.jpg
img.ibxk.com.br/2021/ 25 KB
25 KB 566ms
16ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/2021111716292.jpg?w=500&h=260&mode=crop&scale=both&quality=80
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: f480698abfb1a5c2f689e58239174dc435e4eb24bae80857aeceebac570e0fae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:30 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 25560
expires: Wed, 01 Dec 2021 19:50:30 GMT

GET
H2 200 20211117165147.jpg
img.ibxk.com.br/2021/ 13 KB
13 KB 16ms
16ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/20211117165147.jpg?w=500&h=260&mode=crop&scale=both&quality=80
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: cb4bb6cdd7ee77007c1307310c4d0c4881582a8ca6256f77d5a221fb66ef6219

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:30 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 13309
expires: Wed, 01 Dec 2021 19:50:30 GMT

GET
H2 200 20211117161030.jpg
img.ibxk.com.br/2021/ 19 KB
20 KB 18ms
18ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/20211117161030.jpg?w=500&h=260&mode=crop&scale=both&quality=80
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: a1dc62fa4bfa920c038d700a01519ab337bf390391ba4d49543e566f92bd09e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:30 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 19801
expires: Wed, 01 Dec 2021 19:50:30 GMT

GET
H2 200 20211117145455.jpg
img.ibxk.com.br/2021/ 20 KB
20 KB 17ms
17ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/20211117145455.jpg?w=500&h=260&mode=crop&scale=both&quality=80
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: 3469aada33d3ec0b335ca25955f6ad41dfb06579bd3496246b2dea00fc0e5a08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:30 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 20512
expires: Wed, 01 Dec 2021 19:50:30 GMT

GET
H2 200 20211117181343.jpg
img.ibxk.com.br/2021/ 24 KB
24 KB 15ms
14ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/20211117181343.jpg?w=500&h=260&mode=crop&scale=both&quality=80
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: bd12cc39b3d6baf7d608e13c8be0267ceff0e36e9a23822af33653ca2c54f866

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:30 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 24516
expires: Wed, 01 Dec 2021 19:50:30 GMT

GET
H2 200 runtime-c45c98a933.js Show response
www.baixaki.com/assets/ 1 KB
975 B 15ms
14ms Script
application/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com/assets/runtime-c45c98a933.js

Requested by

Host: www.baixaki.com
URL: https://www.baixaki.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),

Reverse DNS

194-126-175-195.static.hvvc.us

Software

nginx /

Resource Hash

3e7ed3cd536142134dd4b6d5d558bf6b14115a831cb00f65becadf461779fc8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=666; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:30 GMT
content-encoding: gzip
last-modified: Tue, 09 Nov 2021 20:46:01 GMT
server: nginx
etag: W/"1d7d5aace1ecf29"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=666; includeSubDomains
expires: Thu, 24 Nov 2022 19:50:30 GMT

GET
H2 200 vendors-0acb71e65d.js Show response
www.baixaki.com/assets/ 362 KB
117 KB 22ms
22ms Script
application/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com/assets/vendors-0acb71e65d.js

Requested by

Host: www.baixaki.com
URL: https://www.baixaki.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),

Reverse DNS

194-126-175-195.static.hvvc.us

Software

nginx /

Resource Hash

82034ccb611b4999a44de84329924ecf896423c06265f14d908025f2a7b32f06

Security Headers

Name	Value
Strict-Transport-Security	max-age=666; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:30 GMT
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 12:26:40 GMT
server: nginx
etag: W/"1d7bc3fbec4a6c7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=666; includeSubDomains
expires: Thu, 24 Nov 2022 19:50:30 GMT

GET
H2 200 application-3913b6347a.js Show response
www.baixaki.com/assets/ 15 KB
5 KB 17ms
17ms Script
application/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com/assets/application-3913b6347a.js

Requested by

Host: www.baixaki.com
URL: https://www.baixaki.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),

Reverse DNS

194-126-175-195.static.hvvc.us

Software

nginx /

Resource Hash

8e53d6083851baacf7d091d83f14eac9d8b4a04d439e000e788de190c01c9480

Security Headers

Name	Value
Strict-Transport-Security	max-age=666; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:30 GMT
content-encoding: gzip
last-modified: Tue, 09 Nov 2021 20:46:01 GMT
server: nginx
etag: W/"1d7d5aace1ef730"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=666; includeSubDomains
expires: Thu, 24 Nov 2022 19:50:30 GMT

GET
H2 200 view-home-index-b2c6f1b6a4.js Show response
www.baixaki.com/assets/ 6 KB
3 KB 15ms
15ms Script
application/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com/assets/view-home-index-b2c6f1b6a4.js

Requested by

Host: www.baixaki.com
URL: https://www.baixaki.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),

Reverse DNS

194-126-175-195.static.hvvc.us

Software

nginx /

Resource Hash

ead3652ebc434189418c17095f3a2d04cef9b189514878ed17adeed2fd2eca9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=666; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:30 GMT
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 12:26:40 GMT
server: nginx
etag: W/"1d7bc3fbec1186d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=666; includeSubDomains
expires: Thu, 24 Nov 2022 19:50:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 1128ms
39ms Script
text/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.baixaki.com
URL: https://www.baixaki.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2969
date: Wed, 24 Nov 2021 19:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 24 Nov 2021 21:01:07 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 229 KB
71 KB 438ms
55ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MW7GJMX

Requested by

Host: www.baixaki.com
URL: https://www.baixaki.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

56ca2336f6981d00ee046eec1ccab4d7085a8c3fc1ccc52fee13608f4348d0d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72206
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Nov 2021 19:50:36 GMT

GET
H2 200 sprite.svg Show response
www.baixaki.com/assets/ 43 KB
43 KB 15ms
14ms XHR
image/svg+xml 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com/assets/sprite.svg?v=sUkStJti5xhyyx5rL4sDLc65xcqEdhHs2hX4f76hLfE

Requested by

Host: www.baixaki.com
URL: https://www.baixaki.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),

Reverse DNS

194-126-175-195.static.hvvc.us

Software

nginx /

Resource Hash

b14912b49b62e71872cb1e6b2f8b032dceb9c5ca847611ecda15f87fbea12df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=666; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:35 GMT
last-modified: Tue, 09 Nov 2021 20:45:52 GMT
server: nginx
etag: "1d7d5aac8c12aae"
strict-transport-security: max-age=666; includeSubDomains
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 43694
expires: Thu, 24 Nov 2022 19:50:35 GMT

GET
H2 200 pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v8/ 16 KB
17 KB 423ms
38ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v8/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:100,300,400,400i,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

0b125629b135235aea4609c07048a5a7671a9058910b632db5d69a0d09339ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.baixaki.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:17:53 GMT
x-content-type-options: nosniff
age: 178363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16840
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:18:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 22 Nov 2022 18:17:53 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v8/ 17 KB
17 KB 457ms
73ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v8/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:100,300,400,400i,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

abf55d853f3bbe3a244ea8f3b8ed9b4127f028a096fefc942020a3605433d99a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.baixaki.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:17:27 GMT
x-content-type-options: nosniff
age: 59589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17108
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:12:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 03:17:27 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v8/ 17 KB
17 KB 501ms
117ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v8/pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:100,300,400,400i,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

b913028cae336af75686538cf833779bac3d2e42701ac7800415dfe3d32a76d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.baixaki.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:59:39 GMT
x-content-type-options: nosniff
age: 6657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17228
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:12:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 17:59:39 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8WAc5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v8/ 16 KB
17 KB 470ms
86ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v8/pe03MImSLYBIv1o4X1M8cc8WAc5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:100,300,400,400i,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

983e357f89b271ec5b55552dd277c48b7891344bfaf230b5b3126fb0a55c1d69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.baixaki.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:13:54 GMT
x-content-type-options: nosniff
age: 178602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16796
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:12:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 22 Nov 2022 18:13:54 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
fonts.gstatic.com/s/nunitosans/v8/ 17 KB
17 KB 492ms
108ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v8/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:100,300,400,400i,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

7287735cb481be63658ddbb5412092d2539823978d2f4d294da10aaa81e32265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.baixaki.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:23:17 GMT
x-content-type-options: nosniff
age: 95239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17112
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:15:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 17:23:17 GMT

GET
H2 200 SemanaAtual Show response
www.baixaki.com/api/v1/produtos/mais-baixados/windows/ 6 KB
2 KB 168ms
168ms XHR
application/json 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com/api/v1/produtos/mais-baixados/windows/SemanaAtual

Requested by

Host: www.baixaki.com
URL: https://www.baixaki.com/assets/vendors-0acb71e65d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),

Reverse DNS

194-126-175-195.static.hvvc.us

Software

nginx /

Resource Hash

7dc6233e353072438134195252ae4301aee73bf5ea29efdd652218eaf37d8d49

Security Headers

Name	Value
Strict-Transport-Security	max-age=666; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:35 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=150
strict-transport-security: max-age=666; includeSubDomains
expires: Wed, 24 Nov 2021 19:53:05 GMT

GET
H2 200 12170509397280.jpg
img.ibxk.com.br/2019/02/12/ 2 KB
2 KB 15ms
14ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2019/02/12/12170509397280.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: c94196a54ab552bdb2e839ce3699d87460a8d3d5dfd13a94a875de6cd5f5edcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:35 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1918
expires: Wed, 01 Dec 2021 19:50:35 GMT

GET
H2 200 15181524667152.jpg
img.ibxk.com.br/2019/02/15/ 2 KB
2 KB 15ms
14ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2019/02/15/15181524667152.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: 0a5b78349a159e78130db440d69a8f2c132269bb947ab2ba567e088ef27b7abf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:35 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1642
expires: Wed, 01 Dec 2021 19:50:35 GMT

GET
H2 200 26090436451.jpg
img.ibxk.com.br/2013/10/26/ 2 KB
2 KB 15ms
14ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2013/10/26/26090436451.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: 1b12ccc659ca03b3da767d34fb71e594d3a2066cbae3c41588cfb31720d6f40d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:35 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 2128
expires: Wed, 01 Dec 2021 19:50:35 GMT

GET
H2 200 14184126722807.jpg
img.ibxk.com.br/2014/07/14/ 2 KB
2 KB 15ms
14ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2014/07/14/14184126722807.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: cd6140e909b223e1abe42d8ed06168475b4f60ffa5655f23d6dbecbd65bac752

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:35 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1577
expires: Wed, 01 Dec 2021 19:50:35 GMT

GET
H2 200 09092010798021.jpg
img.ibxk.com.br/2014/10/09/ 2 KB
2 KB 16ms
14ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2014/10/09/09092010798021.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: 86866185c7b2df488fc2c3057d721e63a667b38d701cb9d0be1e4fe278d0264e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:35 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1648
expires: Wed, 01 Dec 2021 19:50:35 GMT

GET
H2 200 05103318637233.jpg
img.ibxk.com.br/2015/02/05/ 2 KB
2 KB 16ms
14ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2015/02/05/05103318637233.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: e8f9c8e1c0e23f648c40a928f3396667d3f1807e4e569ab3091826aaa7aebaa1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:35 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1867
expires: Wed, 01 Dec 2021 19:50:35 GMT

GET
H2 200 5130310155854-o.jpg
img.ibxk.com.br/2011/10/programas/ 2 KB
2 KB 23ms
23ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2011/10/programas/5130310155854-o.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: e32922bcf935c6efc8467c084fb5ea586a4649fcaa0d66a7c86fc398bce66528

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:35 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1737
expires: Wed, 01 Dec 2021 19:50:35 GMT

GET
H2 200 26091230663.jpg
img.ibxk.com.br/2013/10/26/ 2 KB
2 KB 23ms
23ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2013/10/26/26091230663.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: b262827f238014835d655f7016aadadebceda90fc2a29dc89ecd268a9278524b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:35 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 2070
expires: Wed, 01 Dec 2021 19:50:35 GMT

GET
H2 200 24114212825194.jpg
img.ibxk.com.br/2014/09/24/ 2 KB
2 KB 23ms
22ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2014/09/24/24114212825194.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: ca6e46a2c9933137b081fbdaf97a1248b05e7f2aca3ba093fe858a07f1e67b2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:35 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1951
expires: Wed, 01 Dec 2021 19:50:35 GMT

GET
H2 200 24174043879197.jpg
img.ibxk.com.br/2020/03/24/ 2 KB
2 KB 22ms
22ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2020/03/24/24174043879197.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: 7be4e9c783a9302f24facb52802ffba55df302f3bfb746f46595482372ff4d54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:35 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1598
expires: Wed, 01 Dec 2021 19:50:35 GMT

GET
H2 200 23105039760175.jpg
img.ibxk.com.br/2021/11/23/ 2 KB
2 KB 15ms
14ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/11/23/23105039760175.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: 3a6253a7c771493544e746819ad8f1fe0b89d16cd3aa1fcb6e0382b3d4dd5b2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:35 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1667
expires: Wed, 01 Dec 2021 19:50:35 GMT

GET
H2 200 17115349061165.jpg
img.ibxk.com.br/2021/11/17/ 2 KB
2 KB 16ms
15ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/11/17/17115349061165.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: 68068b088080b4fb45eb80a51db2f41fef576126c752319e813a3b9805a9148f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:35 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1959
expires: Wed, 01 Dec 2021 19:50:35 GMT

GET
H2 200 16122106683201.jpg
img.ibxk.com.br/2021/11/16/ 2 KB
2 KB 15ms
14ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/11/16/16122106683201.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: 4974a2d038799fe9033087f119ff2f1bab04d248ab121b54703e47abffa7e6ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:35 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1747
expires: Wed, 01 Dec 2021 19:50:35 GMT

GET
H2 200 dragon-ball-the-breakers-16115637477185.jpg
img.ibxk.com.br/2021/11/16/ 2 KB
2 KB 15ms
14ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/11/16/dragon-ball-the-breakers-16115637477185.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: 70632d05edd0300641786d4c908d9ab48a5f9255900d8ccfdddfe17fae1cfe18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:35 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1918
expires: Wed, 01 Dec 2021 19:50:35 GMT

GET
H2 200 05102422811094.jpg
img.ibxk.com.br/2021/11/05/ 1 KB
2 KB 16ms
15ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/11/05/05102422811094.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: 9dcfe61b46d6e4ea186169765f82a083fa369854eefccd6812b06a896f6c404d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:35 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1492
expires: Wed, 01 Dec 2021 19:50:35 GMT

GET
H2 200 21112825421147.jpg
img.ibxk.com.br/2021/10/21/ 2 KB
2 KB 16ms
15ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/10/21/21112825421147.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: e849356207a7e3399c2eb11d210bd7f514101e05acf6a198c4c5702fc53c1ecc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:35 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1692
expires: Wed, 01 Dec 2021 19:50:35 GMT

GET
H2 200 19155308385000.jpg
img.ibxk.com.br/2021/10/19/ 2 KB
2 KB 15ms
14ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/10/19/19155308385000.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: 270ac85deabeb786abc369bf7c1cb955924b91d0230bd0066a1a0ad8a0de6c2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:35 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1843
expires: Wed, 01 Dec 2021 19:50:35 GMT

GET
H2 200 07093405484032.jpg
img.ibxk.com.br/2021/10/07/ 2 KB
2 KB 15ms
14ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/10/07/07093405484032.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: 63d7da1b66ec00382543a1197a1e66792828046cdc5d8c4cd26bca16f4a5eeff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:35 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1662
expires: Wed, 01 Dec 2021 19:50:35 GMT

GET
H2 200 17200703271456.jpg
img.ibxk.com.br/2021/09/17/ 1 KB
2 KB 15ms
14ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/09/17/17200703271456.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: 1e05b72fd7a0a9f78d03485795695bc0a5f9749013e33cca58a43c6041e834b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:35 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1517
expires: Wed, 01 Dec 2021 19:50:35 GMT

GET
H2 200 17195242939455.jpg
img.ibxk.com.br/2021/09/17/ 1 KB
1 KB 15ms
14ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/09/17/17195242939455.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: 9ea7ec188e5175fc2858af542f51bbc3acdb6b7a9ba43c0aa4c75ae830815403

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:35 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1260
expires: Wed, 01 Dec 2021 19:50:35 GMT

GET
H2 200 30174632800359.jpg
img.ibxk.com.br/2021/08/30/ 2 KB
2 KB 15ms
14ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/08/30/30174632800359.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: 14e4e66c3970c3403d6fc0bbe0d44b9c1188e910021e1e8d06bd8ffac4e977cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:36 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1925
expires: Wed, 01 Dec 2021 19:50:36 GMT

GET
H2 200 26174406332512.jpg
img.ibxk.com.br/2021/08/26/ 1 KB
1 KB 15ms
15ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/08/26/26174406332512.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: 73226a3c7e58b2f89a2141139c693719fac2a87539038a9c55a3526da967828c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:36 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1229
expires: Wed, 01 Dec 2021 19:50:36 GMT

GET
H2 200 24122347595250.jpg
img.ibxk.com.br/2021/11/24/ 5 KB
5 KB 17ms
16ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/11/24/24122347595250.jpg?w=248&h=160&mode=crop&scale=both&quality=70
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: d37e94f1214397be3c01268be271768cd7402af8f36e8f8da8a8217a4068e4db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:36 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 5287
expires: Wed, 01 Dec 2021 19:50:36 GMT

GET
H2 200 24115201889191.jpg
img.ibxk.com.br/2021/11/24/ 7 KB
7 KB 17ms
16ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/11/24/24115201889191.jpg?w=248&h=160&mode=crop&scale=both&quality=70
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: 3581cfc6f7a0c428468046001882fb3120d9c91b630ec65558d453b5d6e0e332

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:36 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 6821
expires: Wed, 01 Dec 2021 19:50:36 GMT

GET
H2 200 23165023215558.jpg
img.ibxk.com.br/2021/11/23/ 4 KB
4 KB 17ms
16ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/11/23/23165023215558.jpg?w=248&h=160&mode=crop&scale=both&quality=70
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: dac7f7db9336d9ea8868272a5c7004a247f2399c709536f1da511684052a59fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:36 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 4211
expires: Wed, 01 Dec 2021 19:50:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
61 KB 56ms
55ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KDJP529EVF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MW7GJMX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f49b3a3800479c5633b1b813c16bb65a42f347da46038bd605a03ae882dba1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:36 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61935
x-xss-protection: 0
expires: Wed, 24 Nov 2021 19:50:36 GMT

GET
H2 200 hotjar-592798.js Show response
static.hotjar.com/c/ 4 KB
2 KB 29ms
11ms Script
application/javascript 13.225.78.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-592798.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MW7GJMX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-103.fra2.r.cloudfront.net

Software

Resource Hash

d1638ee8450d1118f0d179554767e8cd77c642654b541e9e9d4b43d7b56f2188

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1912
access-control-allow-origin: *
cache-control: max-age=60
etag: W/07d622f572e13c6896bd33cd92718dbe
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
x-cache-hit: 1
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 1FoiD6td6MlYEzLbZku8u-VHvOhZvVztcpmdrTa5FTqVWIUSeG7yAQ==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 34ms
8ms Script
application/javascript 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:03:22 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 53235
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 814952d19d560b49ff15ad2f71e400d3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: nSm5CChA1NOm5p014dd4O8My-G09Jl1cg_woOqvgwLSMasZtuWmELg==

GET
H2 200 h.js Show response
cdn.unblockia.com/ 124 KB
23 KB 54ms
27ms Script
application/x-javascript 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unblockia.com/h.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MW7GJMX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be1cd4c2520121be59f946c220261a9822a05e98413037fb924f2f5e496d5480

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Nov 2021 10:59:11 GMT
server: cloudflare
age: 3080
etag: W/"a28fcad63c512c54b841bed7299e9b88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ve2Gpqcyf7bSl2smx5TN91hdmKHWbbUB%2FniLUthdsfOruSxTWRe7RkpJb%2BNPM0OB61ZBl2LwEKRDDUfIy1iZgf4u%2FXrMCGWimCsloJBDDD7BpkPx6QpMBHX3UfOmwoPLhI2Qctd1py6jqz3S4BwK"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b352accdccb6934-FRA
x-amz-request-id: 4RWZ4D8VWMW5BFBW
x-amz-id-2: BgLHRmpJSnl+ObH2oSGCKMpcrWn/EVZSmlWH5Q6j9znNoo7DvyXC78+2kHXK8bZw9yYZs2TRZSw=

GET
H2 200 AGSKWxUr544_UYjChl8oSUDt-I6xgN2M-VquQd7vqEnRECxbvcqwVb83nc4sIXCpd_I0mSPwS09rtGG9sIXX1l9Ahnc= Show response
fundingchoicesmessages.google.com/f/ 21 KB
9 KB 458ms
74ms Script
application/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUr544_UYjChl8oSUDt-I6xgN2M-VquQd7vqEnRECxbvcqwVb83nc4sIXCpd_I0mSPwS09rtGG9sIXX1l9Ahnc=

Requested by

Host: www.baixaki.com
URL: https://www.baixaki.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

ESF /

Resource Hash

d57403cadd39b3125488b6615ccd14a2786598b49c87db11f7c000c5c07f8c31

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DMdU/XS4DCqFN5/ikwWkTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-DMdU/XS4DCqFN5/ikwWkTg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-DMdU/XS4DCqFN5/ikwWkTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-DMdU/XS4DCqFN5/ikwWkTg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 injector.js Show response
tag.goadopt.io/ 4 KB
2 KB 60ms
31ms Script
application/javascript 2606:4700:20::681a:1e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.goadopt.io/injector.js?website_code=a8b131a9-d7fb-4185-b074-da8dd2ac7aa8
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MW7GJMX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67f1dcaef5b580ef442ea6fe31b03add877746044929b11b527ec4c6e8a5223b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FN9GBADNSGDJPQWQ4YZJ6KG9
date: Wed, 24 Nov 2021 19:50:36 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"97c82753050ebda169b13d2d15bb1722-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJYDeYr4y9coQrEj%2BwNrqsdarkm4Hm8BjBi0nf0BF4cAw%2BmU04Gh1pMHi9yZsYYvIYSI1x0HW%2BEr5lBBUikjQYQ4%2B4HLoozUchVLDB4F3g6CYrT%2FPCuvmYxRkGKjmCkNkiTY3V28jPk2KN7U"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
cf-ray: 6b352acceced6955-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 5bf881a8-5b79-4aea-b103-91e5386249de.js Show response
cdn.pn.vg/sites/ 2 KB
2 KB 65ms
37ms Script
text/javascript 2606:4700:3039::6815:c0b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/sites/5bf881a8-5b79-4aea-b103-91e5386249de.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MW7GJMX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c0b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ded5d7f9ee1dabd6354378d5c52684ae4779fbfd1c3c96041252a9ad07027524

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:36 GMT
via: 1.1 53fbaa26b3bfb2e5e28a55b0d420ee14.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2374
x-cache: Miss from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 29 Oct 2021 17:20:29 GMT
server: cloudflare
etag: W/"3c4adf2696f59ded016d0e0fd94e01c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGBetqQiiBtWxXE6124x70IQiAqE66i4%2FD6H5NcSQXXjf8vmmS21EgajHSU%2B6bG48ZMA%2ByTheH1lIefnaKe6SVcKi5eFFlhZX8PztjTnC4ogKfIrb%2F9XezNRzbWSWv7rZrw9pzvCBb8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-amz-cf-pop: BRU50-C1
cf-ray: 6b352acce8615c92-FRA
x-amz-cf-id: pBV6cB-o43o_ObIbxHqIqZOlY0Gsb6ncAa17mlybPIjwCzp2dF8ZRQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 150ms
63ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MW7GJMX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1054 / 60 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 24 Nov 2021 19:50:36 GMT

GET
H2 200 tm13767.js Show response
tag.navdmp.com/ 14 KB
5 KB 54ms
25ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm13767.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MW7GJMX
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 536b3ce1074d9b9899aac640bff3eb2d71b98261b19a5f341f3d783320548189

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Sep 2021 18:45:03 GMT
server: cloudflare
age: 3046
etag: W/"6137b32f-3730"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6b352accef9d440d-FRA
content-type: application/javascript
expires: Wed, 24 Nov 2021 19:59:50 GMT

GET
H2 200 modules.376dac12c7cbd03331c3.js Show response
script.hotjar.com/ 226 KB
60 KB 26ms
8ms Script
application/javascript 13.224.193.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.376dac12c7cbd03331c3.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-592798.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-122.fra2.r.cloudfront.net

Software

Resource Hash

762eec26c35697c778960f1348261ead87844a3fb32e847f237cc6fdab697ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 113010
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60634
access-control-allow-origin: *
last-modified: Tue, 23 Nov 2021 12:26:27 GMT
etag: "a104d8caba37d824b6eacd90ef7757da"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 0s1CDtlDNcipP_7c3U_ssd3t1v5Z1AllXFMY60onP4b4-Z8BkC_gWA==

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=8756095&ns__t=1637783436297&ns_c=UTF-8&cv=3.5&c8=Baixaki%20-%20Download%20and%20Games&c7=https%3A%2F%2Fwww.baixaki.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=8756095&ns__t=1637783436297&ns_c=UTF-8&cv=3.5&c8=Baixaki%20-%20Download%20and%20Games&c7=https%3A%2F%2Fwww.baixaki.com%2F&c9=

0
224 B

8ms
8ms

Image
text/plain

13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=8756095&ns__t=1637783436297&ns_c=UTF-8&cv=3.5&c8=Baixaki%20-%20Download%20and%20Games&c7=https%3A%2F%2Fwww.baixaki.com%2F&c9=
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H2
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:36 GMT
via: 1.1 814952d19d560b49ff15ad2f71e400d3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: fvO27n5NG3srQSls5VTr9GtuL9If1mYr3ZxUKOpF91-nOpNXFo0Lmg==
x-cache: Miss from cloudfront

Redirect headers

date: Wed, 24 Nov 2021 19:50:36 GMT
via: 1.1 814952d19d560b49ff15ad2f71e400d3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=8756095&ns__t=1637783436297&ns_c=UTF-8&cv=3.5&c8=Baixaki%20-%20Download%20and%20Games&c7=https%3A%2F%2Fwww.baixaki.com%2F&c9=
content-length: 191
x-amz-cf-id: 09kbUB470c-qjuz69pnsufErRmiomQC8senXo7-nTukonYaUbu8cOQ==

POST
H2 204 collect
www.google-analytics.com/g/ 0
171 B 460ms
78ms Ping
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-KDJP529EVF&gtm=2oeba1&_p=256519956&sr=1600x1200&ul=en-us&cid=1116588821.1637783436&_s=1&dl=https%3A%2F%2Fwww.baixaki.com%2F&dt=Baixaki%20-%20Download%20and%20Games&sid=1637783436&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJP529EVF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baixaki.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-ad575b5823df97fc9725e14a57070642.html Show response
vars.hotjar.com/ Frame FABC 2 KB
1 KB 25ms
7ms Document
text/html 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-592798.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: /
Resource Hash: f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/

Response headers

content-type: text/html
content-length: 1050
date: Tue, 16 Nov 2021 11:16:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "a123045c9cc95cfe44d6b5d126b9f1a7"
last-modified: Tue, 16 Nov 2021 11:15:47 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 9_1xibaPocqUyI9ky751tf21BXwSesrnt755WTv4-QNxIOoc-PeNKQ==
age: 722070

POST
H2 200 get-consent Show response
disclaimer-api.goadopt.io/api/tag/ 141 B
820 B 5947ms
5936ms XHR
application/json 2606:4700:20::681a:1e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://disclaimer-api.goadopt.io/api/tag/get-consent
Requested by: Host: tag.goadopt.io
URL: https://tag.goadopt.io/injector.js?website_code=a8b131a9-d7fb-4185-b074-da8dd2ac7aa8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b4581b3204145d68f054501bfaa02c7bd82b89ffe264e6e878d6a49a9092cbe4

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Nov 2021 19:50:42 GMT
content-encoding: br
vary: Origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
etag: W/"8d-KIAjP9PLVYv0O7nkkMAOKxuFPvY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rluu2gWta44ESCQWP0MgRHgyj7JSYD4IdIQQKvDRp5wYQFlIK1ozh0LDn9siQMqU804x6XTcBKn84tueKkpZLTp%2B1z5HpuiEfRQJWVlyH5D4yDyXFX7a1kca2zQQlNT8kzeDUu3yAXO7r0woqrr81oLcjQypkWA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.baixaki.com
access-control-allow-credentials: true
cf-ray: 6b352acd6e546955-FRA
access-control-allow-headers: Accept,Accept-Charset,Accept-Encoding,Authorization,Content-Type,Cookie,Set-Cookie,User-Agent

GET
H2 200 ilabspush.min.js Show response
cdn.pn.vg/push/ 177 KB
48 KB 38ms
38ms Script
application/javascript 2606:4700:3039::6815:c0b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/ilabspush.min.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/sites/5bf881a8-5b79-4aea-b103-91e5386249de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c0b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be339f8baf147b9c343cea4d6685a909c02f1c1ad17707eba82b30a19f5d20d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:36 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3266
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Nov 2021 14:56:03 GMT
server: cloudflare
etag: W/"f84e396e53447934e53d2fa134468530"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFGo65nVLe4IWPHnjV2j2riCfi4QJOEA7iCKe02ySHAdGXAqdmh2RJtuYXn9lzR40BIWVhMzabo8FrJ%2Fnxv3u%2F6JYc%2BGl3Kzue067VNTSyEIMfuZbdOecnWAyhB8weAuQ9%2F4Fai4Aw8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
x-amz-cf-pop: FRA2-C1
cf-ray: 6b352acd59aa5c92-FRA
x-amz-cf-id: TQrLlDn_EeJekpCMe-zy_89s3UBCNjo4nhmgiZ1ktUW8DoSNXmEycQ==

GET
H2 200 5bf881a8-5b79-4aea-b103-91e5386249de.json Show response
osp-assets.pn.vg/ 21 B
1 KB 65ms
33ms Fetch
application/json 2606:4700:3039::6815:c0b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://osp-assets.pn.vg/5bf881a8-5b79-4aea-b103-91e5386249de.json
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c0b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deb68e16777fefa7c5ab4cefd475b2b9e9afaae5d243535a8eccc89c7fa3c17b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:36 GMT
access-control-allow-methods: GET, HEAD, POST, PUT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2255243
cf-ray: 6b352acdfe6a2bd6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21
x-amz-id-2: rjn+I9Fx/hpAWQ4Cc045f9Lu6xbPnwWy9rE81OEYqJVS/pEJexp35HheZ6+hgE5M5NlOj+0pHPU=
last-modified: Mon, 11 Jan 2021 17:33:48 GMT
server: cloudflare
etag: "7e49c47a75dd2571802e6b32b46a36ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBUUEtopvs7NeX8vYOXGJFGuKIUlwm0k7EnizFR6K%2BReCoKCbNXId0xUuCiD6%2FHIK34b%2BvebZb8XmrANtKXEy3u26mhirQDOKYE82e%2FONC0pbcKjkbCjAdMLhBCuBmp5XEDKCRDqQ3TRWLLsepcj"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: AWB14RX2856DSAG7
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/json

GET
H2 200 pushnews-sw.js Show response
www.baixaki.com/ 62 B
328 B 16ms
16ms XHR
application/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baixaki.com/pushnews-sw.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Microsoft-IIS/10.0 /
Resource Hash: 21943a3c4a4d4574f564cfac429b734cb184f42fa12a12694830d670a16b738c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:36 GMT
content-encoding: gzip
last-modified: Wed, 17 Feb 2021 12:23:18 GMT
server: Microsoft-IIS/10.0
etag: "07f1aac275d71:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 85
expires: Fri, 24 Dec 2021 19:50:36 GMT

GET
H2 200 cookie.html Show response
cookies.pn.vg/ Frame 05D4 5 KB
2 KB 40ms
18ms Document
text/html 2606:4700:3039::6815:c0b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cookies.pn.vg/cookie.html
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c0b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 422341e2b4c8e05aee20cd2a053cc7e58b1b4f6d076f4b3db65f4059106cfa60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/

Response headers

date: Wed, 24 Nov 2021 19:50:36 GMT
content-type: text/html; charset=UTF-8
last-modified: Thu, 12 Aug 2021 17:35:30 GMT
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: I0iIjGOz1oDQop9wM1kApotqTFsuEtF-ildCARw2xkHJwVIKt3lYpA==
age: 1229
cache-control: max-age=14400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQTUQOoRK5GKNv%2F7rMmc9uNiHst3Lh%2F%2BzO77CkYnEjrni4eDxgMAj7VJlLlHwIcPf8I7tZ%2BjuR7aYABkZLN1XMbSnHz%2FWFj5VisV2tnTtZJUrpTd1sSsEEfG%2FwdAZsQqy2jqhs28ivb5OWSB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6b352ace1b7b5c92-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 114ms
66ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 24 Nov 2021 19:50:36 GMT

GET
H2 200 prebid5.6.0.js Show response
obj.ibxk.com.br/prebid/assets/js/ 208 KB
65 KB 985ms
18ms Script
application/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://obj.ibxk.com.br/prebid/assets/js/prebid5.6.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MW7GJMX
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Microsoft-IIS/10.0 /
Resource Hash: 7ff7e40f4d0d93e974e173224fb96cfe5dd926f3994efb60941252ffbd77f643

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:37 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 15:33:36 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=30
accept-ranges: bytes
content-length: 66075
expires: Wed, 24 Nov 2021 19:51:07 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 76 B
309 B 1507ms
1496ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=13767&upd=1&new=1&wst=0&wct=1&dsy=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13767.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a1c949a408384e4b2ce4ace6ba1d1e96a105e2fa6c6eae021ddc48c3a52e13c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Wed, 24 Nov 2021 19:50:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b352ace2c04440d-FRA
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
content-type: application/javascript
expires: Wed, 24 Nov 2021 20:50:37 GMT

GET
H3 200 PushnewsSubscriptionSDK.js Show response
cdn.pn.vg/push/ 33 KB
9 KB 23ms
22ms Script
application/javascript 2606:4700:3039::6815:c0b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/PushnewsSubscriptionSDK.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c0b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4027703b6ec24809845dafad572c3182fc29bca1caf7d14fd2679761bea7179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:36 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 182
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Sep 2021 16:08:12 GMT
server: cloudflare
etag: W/"165dc805c5b6e400b3ef76d1cabc0688"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKQ37MF7woNg%2BfmSsH5KsN89xUc3pkupwnC7XYXDL9GNpG4NU3lUdZwAWxd9YU7umfVZNdLWMW4MrsepbM2AN%2F6hCaNz0MwMBNuxAUOYWHyd47PFi0zeN%2BPUqdvdbw6pgnUl0JUIL%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
x-amz-cf-pop: FRA2-C1
cf-ray: 6b352ace59c73233-FRA
x-amz-cf-id: 2_H3yk_p6JP-SbYRLxsdURzp8VZL0DMHyF6db9633wAs9jut-GcFGg==

GET
H2 200 web Show response
api.pn.vg/api/v1/sync/5bf881a8-5b79-4aea-b103-91e5386249de/ 3 KB
2 KB 160ms
149ms Fetch
application/json 2606:4700:3039::6815:c0b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pn.vg/api/v1/sync/5bf881a8-5b79-4aea-b103-91e5386249de/web
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/PushnewsSubscriptionSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c0b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d73ddca3311b118a245943ce4561cd8e9627a554fca5a1e8a3fb038a9fdc0559

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"c4e-txd5n7iFUprXQBI1yb1EjBV4s0s"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsh7EMUa9lchP6fJr1a9Bca9hiV5lZWyT48MjlSBzX0Q4kO2MqypABjrQlZi1pV79SXDuZekyucGalXrylDu2LKheN2ZNg4CI9nmB5Qm4S%2B9OohCFF5cOK1Ol0JgQdukpzUXfFbjIxc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-exit: success
cf-ray: 6b352ace9f842bd6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
94 B 345ms
44ms XHR
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=256519956&t=pageview&_s=1&dl=https%3A%2F%2Fwww.baixaki.com%2F&ul=en-us&de=UTF-8&dt=Baixaki%20-%20Download%20and%20Games&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAAC~&jid=1644890077&gjid=492186769&cid=1116588821.1637783436&tid=UA-144680-1&_gid=1067975023.1637783437&_r=1&_slc=1&z=142362984

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baixaki.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 344ms
42ms XHR
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=256519956&t=pageview&_s=1&dl=https%3A%2F%2Fwww.baixaki.com%2F&ul=en-us&de=UTF-8&dt=Baixaki%20-%20Download%20and%20Games&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAAC~&jid=134324991&gjid=1141991128&cid=1116588821.1637783436&tid=UA-144680-64&_gid=1067975023.1637783437&_r=1&_slc=1&z=954266799

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baixaki.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 343ms
43ms XHR
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=256519956&t=pageview&_s=1&dl=https%3A%2F%2Fwww.baixaki.com%2F&ul=en-us&de=UTF-8&dt=Baixaki%20-%20Download%20and%20Games&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAAC~&jid=1706484981&gjid=2014881452&cid=1116588821.1637783436&tid=UA-144680-62&_gid=1067975023.1637783437&_r=1&_slc=1&z=1234189374

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baixaki.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-144680-1&cid=1116588821.1637783436&jid=1644890077&gjid=492186769&_gid=1067975023.1637783437&_u=IADAAEAAAAAAAC~&z=1476188241

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 24 Nov 2021 19:50:37 GMT
content-type: text/plain
access-control-allow-origin: https://www.baixaki.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-144680-64&cid=1116588821.1637783436&jid=134324991&gjid=1141991128&_gid=1067975023.1637783437&_u=IADAAEABAAAAAC~&z=1438543923

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 24 Nov 2021 19:50:37 GMT
content-type: text/plain
access-control-allow-origin: https://www.baixaki.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 57ms
20ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-144680-62&cid=1116588821.1637783436&jid=1706484981&gjid=2014881452&_gid=1067975023.1637783437&_u=IADAAEABAAAAAC~&z=989975117

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 24 Nov 2021 19:50:37 GMT
content-type: text/plain
access-control-allow-origin: https://www.baixaki.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 463ms
76ms Image
image/gif 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144680-1&cid=1116588821.1637783436&jid=1644890077&_u=IADAAEAAAAAAAC~&z=542332118

Requested by

Host: www.baixaki.com
URL: https://www.baixaki.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 464ms
77ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144680-1&cid=1116588821.1637783436&jid=1644890077&_u=IADAAEAAAAAAAC~&z=542332118

Requested by

Host: www.baixaki.com
URL: https://www.baixaki.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 461ms
75ms Image
image/gif 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144680-64&cid=1116588821.1637783436&jid=134324991&_u=IADAAEABAAAAAC~&z=1258695861

Requested by

Host: www.baixaki.com
URL: https://www.baixaki.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 464ms
78ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144680-64&cid=1116588821.1637783436&jid=134324991&_u=IADAAEABAAAAAC~&z=1258695861

Requested by

Host: www.baixaki.com
URL: https://www.baixaki.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 460ms
75ms Image
image/gif 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144680-62&cid=1116588821.1637783436&jid=1706484981&_u=IADAAEABAAAAAC~&z=575197378

Requested by

Host: www.baixaki.com
URL: https://www.baixaki.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 461ms
77ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144680-62&cid=1116588821.1637783436&jid=1706484981&_u=IADAAEABAAAAAC~&z=575197378

Requested by

Host: www.baixaki.com
URL: https://www.baixaki.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 1624ms
66ms Fetch
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true

Requested by

Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 19:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 13777962170559167101
vary: Accept-Encoding, Origin
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Wed, 24 Nov 2021 19:50:38 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 46ms
29ms XHR
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211124

Requested by

Host: obj.ibxk.com.br
URL: https://obj.ibxk.com.br/prebid/assets/js/prebid5.6.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99c02df117ddd61aa9ec99a89d6145c18ca62e49bee6c48de0d4bbbdb4977442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Nov 2021 19:50:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17383
x-jsd-version: 1.0.1170
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19153-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"69d-EvGHxNDSLCG+PN2K5Rd1I0ubRNM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6b352ad48ee75c5c-FRA

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
565 B 480ms
372ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: obj.ibxk.com.br
URL: https://obj.ibxk.com.br/prebid/assets/js/prebid5.6.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:37 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b9%3b95
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.baixaki.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 244ms
136ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: obj.ibxk.com.br
URL: https://obj.ibxk.com.br/prebid/assets/js/prebid5.6.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:37 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b16%3b97
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.baixaki.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
567 B 208ms
100ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: obj.ibxk.com.br
URL: https://obj.ibxk.com.br/prebid/assets/js/prebid5.6.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:36 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b10%3b114
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.baixaki.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 301ms
194ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: obj.ibxk.com.br
URL: https://obj.ibxk.com.br/prebid/assets/js/prebid5.6.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:37 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b23%3b90
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.baixaki.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
565 B 243ms
135ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: obj.ibxk.com.br
URL: https://obj.ibxk.com.br/prebid/assets/js/prebid5.6.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:36 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b1%3b81
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.baixaki.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 742 B
4 KB 61ms
12ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14126&site_id=109176&zone_id=725920&size_id=2%3B15%3B10%3B2%3B2&alt_size_ids=55%3B%3B%3B55%2C57%3B55&rf=https%3A%2F%2Fwww.baixaki.com%2F&tk_flint=pbjs_lite_v5.6.0&x_source.tid=589ea9e7-8e11-48f5-92de-9cba0a1430a7%3Be639579a-256b-485f-a1a8-2aad18a60d98%3B0513fdbc-b04b-42be-afdb-915c38c4be2f%3B07e52de7-8239-4060-bcd1-600d06bc4c2b%3Bb8bd2c93-59c0-4a0b-b525-8a18ae4f26c4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=5&rand=0.965660643565871
Requested by: Host: obj.ibxk.com.br
URL: https://obj.ibxk.com.br/prebid/assets/js/prebid5.6.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e5905ae583d23c82b387ad485d391a24ac3929710c1876921d68f6e243f3befb

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 19:50:37 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.baixaki.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 742
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 581 B
995 B 59ms
24ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: obj.ibxk.com.br
URL: https://obj.ibxk.com.br/prebid/assets/js/prebid5.6.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

495719fbc3aeda0709fe864b7c93ff4da4482813256bfa793ade3dba5dc4f579

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 24 Nov 2021 19:50:37 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c033e9bf-8376-4b9d-ae10-af38a5029af7
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.baixaki.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bid-request Show response
rtb.adpone.com/ 761 B
980 B 69ms
43ms XHR
application/json 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=11932918220313
Requested by: Host: obj.ibxk.com.br
URL: https://obj.ibxk.com.br/prebid/assets/js/prebid5.6.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13d4ff41ac9b473675e32d17ee4908d6232af50e07b4bd949da0b80933d0e0e3

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Nov 2021 19:50:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRawGF8mWVGJhXKCm3lT3HlFIuZIJWpft01NB6trcqyTKiCJ794jEdjXngDYHJlVkEoQ20PB8uLU2S7myIsFJQnKx4ks08nL3ZPU7u%2BSsKSr4PKxDGeOeww%2Fd5PyrLWExATNjZCV639zrJ81"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.baixaki.com
access-control-allow-credentials: true
cf-ray: 6b352ad4ae8a6983-FRA

POST
H2 200 bid-request Show response
rtb.adpone.com/ 763 B
718 B 78ms
51ms XHR
application/json 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=11932918145162
Requested by: Host: obj.ibxk.com.br
URL: https://obj.ibxk.com.br/prebid/assets/js/prebid5.6.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd8406712d2f6fdd0bcc0e9e2f0bfac4bb376f901a86b79d0bf4e608a8ac29c

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Nov 2021 19:50:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLzuVZlIctoJOtlNMgApJ98AwMj2XsFPvBywdI%2FcsZ7iyTA0Zk1L51Z%2F4vIuz%2Fxd6lThIyt3jR1uxLYJq6GmqNiH%2BkYQJBL%2Fcd9AlhEWu3VZbuYjLB2PnqSudzVm0jV9M3Z9KCtAeR8Ls4gP"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.baixaki.com
access-control-allow-credentials: true
cf-ray: 6b352ad4ae8c6983-FRA

POST
H2 200 bid-request Show response
rtb.adpone.com/ 762 B
708 B 70ms
43ms XHR
application/json 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=1193291823353
Requested by: Host: obj.ibxk.com.br
URL: https://obj.ibxk.com.br/prebid/assets/js/prebid5.6.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c607a049027d347f353dd49bdee2abd410e130646f2bd35dd4655513fdc73108

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Nov 2021 19:50:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Odf0dnB44zzfZzrIKqXOviv9jduECuKcDX3LnKYoTBeByhcFy6BZYi5dS48IBB%2BmUmWs44UJZ00tR67cG%2FhHD5Fy5JZ6J0K29%2FZWihIQolOwLlNOBpYUOuPcAxm5O5IvTK7rSDdFobcAD5Sr"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.baixaki.com
access-control-allow-credentials: true
cf-ray: 6b352ad4ae8e6983-FRA

POST
H2 200 bid-request Show response
rtb.adpone.com/ 761 B
708 B 77ms
51ms XHR
application/json 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=11932918220313
Requested by: Host: obj.ibxk.com.br
URL: https://obj.ibxk.com.br/prebid/assets/js/prebid5.6.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a751ffb91a071e541515d56f6b20062fbb5b905f33ca5a836de418e57bb25d7

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Nov 2021 19:50:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzCsNw34DtcaBI%2FBQYTrgs2w3%2BYSYYsdfPLbtmjfAg9%2BOuRuPkmHNrzfreDdDnr2k1xqZiIfpCPFUJD79br4sSUEmyNEIUvRnyZ975sGdsTVJ4zMD8o7GT%2FqxA6Z4dt3PiuAilB9XssPXnw1"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.baixaki.com
access-control-allow-credentials: true
cf-ray: 6b352ad4ae916983-FRA

POST
H2 200 bid-request Show response
rtb.adpone.com/ 761 B
713 B 81ms
55ms XHR
application/json 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=11932918220313
Requested by: Host: obj.ibxk.com.br
URL: https://obj.ibxk.com.br/prebid/assets/js/prebid5.6.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21598ab39b4b6f2face56e1a39143ac4feb7fff74a7566b4e170f5214608c2dc

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Nov 2021 19:50:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FSJGumd76mUOcIXM86xWdMLyFutJ73uPoo6ZPCyuIIgqUtvWGkUg3iRej%2B9cjZEj%2F34ky6UjxDyrSbY5TycNx6pvDg7zCDKUBckCEh5q7cZWteptFM09mT7H0rmGuudVDHyOeNM8gfctN7P"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.baixaki.com
access-control-allow-credentials: true
cf-ray: 6b352ad4ae936983-FRA

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 361 B
1 KB 59ms
25ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: obj.ibxk.com.br
URL: https://obj.ibxk.com.br/prebid/assets/js/prebid5.6.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

adbecdb781a8f8ee4ce8d2eb61754505abfc0578213a14bdc1d282888466792c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 19:50:37 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ad42e04d-e4fa-46cb-90e1-9b5d463ea4f3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.baixaki.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 361
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 5 KB
5 KB 158ms
111ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698b40175759a19619f57d7f70109&pos=21615797340&cmd=bid&secure=1
Requested by: Host: obj.ibxk.com.br
URL: https://obj.ibxk.com.br/prebid/assets/js/prebid5.6.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 990c4063146a43a9e2875eed003a8ca9ac814ace25198517d786012e37d82e08

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Nov 2021 19:50:37 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.baixaki.com
access-control-allow-credentials: true
content-length: 4907

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
95 B 130ms
83ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698b40175759a19619f57d7f70109&pos=21615797355&cmd=bid&secure=1
Requested by: Host: obj.ibxk.com.br
URL: https://obj.ibxk.com.br/prebid/assets/js/prebid5.6.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: abd2b091ae391fa4756f822e256e5b0055a36becb60e9774ecfc304a159df0ee

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Nov 2021 19:50:37 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.baixaki.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 5 KB
5 KB 128ms
81ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698b40175759a19619f57d7f70109&pos=21615721987&cmd=bid&secure=1
Requested by: Host: obj.ibxk.com.br
URL: https://obj.ibxk.com.br/prebid/assets/js/prebid5.6.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 1fadea1eb3b1a6d1375ee352f199714863482543338917087c1caea1cde6b8be

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Nov 2021 19:50:37 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.baixaki.com
access-control-allow-credentials: true
content-length: 4879

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 433ms
48ms Script
application/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.baixaki.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 19:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 436ms
52ms Script
application/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.baixaki.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 19:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 296 KB
52 KB 720ms
720ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4113178433184000&correlator=1518810283049386&output=ldjh&impl=fifs&eid=31063812%2C44748552&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211124&iu_parts=36373682%2Cbxk%2Chome%2Cpremium%2Cleaderboard%2Cleaderboard_bottom%2Csquare%2Chalfpage%2Cnative-1%2Cnative-2%2Cnative-3&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F7%2C%2F0%2F1%2F2%2F8%2C%2F0%2F1%2F2%2F9%2C%2F0%2F1%2F2%2F10&prev_iu_szs=1x1%7C800x500%7C1920x750%7C1900x935%7C1920x1080%2C728x90%7C970x90%7C970x250%2C728x90%7C970x90%2C320x50%7C300x250%2C300x600%2C320x50%2C320x50%2C320x50&fluid=0%2C0%2C0%2Cheight%2C0%2Cheight%2Cheight%2Cheight&prev_scp=%7Crefresh%3Dtrue%26hb_format_onemobile%3Dbanner%26hb_size_onemobile%3D728x90%26hb_pb_onemobile%3D0.06%26hb_adid_onemobile%3D41ad2975aeb350c%26hb_bidder_onemobile%3Donemobile%26hb_format_adpone%3Dbanner%26hb_size_adpone%3D728x90%26hb_pb_adpone%3D0.11%26hb_adid_adpone%3D35885a1f3980c24%26hb_bidder_adpone%3Dadpone%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.11%26hb_adid%3D35885a1f3980c24%26hb_bidder%3Dadpone%7Chb_format_adpone%3Dbanner%26hb_size_adpone%3D728x90%26hb_pb_adpone%3D0.11%26hb_adid_adpone%3D38aa2b35e18e0be%26hb_bidder_adpone%3Dadpone%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.11%26hb_adid%3D38aa2b35e18e0be%26hb_bidder%3Dadpone%7Crefresh%3Dtrue%26hb_format_adpone%3Dbanner%26hb_size_adpone%3D300x250%26hb_pb_adpone%3D0.11%26hb_adid_adpone%3D374c751ba56c9a5%26hb_bidder_adpone%3Dadpone%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.11%26hb_adid%3D374c751ba56c9a5%26hb_bidder%3Dadpone%7Crefresh%3Dtrue%26hb_format_onemobile%3Dbanner%26hb_size_onemobile%3D300x600%26hb_pb_onemobile%3D0.04%26hb_adid_onemobile%3D408ca880f475da7%26hb_bidder_onemobile%3Donemobile%26hb_format_adpone%3Dbanner%26hb_size_adpone%3D300x600%26hb_pb_adpone%3D0.11%26hb_adid_adpone%3D36169906d3ed5e9%26hb_bidder_adpone%3Dadpone%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.11%26hb_adid%3D36169906d3ed5e9%26hb_bidder%3Dadpone%7C%7C%7C&eri=1&cust_params=referer%3Dhttps%253A%252F%252Fwww.baixaki.com%252F%26baixaki-versao%3Dbeta&cookie_enabled=1&bc=31&abxe=1&lmt=1637783438&dt=1637783438025&dlt=1637783430115&idt=6580&frm=20&biw=1600&bih=1200&oid=2&adxs=400%2C436%2C436%2C1030%2C1030%2C245%2C-9%2C-9&adys=0%2C140%2C2526%2C721%2C1860%2C833%2C-9%2C-9&adks=1887460086%2C3767517223%2C3201078989%2C1135348589%2C2545113024%2C1821407723%2C1484760400%2C2708633036&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.baixaki.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1%7C1600x51%7C1600x4483%7C379x527%7C379x666%7C730x502%7C0x-1%7C0x-1&msz=1600x-1%7C1600x51%7C1600x25%7C349x25%7C349x25%7C730x0%7C0x-1%7C0x-1&ga_vid=1116588821.1637783436&ga_sid=1637783438&ga_hid=256519956&ga_fc=true&fws=516%2C4%2C4%2C4%2C4%2C4%2C2%2C2&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C0%2C0&btvi=0%7C0%7C1%7C0%7C2%7C0%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

b25841379137040a3f9cbad54fbe07eaa67885d83534bec03c4cff28483fc816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53562
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-1,-1,-2,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,-1,-1,-2,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.baixaki.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8B59 6 KB
4 KB 455ms
46ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 24 Nov 2021 19:50:38 GMT
expires: Thu, 24 Nov 2022 19:50:38 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
101 B 175ms
165ms Script
application/x-javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=fc184bef137cc3a137f52018109&acc=13767&url=https%3A//www.baixaki.com/&tit=Baixaki%20-%20Download%20and%20Games&h1=Baixaki
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13767.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b352ad7d92b440d-FRA
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 448ms
57ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

3e96f47324fd2fcb535ba6df08f92adcae94c013a4ce777b0d8f92c48cf32ea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 19:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9115
x-xss-protection: 0

GET
H3 200 bundle.css
tag.goadopt.io/ 8 KB
3 KB 127ms
65ms Stylesheet
text/css 2606:4700:20::681a:1e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.goadopt.io/bundle.css
Requested by: Host: tag.goadopt.io
URL: https://tag.goadopt.io/injector.js?website_code=a8b131a9-d7fb-4185-b074-da8dd2ac7aa8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b33fed249bc29500fb7ddc52c59a97853f5d26827efd3e6a60cff498c361acf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FN9J9CP428TDGXFFW0DVM39H
date: Wed, 24 Nov 2021 19:50:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5985
cf-polished: origSize=8681
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"3e2e44f2cc25d212fa814d95320eb07e-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLQPopFue4NKS28nNd07URVMnBeKINPPjKubSbR0bB%2BId3oHG8CkLXxZ6us%2FkJoyRKZKMSpxwMXxPvjc966VVnY7X9jagLytCg%2B5Ije6EljV7Vt0Ku3kuUH1WMSf8wtwrQ3UPnS5cgKRJbH1"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
cf-ray: 6b352adb880ed6b5-FRA

GET
H3 200 bundle.js Show response
tag.goadopt.io/ 110 KB
31 KB 128ms
66ms Script
application/javascript 2606:4700:20::681a:1e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.goadopt.io/bundle.js
Requested by: Host: tag.goadopt.io
URL: https://tag.goadopt.io/injector.js?website_code=a8b131a9-d7fb-4185-b074-da8dd2ac7aa8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3220bdbb5cf48d81013c277796e9cb2704055cbed0b66c15b490467f13ab702e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FN9J9DD2WFYS97TD36JQNKHB
date: Wed, 24 Nov 2021 19:50:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5984
cf-polished: origSize=112850
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"0df4d6463d9b94899f3abee05c9c0037-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8UHrVddg2ZyJuDaErHWe6YDcoszYYSbvVw22S%2BU9DpOmiXdD7gLQXqxvx6Tfm2ijzDqLDbVyBBGmr3AMyn%2FI6MGWvqDJnYJvMa%2BBcjkr5grHEcrhRCXnuWs8qB%2FAFpqrfJYpIgXsjY%2BcDs2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
cf-ray: 6b352adb8814d6b5-FRA

GET
H2 200 16102135074035.jpg
img.ibxk.com.br/2021/07/16/ 2 KB
2 KB 15ms
14ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/07/16/16102135074035.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: 40f77602cce461772027e6e98d40af64aac49cc68662cc5de14433cbfbac42a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:38 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1831
expires: Wed, 01 Dec 2021 19:50:38 GMT

GET
H2 200 14143822139296.jpg
img.ibxk.com.br/2021/07/14/ 2 KB
2 KB 15ms
15ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/07/14/14143822139296.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: ce90877b2e60d00ce3fb934aae8c27b560528face8114bdc6bbbaa26d787b5aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:38 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1602
expires: Wed, 01 Dec 2021 19:50:38 GMT

GET
H2 200 14111142361164.jpg
img.ibxk.com.br/2021/07/14/ 1 KB
2 KB 15ms
15ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/07/14/14111142361164.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: 5ab2448d1392d7506b0a580fc0610bd0fd415d0cd3d95ccbd71ab889511ebaf4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:38 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1500
expires: Wed, 01 Dec 2021 19:50:38 GMT

GET
H2 200 13172105044391.jpg
img.ibxk.com.br/2021/05/13/ 2 KB
2 KB 16ms
15ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/05/13/13172105044391.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: 3f85f523f24f28d3c0a2dcb318677a161ec6ee58403b7fd5fa26e7387e79f18f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:38 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1944
expires: Wed, 01 Dec 2021 19:50:38 GMT

GET
H2 200 dragon-ball-the-breakers-16115637477185.jpg
img.ibxk.com.br/2021/11/16/ 11 KB
12 KB 16ms
16ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/11/16/dragon-ball-the-breakers-16115637477185.jpg?w=367&h=200&mode=crop&scale=both&quality=70
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: afdccdc84af8780206f1a3064b8ff843c6d63cbaf9498fec058d34636322c335

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:38 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 11737
expires: Wed, 01 Dec 2021 19:50:38 GMT

GET
H2 200 08172118523314.jpg
img.ibxk.com.br/2021/04/08/ 12 KB
12 KB 16ms
16ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/04/08/08172118523314.jpg?w=367&h=200&mode=crop&scale=both&quality=70
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: b80ff2abe3c49e79e4c1fb06f52af25002bb714c2d69fa9391a87dd7c17e5fd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:38 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 11811
expires: Wed, 01 Dec 2021 19:50:38 GMT

GET
H2 200 container.html Show response
03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D2DE 6 KB
3 KB 341ms
39ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 24 Nov 2021 19:50:38 GMT
expires: Thu, 24 Nov 2022 19:50:38 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B04C 6 KB
3 KB 339ms
38ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 24 Nov 2021 19:50:38 GMT
expires: Thu, 24 Nov 2022 19:50:38 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2164 6 KB
3 KB 340ms
38ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 24 Nov 2021 19:50:38 GMT
expires: Thu, 24 Nov 2022 19:50:38 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9A62 6 KB
3 KB 341ms
41ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 24 Nov 2021 19:50:38 GMT
expires: Thu, 24 Nov 2022 19:50:38 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 a8b131a9-d7fb-4185-b074-da8dd2ac7aa8 Show response
disclaimer-api.goadopt.io/api/tag/disclaimer-info/ 5 KB
3 KB 87ms
69ms XHR
application/json 2606:4700:20::681a:e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://disclaimer-api.goadopt.io/api/tag/disclaimer-info/a8b131a9-d7fb-4185-b074-da8dd2ac7aa8
Requested by: Host: tag.goadopt.io
URL: https://tag.goadopt.io/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a0229a19df04da6211d8b995d82e684e3df36d0a5662750db777a91e7f8e1426

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Nov 2021 19:50:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20748
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
etag: W/"1338-cbuOF8/MBJwWeoT7YR7xIooF/uA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opU47%2FlIDG9KL5PJZkJ1lbP5x1y%2FtEByeau5aS7nOfPENxFaO3HAuExBqLarCHM3vJX3vLIEREbNKmacqmPIDE3hgh6f%2FaHJU91lbWru7N1t%2FkFMmZUZJjix7bt4zAjNM21iSCmEZe18La8FItec%2FeOGFGLe08o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6b352adcade7c2fe-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 513ms
124ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 24 Nov 2021 19:50:39 GMT

GET
H2 200 18170301954291.jpg
img.ibxk.com.br/2021/06/18/ 1 KB
2 KB 15ms
14ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/06/18/18170301954291.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: f813f230d0fd4b1daaedbad4a8b9dac3c94124d1b24cbb60153cdc9561b7d6bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:38 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1460
expires: Wed, 01 Dec 2021 19:50:38 GMT

GET
H2 200 11170000430373.jpg
img.ibxk.com.br/2021/05/11/ 2 KB
2 KB 15ms
15ms Image
image/jpeg 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2021/05/11/11170000430373.jpg?w=45&h=45&mode=crop&scale=both&quality=90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.6.0 /
Resource Hash: c45ed15bba60ffcc5b1191a168cd2b438454aa77f8cb02ba97c3734b4333baef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:38 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 1624
expires: Wed, 01 Dec 2021 19:50:38 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 83E5 624 B
559 B 439ms
52ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwurZlAEwAQ&v=APEucNX86YuUdj7NSeqepY_ary0ShPpd0y_UKZ_cgxQcF3y2kZbqXAE8thfHf6Q6j_DSTT6P2K8C_yoA63qbEXJHjONYjaGCWDmU6LNOQV3Feo9q_sSI2gqY2Dt5cy1MD5P8T7WRSHLuQrPSunggZ-ReeEJw7eswlDEo5ETodG1tWl_pgJ6Q8Tg

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 24 Nov 2021 19:50:39 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 24 Nov 2021 19:50:39 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D2DE 71 KB
30 KB 512ms
127ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AVu7S8IzGM1dBmOjV_NfLwan16pmJNumrxa6imRx69VCacvqwT1JZ_GrUtkIJkeMs9-SDZdM0XtF1yJavaro1b5T02oyqKq9mvqwadMOwUOS28IYd7ZFuOmkoXVWbfIdsM8Pe--9mXdan0mzFKpewPAgE6rA&dbm_d=AKAmf-D9UOu4YwCklRRbq3Je9R6PDfJbz9ujYXW_-Sb4_ovy7G7N3kcP3Xx0kMIYRzi9mHfhc6UnCkCmIyQXXvx5GRKLhRxoJ_1knlzizA4oy5MwzbxAPf5XOvf0ZVay5Pvgkzd0_mb8vp6s7mmd6VyKoj1GEY-Bh49-Sv-Wh-avq5rA_1hUBsAIeEJB2a8UNUYL5CIKuBVCWw_9yetzmE118MS0Xa_sL1rewKiMr_kH-oo85LFtbS7_xFlSQaGMj3D6s2pxNxFyQqPNmJzyyYzZEjHxVA3TxGdZmIIIEh748o2iursrRZOq_mDLYSc28ym01c7TlPG6OIx_p5xf9TiUyBUEPN73UbrbOx3irQbH-Ij7M2rrqN2EJjC_GE9gAekrfk61AFqoBy1chmVG46ZzXb-YRYSl8pZqQXBnC8e6XhXttMrCrUrklwSbDpwcMvnVt8CJ32_gZ6S_BOVuEfLacIAiwRwZkq5CAo8i1-e8dwhKDMcY5zD0HsNKJx9jL7-16wAmX7DT7jCPpEhoOnECEH7esXdf0Aku-_FztcCjZPoZ-cKcz8Dx5XYuFhQAkGDHxIQAuwDdCi3vbcdLWvkIIr_rmg3X6J9MUu1WR5R7_VOMT0D3mk5379Hq3ff86FFqYOBeX8mI2WyXWrtp0UQThEvh1xqFMCAmSmKgd7BVG4dAxL5YsW_SneWtcg4rED6bL6lLoKfFrUuPWyd3eXN3u4nh-wFZ0WoV4AVacWz8dBXeczLJbZHAoAuXH9x5rzfR4DdcSWAovN-j4pRIsdhfM1SkHyNl4zYrDrsg1S-vmElxujwVqhlnkf41tbuq6IPY-cAl1oD5aYd7GXAXL9s5Fyx0Msw96yjM91GsVh-nSdzjn3F1EVWQQLu7Ow4IDAZzWSauvJTJOOqiiPi-oAjp0yjH85RaHvorTWLvibXi4HQ7flm4tvC1qIOkoUz7tf56_oIuCskKGrOGdCfqnuVkXKPecfCiB5NqZNgdv2IucUcfyQ-moGoHY2Xwtog9bIpOHzkcBXO7C5RXRJwiBVrZE4rgVz2zmP4OmptvF1aRM7GFyw0DdGcKa8TDgfR5QTqOOMXYIMdhrDVwcHjo8rf73VAMpnwH58BtTtTPbW7Mu7AOFlGJjG45j-c-x9NMDrIS4s_eXdqqlCWJyz43nZ1wbgnWLyVMDNykzbU7xNF8xWWTvhQuZpUDXG4h7dMwu3DcAmR2XF9DjZ8E1kctYOF1g8LwSWSbtoNxfrAGIr6GeY3MkNDct9_NoZTzxGLagmIOHowDhJxf5xT32xhymnaSPff-PAVTLRtulnJc6e0xDNwvpizqxndQ2ssaCwGOTAEyQM8RPunKbiHrG_9_s0K7mejpYSksw4ZxBFNFlHC9KF5lB_oobGfBlQMYOquS9m1nngeKOj9hBWvIEx6CE00B9AEikviT2H0kT4dTTAuUyU2KbMRE6F5vZ32BSNsxo538FtDqF9dNdlsfI-Mykyq67Sk55_WooYCDMkVx-7pAIQZ49djX-6R94kbBY_-EAqXj9CZVAay3s13MLhwuwuVmKja89BI0Meb3t2FhXpojrGBZ_aMxTp-9SGdgTEaXWK3SFtChI5FYFbuLGN-n-xZ-c8UaqUdn0SFcscoj1_92LGsZXpHfCo711fdX40u5a1Lfbj9K4PRLYwlEIEiOf7V0JLd7c0WhRiNdPJiDV63dIA9VWGXQih9k1S1RUaovwXDTqCiYTPqcql4xFzTALbl7DscYwSqV-UH7_Sy_NQ_dEaYBih5DdrjeBu-v-JgaGAfUTW4TqvYWgYPxM0VyZgREQ35YBkZ817_fe8GQ1A2ABGFRkhvR-uORUMc-8HvA4V2NiP78DTglDiJv3NXBD1WyUusQe_jkqmU98Ee3T3pusW3dbUr8M5X77ArVKndXeojqOyZgo_TgNb3vHjIZkp_WuWu8mcV3_17Y3P7_N3TBZRfdDumX91TFlOxi-ZEuewyoj_kAqfExxN_IYZepwSHEUMu3QPfJZZkRWEnw-WtITklvyD0oUN6gmvRX_2B3hlVaJZ3hVe9ChWfMs4cB-QfrZceCX5XIIyPudpTOFELdSRWbJIGQ5RU4aOe5HPXDOm_76uzfiSR_OuSDtmrR-oZ5CwVYNEXbueAToBRcQjHgwzjyUNGBjPsrMp2Ha83ctt3tjzQ5sfrgLqXPOOz3xy5JLxaSJOEBCVQvb0ESrXxT_8BearGHRVwAxx2tS_YkEwIZv9feRC3y-j0QomVR01T_uK5UEa8sYYNbTZE_9S5hV55m0SV80dW2vUantTD2xAXeuw0WwW9D7q7ZphYpNSuZKGCc9zk6NUMiSzJBrE5Pnb06gkjBp_XwxOwNIGMbI25C-bC9F-crexl0ranP7ltG4q00J-uGehM9FWV4VdloPCNsAXeh-bkxGhs9CGlk_EoEJLxlw5YT9_TxDMBaTYIi7PGZWk8seENdvXrofslI83B9SRob0bGj_alp4ZYcLGO3X-siRaYqXUJ-2fNlZ43Lg8ki6UCj4DIrVjYMHX9_lhe4UspGi_qsoqlAgPP8EoYsI0KQkD7ZZOYrNSjyf926uFtePZoxr9E9hcG9a1EZtQpXHrOICJ4uO8jSyIi1sRj1U1rZhCW9mtsMS3nWT_ZE-cBmTMIEmXzkolfmTM5Yc0AgoySzR3RXEsjp_LD5oDScXkrUhHJzCnV1_gLMXD8L_LVhamcLmaroP_yoh5UROtyABtLbLX6ukifKLamNPYjWgBj0GOAEghU7wpKtQn2LpvOXFJ8zB957srlI79nqJNGNufPvehUUaLm_sFX4wTKsu62CfiXTF6EXgSwuUyA9xfTXAaUk3pbw-8X-dpIGVnSuzBUYoLq-Xvs7QLaeomig1_We5KhFyTDT9o-6gXabT1_didr12yR1YKmIYlwXHBP0FKVZyZhrv4AbuB_gumVwhTdG7zuaj6pFMcg242RaUfMBM7cXlaBRRXB2MpfjoL8z7FKJjaop7-GPEUx5KL570rxjV0ZK9KTO3bu5Og4JXwPYUOvW6Ve7sznwg3drEhyRSgeF_sz4bebsILNmulkFc-wFn1I96utX1HQEmq4qA1fu78v8Wflt1SVH23nTQaW7kdNAk5ubrHeGE0IEb7QO9vrK_2-yDHRtcSXhDjf2xKXDgPYNKpDhAW3CaB-G-SXTWdM8UXCjvRipnKYR7gcFqB4vMhgO_wdv6WqAgsvPEv7R7i0OAQ&cid=CAASFeRoqfM9n1iArNp0n14srztwBZP-Tw&rfl=1%2Chttps%253A%252F%252Fwww.baixaki.com%252F%240

Requested by

Host: www.baixaki.com
URL: https://www.baixaki.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

5180c68d4bee59d9e1561bcb666c6b7ef224bef08bcfc114f7bb96dd11728f2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30739
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D2DE 42 B
173 B 1121ms
95ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ABAz9x25Qqcur373NhFVQAPYuG0JooyYE2Cp5Atv3-g8oWnl_t4wrA6SjcMWBcWdBmPwxW3dIA3cONdvDwjlUM6xoDyc22LBnjXHFb1AlOaQDlzAA

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D2DE 2 KB
1 KB 347ms
122ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:47:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 19:47:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D2DE 119 KB
37 KB 623ms
238ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Nov 2021 19:50:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D2DE 15 KB
7 KB 262ms
38ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:47:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 19:47:50 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D2DE 0
0 348ms
46ms Image
text/html 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqEB6d2hr_D6JcFZiZyl-ApI-aLf1lZMP-9S43ax1YMBdPjAfXYYceNcvwmhat75X2Kp0uR0zMP55T3svw2hVWNJb7KA
Requested by: Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame B04C 1 KB
960 B 315ms
122ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 894
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 19:35:45 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B04C 0
0 82ms
82ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CmdgvjpeeYdaRB8ik9u8PrvCugALarvu6Ypr_gLzlDYiU-IezAhABIMKm1htgleKQgqAHoAGN7OTZAsgBBqkCiLAHjP5rqj7gAgCoAwHIA5sEqgSAAk_QQCwU_ujjCvX0ISZlFNxKHcKYVtEz7tZ-BQunH1gDUPOdgI0FOR9-Hk6DR4NtGLtGKKY1tWd56wY-hL9eAU0taGZwL3Buy8ZXofa9ewa_wiO3_7UkfvKWl2IjujkRtifnUPGWz9kParlmDrGQ-SMtCfTy4ECaHmZ8fshdIot6kGdi_X7NlrRExPfarekTQIq1n-mGii4HtIoHj6TFgLrHdpY9i9AM5Wsf_oo4IW-NzaDp0Wu34r5kBAWrT3NMQtl-gG0mM2E-qIg2MC8FWnAY8C6Rvp1OxOCBHtl3sWAOi2xwEkWlGdsV8M13wtvXfC__a9X94Jsf3_uM56PT9XfABJSV8p7kA-AEAZIFBAgEGAGSBQQIBRgEoAY3gAfbk5umAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcDEPAu0ggJCIjhgBAQARgdgAoDyAsB2BMNiBQC0BUBgBcBshceChwIABIUcHViLTE3MTI0MjA5ODk3Njk3NTgY0sAW&sigh=P4gh4mSMH8Q&uach_m=[UACH]&template_id=492
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame B04C 19 KB
8 KB 270ms
78ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 19:48:37 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame B04C 2 KB
1 KB 314ms
123ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:47:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 19:47:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B04C 119 KB
36 KB 699ms
347ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Nov 2021 19:50:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame B04C 15 KB
6 KB 307ms
116ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:47:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 19:47:50 GMT

GET
H2 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame B04C 27 KB
12 KB 424ms
39ms Script
text/javascript 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 21:03:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Feb 2022 21:03:02 GMT

GET
H2 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 2164 32 KB
13 KB 293ms
105ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

b6732ef598323e03a0c430d90f45d0a63934d22b3fa51f6bddfb6955ce651162

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:49:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13085
x-xss-protection: 0
server: cafe
etag: 4948910059398625987
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 19:49:01 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2164 22 KB
7 KB 262ms
74ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 15:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 24 Nov 2022 15:16:00 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 2164 19 KB
8 KB 231ms
43ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 19:48:37 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 2164 2 KB
1 KB 340ms
38ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:47:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 19:47:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2164 119 KB
36 KB 676ms
328ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Nov 2021 19:50:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 2164 15 KB
6 KB 273ms
86ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:47:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 19:47:50 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2164 0
0 355ms
53ms Image
text/html 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQh_z6BQQxceTKdlRI8PFWXXcH3kQ4HdBnbXNiofZ2Z0gpkPBqBgiKWynfm_19bHz21dD4YxFDxdPRn6d1PdVxmtt-O2g
Requested by: Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4798 624 B
770 B 395ms
51ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYr8jFlQEwAQ&v=APEucNXZR4Q7RAdA-gXorhrdykflWX4hWEbQde-D_36TzCBoz_bZOOAijptKmka94VmNpTIQ1sKgJSzFoxX7C1jJp9QlQyVWfoeQmQVqY2hXsTbBud6Dn4NsivOZD_-ADGk-Azr9flflsHq-34WjtYh-U5iEJGHM8CFQEF3P_NZnm8SCZYi-Qy8

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 24 Nov 2021 19:50:39 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 24 Nov 2021 19:50:39 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9A62 25 KB
15 KB 420ms
76ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYvWxrIycEmcp3dgGfWKxVra2Bc9_sgIz3iJL65KNdRLBGKc9RhUZGo5fQLuIFI1-0---c80Q2JuBgW5WmIENQUqXo6V1zFa7qKmuekyLAbBnpidWZ0ipjaK2A5cBHnrQ7pDaZQhEUifXvqtOlIfrjQ7woTQ&cry=1&dbm_d=AKAmf-CRyR0amm6aLwbXFkt1T7Sw6PuFmia1um9kzgXeoDHEiziMVQv9WsTenlLYEdgn9wWEJ2ZSp4K3SdL_Op3YpXNqx-rrut9mspSLTFXiiecqKrZU7z8K125WyIJQ87UnOq7e0ltDVZU8t7Wff10QziasHIDEwYyRJ-BXUVYeReY8lpnVHMKn9mQqUjwawjRDapSaWdkLjkH0EIbFgAGXjUB9Bt95ImZe7ushszcj9GJG3eJ746Tnlfrgf7P4cYu9n9GCDfjwTvCSgn3HdYmmWi7WaA2-i65hyMgjTeGuiTtjaQbs0aROWXS7W8iokdSfLQfmV4RXkdEGEtOwoYfYAKKlmWH0fStC8LUVXJdjTrh2JFIATPGZOOCQouTuheqLYMdbk2RKpPxXe40nNBGMpWyJYjWUR6ZL8WJii-3GQchqqe5YftSBa91Y2AcbZOYZr06lkbwAhYHrDmosUjiZdTUpKWrHP38AMAdBT9BbeU12oPnNanTk2EqynkwRjptnMfu6_I9tzenIIyN6fXh7RLCUj13NHMxAXrTZZVhXLsVkcFjj5503FpwfWn8eU132aD5PWBPbj-3k_5ZIocs1YPWSPvWEJf2qAAJnQu3T3f5B_rmqSietY-jL2EmE1mHw1Rz6Mxvpfgg4JkJatYSWmFP5pxHv1-4EbyKGBmSqBO5oDMlspqWJTvJ9zk0zrIqU4d3Y1yEr-yo8hqjTcYrez6AD3dIBM0ufOm8kY6qUDmduupBayAZtw8oRJzH4A51CGtqN_zjQLBjvO3fNVl4y0tnBF986kNw4ba_Fq8cnCHYPHXrSB0SKUGwCXL_UNL1nPXln-rv1g7a6aS3l02wbdazeAq-ByE-10isaK8Dbl9E7EBubO1wtUHQc_zyhcTd0kF0JeqHREJ1YH9JDa2KfWiMwCjK5CllABuEUeSCWdss_wA6EYlIqb8u1Il4MZg0hVepFbxXvT2d6KTV1xx_cWFBd0xYnOFXwlsJ_wmlaZqHh9qJCQ3x2qsEb6R9rh1JOUxsxWEP_0YcKlOHi9juaZqfM7dox9lNtoP_OzXUUOaecwJTfXCaz322bP3blIFGoln1e2cDMRQa3C7UXTtI3X_J0izpX7atzdLHa0J-gY-I8gbAl9ScUUi3hQjNDqTg83TWUpF2uROgiYCbkqWG7XPSvxmjnltNOsuwS7HoA4xiMjsRUWtpYSBbCZpu35RX8kVsuHpldcWgSL7ZbKSHmy8QtDWe1qa4wFxr4UisO0UhMuCkH3b6u8XMYyyYhE17Fiyt9DvRqF5ld--rbswsToMVo4blNOH0eiOlA70gpvYrUXQ0ylaGSJRblYCCLK-tZnyWiFNnEjQ_01A3gldCorl_VvXS1yI9o91OmIvM7vzG2dl2-cVT8ko1w95Hq4Nmt8MgANvdflYqiqAo7adYJVGbmN7uwqg7bGLFnGwxBnl6mcriUzeaxEuQgSk24PEwWC_P1IWv5pfuqe9ZVRIo2y8ncGZbX4-lqMjtfCQIoW6rR0jmBtho4AlDfL148pGLZVzZPo2t0STlKBkWlbXFha8QnZbtkMFoh1hSFAJ8CmpIh5SMAM--HMS9tBC7n2L6AIRspxayIjw4erMR71Lqi2aq5jTJPe2UEqqRD-KQ95e6n-mzf9jFPrczu9xTWMfNFelOc7NBtcgM2FJ7lEXl8c3d0GrowUlJdxZ1fzbmCfyUWAxIpoXrHDhsKYwasDMujmWtedSlXF3k0kLqFnbUKGPETiaEboKZ2bAjYVg4WN_tNg-juEaSozNf1p1uS-THQYKEE5QxxbU6BoZbFZs5K2en99DYcA2k5o1m6jHDiEoH55H7nuCVhH45PgLd_S4WcjlzQSHbWFLr72zQdB529xZPKXfYkQlIP4flkInA2vjcUpq8igQ_AN02oBa3QeivljL_JFpqJ2mw3eRbE17R1LM9KhqcdX7n7s1n2BgfGyZ21vnKsEtMn-VlPrsHcrjmzPWkwa7GmCfchvxtCbRZr2vB-_zfYjORxoaRp-vxcGy2MdvxcnYJb3MUJwYQqhpsqpHlSx01mS-mfMYNHWX0REMYLDFyCTEWQeKlNtmbSSMOaPhfwhZIlkMGVGoo2K2h8ENyTuvpT1jaHyB6L4Uz1uBiJPrBUFX_xs-nX7b7wUUZ75MpX-eeGyGTNyAN_FP6R33F2Z-QS8P7V5vLAweavE1UmCEI0Gzknwlu-1ENqxy2_EZGiqIePnzSiWAEQZbo9mJLtSK0Tt-VxOuL2Wq2vgSJZUOFUC7FKDpWySr60-ffMN6pOJp7Lq7Bjwk-EuFm37mVPFRB1_8-UxTrHYmf7lRFymGkae90fM-KhvS5uV9eRWqDeskTY7N9dM3eSAUV-e_lq-tlquOyfDnjnyVyvydCMNf6lQTCA0DlJxbo6skXlSGmSjUSuwAJHbhzlwEICw-cPJfNE8x9s0WQWVAGQrdqhj7nvDz5dfje7ae-Hz4BKIEJHJtiAsnSbirIEu8vqbmABCJDCZ1XVW8inoH_3tl_NwxusoLSYG_oAOXG3y_MQpo5IGWrVIFK5uHPfctjcJVA8i3_cFCZCM9t1oKmC0qoR-ep8KYKlnvwXk1jg2d-zfVB4f9T6agyWI7iSVgU9SM6gEftdjwpFt170Eu4-3xOO_v-as8Dm72IVl6vjGYrcTPgnPyY8Fj7_g6sW_dnN_DIlpE81bxl8TqZMUT2DEmDosxKqhch4aXvNni4ckBCq5fQvpI0V4G1PCTOtRtwYOwCtw63z5lte4IoRE4fOP4tQe7JbZuOxLqey0DRKVO793d34sHlDxmaDJekSGdZK8M-iCws0eZsyl5vfEidjyhLjv4vojeosOCjvsNdoOxaj4A05ZRw6oK1EoJll5FDtds-xKdw0SdbG-jv2S8BeotJofw3jFeWq12Yd41Pcn_LvsOxZ_ZKtU2xyHeRSrwWn2T7s2bDLbPZP3Q2DFc-tvwnQs0d1FjADk_RyrRlYlnQRsKaGnfcQ18OWvVYGlF6QvobXjP_L6psWWthvBWNU5mB7wjuvIlKNXh-3D9KHZx7jyPANFq_KZVL5IVsLWP3P4CnjjkFgyH_nUdZl2_ZS0UXX8vzf2XGKnFmOTNPLrA4tt7wq1HCF-3S7qWQKeJkE1kHabeG0vwBFyXdomMyXYn4vt-dxs3N4JrfSSC-nYkALED7uitG-CJEra-9EZ4OdJs8vgUWVW2bNbqopthayexkgOZMRiLwVGFesxboZMUuJ8O-wd4150I8abk9auteXzt1yE3-2&cid=CAASFeRoOUnR45ANGIzgD41U6PX1qPX9vw&rfl=1%2Chttps%253A%252F%252Fwww.baixaki.com%252F%240

Requested by

Host: www.baixaki.com
URL: https://www.baixaki.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

fea68631be1a14587d4095862c1c95c4aa138a16f472bd0ba80b7b2911eacca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14736
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A62 42 B
107 B 1079ms
96ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DwIwcMOTGEpqNr2NXQv3UXaiL8PQ-e3UghbBFOoZ644JZexKoehtKKRQ6gIqlfhGqgkjuq68326kQEZLme3bJXRqGD6Q6A8C6GZgiHAtO_0YPjb7c

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 9A62 2 KB
1 KB 307ms
123ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:47:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 19:47:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9A62 119 KB
36 KB 648ms
304ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Nov 2021 19:50:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 9A62 15 KB
6 KB 277ms
94ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:47:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 19:47:50 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12449735768652746288/ Frame B04C 5 KB
6 KB 281ms
99ms Image
image/jpeg 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12449735768652746288/downsize_200k_v1?w=195&h=102

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

075fb12cf9fa783f0a48c8e53f0a372d94e32a583e3563f756326a7fe5896cab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:38:50 GMT
x-content-type-options: nosniff
age: 126709
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5430
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 10:05:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 23 Nov 2022 08:38:50 GMT

GET
DATA 200
OK truncated
/ Frame B04C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12449735768652746288/ Frame 2164 53 KB
53 KB 341ms
40ms Image
image/jpeg 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12449735768652746288/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQugIYASABLQAAAD8&rs=AOga4qlCo0XH00m1oamyLETpxSu_P-44sQ

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

bdaa1142b84ba4c21c346e8c6ef5bdc61bbb9c51856216754573c2c0adefd6a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 06:52:15 GMT
x-content-type-options: nosniff
age: 478704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54481
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 10:05:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 19 Nov 2022 06:52:15 GMT

GET
H2 200 40933678460698624
tpc.googlesyndication.com/simgad/ Frame 2164 1 KB
858 B 340ms
39ms Image
image/svg+xml 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/40933678460698624

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 11:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30399
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 728
x-xss-protection: 0
last-modified: Thu, 26 Oct 2017 18:18:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 11:24:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2164 0
0 81ms
80ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDpH_jpeeYdeRB8ik9u8PrvCugALarvu6Ypr_gLzlDYiU-IezAhABIMKm1htgleKQgqAHoAGN7OTZAsgBBqkCiLAHjP5rqj7gAgCoAwHIA5sEqgSEAk_QzQxoDr6X1fL-haFRI4g2ipWkmwy-zA1hRZtPcP9sJPB4_9egd1pdgA5QzLIgTu9YuyEAEMnWpwfdi_ZMQh8dDEIdVFrw1uBFYzCJfPIOddcW5XpnTZeqHQQPUrqYeabB_duhxIVWILP9uZ3ch_9Tq_rCq-SN-LbHUq-4ikZ-6oqAvrVnq_4hDulY4sE8phcXZwRjCbgXXeb5b3mryrC_Z7tcqnGt1oNK1bdK-diQGVcpbtBHa73GwJNks12H9Nf357OhcxvvMgRgs7BM4BGnqINhxCn_dCUFqa8Dp1SCU0uWMUhQcD95QOARvJUPofPH1D89-qULFfdDaZXsOVgOYjK4wASUlfKe5APgBAGSBQQIBBgBkgUECAUYBKAGN4AH25ObpgGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHAxDwLtIICQiI4YAQEAEYHYAKA8gLAdgTDYgUAtAVAYAXAbIXHgocCAASFHB1Yi0xNzEyNDIwOTg5NzY5NzU4GNLAFg&sigh=x3mMp3NdTQw&uach_m=[UACH]&template_id=492
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8411 143 B
426 B 57ms
40ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 24 Nov 2021 18:58:25 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3134
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A67D 12 KB
5 KB 339ms
39ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 24 Nov 2021 17:25:08 GMT
expires: Thu, 24 Nov 2022 17:25:08 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8731
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3018 783 B
968 B 360ms
59ms Document
text/html 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

GSE /

Resource Hash

3dd60371c5481dd8d2f279abe622ac766eedbdaa8a8f42df612c5aaddbf98a9c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MNY8F3ruaWnp8Vny9+d8TA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 24 Nov 2021 19:50:39 GMT
date: Wed, 24 Nov 2021 19:50:39 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-MNY8F3ruaWnp8Vny9+d8TA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8411
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
169 B

415ms
114ms

Document
text/html

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 24 Nov 2021 19:50:40 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 24 Nov 2021 19:50:40 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 24 Nov 2021 19:50:39 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4798
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOtrc0OUDuXWrFUnQheVm5I&google_cver=1

43 B
894 B

34ms
33ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOtrc0OUDuXWrFUnQheVm5I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYr8jFlQEwAQ&v=APEucNXZR4Q7RAdA-gXorhrdykflWX4hWEbQde-D_36TzCBoz_bZOOAijptKmka94VmNpTIQ1sKgJSzFoxX7C1jJp9QlQyVWfoeQmQVqY2hXsTbBud6Dn4NsivOZD_-ADGk-Azr9flflsHq-34WjtYh-U5iEJGHM8CFQEF3P_NZnm8SCZYi-Qy8
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 19:50:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 24 Nov 2021 19:50:39 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOtrc0OUDuXWrFUnQheVm5I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4798
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZ6Xj7jbgvTQ.zj4eLSkuQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAOUtM7D-JyoNkkP8OWjXLk&google_cver=1&google_hm=2

43 B
894 B

30ms
30ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAOUtM7D-JyoNkkP8OWjXLk&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYr8jFlQEwAQ&v=APEucNXZR4Q7RAdA-gXorhrdykflWX4hWEbQde-D_36TzCBoz_bZOOAijptKmka94VmNpTIQ1sKgJSzFoxX7C1jJp9QlQyVWfoeQmQVqY2hXsTbBud6Dn4NsivOZD_-ADGk-Azr9flflsHq-34WjtYh-U5iEJGHM8CFQEF3P_NZnm8SCZYi-Qy8
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 19:50:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 24 Nov 2021 19:50:39 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAOUtM7D-JyoNkkP8OWjXLk&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4798
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAiIwgl5xMoCsEFZ6_UHjZE&google_cver=1

43 B
1008 B

13ms
13ms

Image
image/gif

185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAiIwgl5xMoCsEFZ6_UHjZE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYr8jFlQEwAQ&v=APEucNXZR4Q7RAdA-gXorhrdykflWX4hWEbQde-D_36TzCBoz_bZOOAijptKmka94VmNpTIQ1sKgJSzFoxX7C1jJp9QlQyVWfoeQmQVqY2hXsTbBud6Dn4NsivOZD_-ADGk-Azr9flflsHq-34WjtYh-U5iEJGHM8CFQEF3P_NZnm8SCZYi-Qy8

Protocol

HTTP/1.1

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 19:50:39 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ec698a1c-98a8-461d-95b3-6a878e343e65
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAiIwgl5xMoCsEFZ6_UHjZE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4798
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY1MTMzNzI1ODMyMDAyNDI0Mw%3D%3D

170 B
502 B

116ms
60ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY1MTMzNzI1ODMyMDAyNDI0Mw%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 19:50:39 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b112a35d-6ce5-4419-a9b7-370cc6788ba7
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY1MTMzNzI1ODMyMDAyNDI0Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 83E5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOtrc0OUDuXWrFUnQheVm5I&google_cver=1

43 B
894 B

41ms
40ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOtrc0OUDuXWrFUnQheVm5I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwurZlAEwAQ&v=APEucNX86YuUdj7NSeqepY_ary0ShPpd0y_UKZ_cgxQcF3y2kZbqXAE8thfHf6Q6j_DSTT6P2K8C_yoA63qbEXJHjONYjaGCWDmU6LNOQV3Feo9q_sSI2gqY2Dt5cy1MD5P8T7WRSHLuQrPSunggZ-ReeEJw7eswlDEo5ETodG1tWl_pgJ6Q8Tg
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 19:50:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 24 Nov 2021 19:50:39 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOtrc0OUDuXWrFUnQheVm5I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 83E5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZ6Xj7jbgvTQ.zj4eLSkuQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAOUtM7D-JyoNkkP8OWjXLk&google_cver=1&google_hm=2

43 B
894 B

38ms
38ms

Image
image/gif

2.20.157.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAOUtM7D-JyoNkkP8OWjXLk&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwurZlAEwAQ&v=APEucNX86YuUdj7NSeqepY_ary0ShPpd0y_UKZ_cgxQcF3y2kZbqXAE8thfHf6Q6j_DSTT6P2K8C_yoA63qbEXJHjONYjaGCWDmU6LNOQV3Feo9q_sSI2gqY2Dt5cy1MD5P8T7WRSHLuQrPSunggZ-ReeEJw7eswlDEo5ETodG1tWl_pgJ6Q8Tg
Protocol: HTTP/1.1
Server: 2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-55.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 19:50:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 24 Nov 2021 19:50:39 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAOUtM7D-JyoNkkP8OWjXLk&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 83E5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAiIwgl5xMoCsEFZ6_UHjZE&google_cver=1

43 B
1008 B

17ms
17ms

Image
image/gif

185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAiIwgl5xMoCsEFZ6_UHjZE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwurZlAEwAQ&v=APEucNX86YuUdj7NSeqepY_ary0ShPpd0y_UKZ_cgxQcF3y2kZbqXAE8thfHf6Q6j_DSTT6P2K8C_yoA63qbEXJHjONYjaGCWDmU6LNOQV3Feo9q_sSI2gqY2Dt5cy1MD5P8T7WRSHLuQrPSunggZ-ReeEJw7eswlDEo5ETodG1tWl_pgJ6Q8Tg

Protocol

HTTP/1.1

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 19:50:39 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1e4a5849-ce07-49f4-96fb-28ea4e054898
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAiIwgl5xMoCsEFZ6_UHjZE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 83E5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA4NzM2OTA3Njg1ODExMTA4Nw%3D%3D

170 B
232 B

115ms
62ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA4NzM2OTA3Njg1ODExMTA4Nw%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 19:50:39 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2d2e313f-ace5-4fa8-9a8a-0de026b8f2c7
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA4NzM2OTA3Njg1ODExMTA4Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 9A62 24 KB
9 KB 595ms
47ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYvWxrIycEmcp3dgGfWKxVra2Bc9_sgIz3iJL65KNdRLBGKc9RhUZGo5fQLuIFI1-0---c80Q2JuBgW5WmIENQUqXo6V1zFa7qKmuekyLAbBnpidWZ0ipjaK2A5cBHnrQ7pDaZQhEUifXvqtOlIfrjQ7woTQ&cry=1&dbm_d=AKAmf-CRyR0amm6aLwbXFkt1T7Sw6PuFmia1um9kzgXeoDHEiziMVQv9WsTenlLYEdgn9wWEJ2ZSp4K3SdL_Op3YpXNqx-rrut9mspSLTFXiiecqKrZU7z8K125WyIJQ87UnOq7e0ltDVZU8t7Wff10QziasHIDEwYyRJ-BXUVYeReY8lpnVHMKn9mQqUjwawjRDapSaWdkLjkH0EIbFgAGXjUB9Bt95ImZe7ushszcj9GJG3eJ746Tnlfrgf7P4cYu9n9GCDfjwTvCSgn3HdYmmWi7WaA2-i65hyMgjTeGuiTtjaQbs0aROWXS7W8iokdSfLQfmV4RXkdEGEtOwoYfYAKKlmWH0fStC8LUVXJdjTrh2JFIATPGZOOCQouTuheqLYMdbk2RKpPxXe40nNBGMpWyJYjWUR6ZL8WJii-3GQchqqe5YftSBa91Y2AcbZOYZr06lkbwAhYHrDmosUjiZdTUpKWrHP38AMAdBT9BbeU12oPnNanTk2EqynkwRjptnMfu6_I9tzenIIyN6fXh7RLCUj13NHMxAXrTZZVhXLsVkcFjj5503FpwfWn8eU132aD5PWBPbj-3k_5ZIocs1YPWSPvWEJf2qAAJnQu3T3f5B_rmqSietY-jL2EmE1mHw1Rz6Mxvpfgg4JkJatYSWmFP5pxHv1-4EbyKGBmSqBO5oDMlspqWJTvJ9zk0zrIqU4d3Y1yEr-yo8hqjTcYrez6AD3dIBM0ufOm8kY6qUDmduupBayAZtw8oRJzH4A51CGtqN_zjQLBjvO3fNVl4y0tnBF986kNw4ba_Fq8cnCHYPHXrSB0SKUGwCXL_UNL1nPXln-rv1g7a6aS3l02wbdazeAq-ByE-10isaK8Dbl9E7EBubO1wtUHQc_zyhcTd0kF0JeqHREJ1YH9JDa2KfWiMwCjK5CllABuEUeSCWdss_wA6EYlIqb8u1Il4MZg0hVepFbxXvT2d6KTV1xx_cWFBd0xYnOFXwlsJ_wmlaZqHh9qJCQ3x2qsEb6R9rh1JOUxsxWEP_0YcKlOHi9juaZqfM7dox9lNtoP_OzXUUOaecwJTfXCaz322bP3blIFGoln1e2cDMRQa3C7UXTtI3X_J0izpX7atzdLHa0J-gY-I8gbAl9ScUUi3hQjNDqTg83TWUpF2uROgiYCbkqWG7XPSvxmjnltNOsuwS7HoA4xiMjsRUWtpYSBbCZpu35RX8kVsuHpldcWgSL7ZbKSHmy8QtDWe1qa4wFxr4UisO0UhMuCkH3b6u8XMYyyYhE17Fiyt9DvRqF5ld--rbswsToMVo4blNOH0eiOlA70gpvYrUXQ0ylaGSJRblYCCLK-tZnyWiFNnEjQ_01A3gldCorl_VvXS1yI9o91OmIvM7vzG2dl2-cVT8ko1w95Hq4Nmt8MgANvdflYqiqAo7adYJVGbmN7uwqg7bGLFnGwxBnl6mcriUzeaxEuQgSk24PEwWC_P1IWv5pfuqe9ZVRIo2y8ncGZbX4-lqMjtfCQIoW6rR0jmBtho4AlDfL148pGLZVzZPo2t0STlKBkWlbXFha8QnZbtkMFoh1hSFAJ8CmpIh5SMAM--HMS9tBC7n2L6AIRspxayIjw4erMR71Lqi2aq5jTJPe2UEqqRD-KQ95e6n-mzf9jFPrczu9xTWMfNFelOc7NBtcgM2FJ7lEXl8c3d0GrowUlJdxZ1fzbmCfyUWAxIpoXrHDhsKYwasDMujmWtedSlXF3k0kLqFnbUKGPETiaEboKZ2bAjYVg4WN_tNg-juEaSozNf1p1uS-THQYKEE5QxxbU6BoZbFZs5K2en99DYcA2k5o1m6jHDiEoH55H7nuCVhH45PgLd_S4WcjlzQSHbWFLr72zQdB529xZPKXfYkQlIP4flkInA2vjcUpq8igQ_AN02oBa3QeivljL_JFpqJ2mw3eRbE17R1LM9KhqcdX7n7s1n2BgfGyZ21vnKsEtMn-VlPrsHcrjmzPWkwa7GmCfchvxtCbRZr2vB-_zfYjORxoaRp-vxcGy2MdvxcnYJb3MUJwYQqhpsqpHlSx01mS-mfMYNHWX0REMYLDFyCTEWQeKlNtmbSSMOaPhfwhZIlkMGVGoo2K2h8ENyTuvpT1jaHyB6L4Uz1uBiJPrBUFX_xs-nX7b7wUUZ75MpX-eeGyGTNyAN_FP6R33F2Z-QS8P7V5vLAweavE1UmCEI0Gzknwlu-1ENqxy2_EZGiqIePnzSiWAEQZbo9mJLtSK0Tt-VxOuL2Wq2vgSJZUOFUC7FKDpWySr60-ffMN6pOJp7Lq7Bjwk-EuFm37mVPFRB1_8-UxTrHYmf7lRFymGkae90fM-KhvS5uV9eRWqDeskTY7N9dM3eSAUV-e_lq-tlquOyfDnjnyVyvydCMNf6lQTCA0DlJxbo6skXlSGmSjUSuwAJHbhzlwEICw-cPJfNE8x9s0WQWVAGQrdqhj7nvDz5dfje7ae-Hz4BKIEJHJtiAsnSbirIEu8vqbmABCJDCZ1XVW8inoH_3tl_NwxusoLSYG_oAOXG3y_MQpo5IGWrVIFK5uHPfctjcJVA8i3_cFCZCM9t1oKmC0qoR-ep8KYKlnvwXk1jg2d-zfVB4f9T6agyWI7iSVgU9SM6gEftdjwpFt170Eu4-3xOO_v-as8Dm72IVl6vjGYrcTPgnPyY8Fj7_g6sW_dnN_DIlpE81bxl8TqZMUT2DEmDosxKqhch4aXvNni4ckBCq5fQvpI0V4G1PCTOtRtwYOwCtw63z5lte4IoRE4fOP4tQe7JbZuOxLqey0DRKVO793d34sHlDxmaDJekSGdZK8M-iCws0eZsyl5vfEidjyhLjv4vojeosOCjvsNdoOxaj4A05ZRw6oK1EoJll5FDtds-xKdw0SdbG-jv2S8BeotJofw3jFeWq12Yd41Pcn_LvsOxZ_ZKtU2xyHeRSrwWn2T7s2bDLbPZP3Q2DFc-tvwnQs0d1FjADk_RyrRlYlnQRsKaGnfcQ18OWvVYGlF6QvobXjP_L6psWWthvBWNU5mB7wjuvIlKNXh-3D9KHZx7jyPANFq_KZVL5IVsLWP3P4CnjjkFgyH_nUdZl2_ZS0UXX8vzf2XGKnFmOTNPLrA4tt7wq1HCF-3S7qWQKeJkE1kHabeG0vwBFyXdomMyXYn4vt-dxs3N4JrfSSC-nYkALED7uitG-CJEra-9EZ4OdJs8vgUWVW2bNbqopthayexkgOZMRiLwVGFesxboZMUuJ8O-wd4150I8abk9auteXzt1yE3-2&cid=CAASFeRoOUnR45ANGIzgD41U6PX1qPX9vw&rfl=1%2Chttps%253A%252F%252Fwww.baixaki.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 19:50:30 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9A62 41 KB
15 KB 340ms
38ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 12:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25323
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 24 Nov 2022 12:48:36 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame D2DE 106 KB
38 KB 433ms
40ms Script
text/javascript 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.baixaki.com
URL: https://www.baixaki.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f134.1e100.net

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
Origin: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 11:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31393
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 Nov 2021 11:07:27 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame D2DE 8 KB
3 KB 565ms
77ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AVu7S8IzGM1dBmOjV_NfLwan16pmJNumrxa6imRx69VCacvqwT1JZ_GrUtkIJkeMs9-SDZdM0XtF1yJavaro1b5T02oyqKq9mvqwadMOwUOS28IYd7ZFuOmkoXVWbfIdsM8Pe--9mXdan0mzFKpewPAgE6rA&dbm_d=AKAmf-D9UOu4YwCklRRbq3Je9R6PDfJbz9ujYXW_-Sb4_ovy7G7N3kcP3Xx0kMIYRzi9mHfhc6UnCkCmIyQXXvx5GRKLhRxoJ_1knlzizA4oy5MwzbxAPf5XOvf0ZVay5Pvgkzd0_mb8vp6s7mmd6VyKoj1GEY-Bh49-Sv-Wh-avq5rA_1hUBsAIeEJB2a8UNUYL5CIKuBVCWw_9yetzmE118MS0Xa_sL1rewKiMr_kH-oo85LFtbS7_xFlSQaGMj3D6s2pxNxFyQqPNmJzyyYzZEjHxVA3TxGdZmIIIEh748o2iursrRZOq_mDLYSc28ym01c7TlPG6OIx_p5xf9TiUyBUEPN73UbrbOx3irQbH-Ij7M2rrqN2EJjC_GE9gAekrfk61AFqoBy1chmVG46ZzXb-YRYSl8pZqQXBnC8e6XhXttMrCrUrklwSbDpwcMvnVt8CJ32_gZ6S_BOVuEfLacIAiwRwZkq5CAo8i1-e8dwhKDMcY5zD0HsNKJx9jL7-16wAmX7DT7jCPpEhoOnECEH7esXdf0Aku-_FztcCjZPoZ-cKcz8Dx5XYuFhQAkGDHxIQAuwDdCi3vbcdLWvkIIr_rmg3X6J9MUu1WR5R7_VOMT0D3mk5379Hq3ff86FFqYOBeX8mI2WyXWrtp0UQThEvh1xqFMCAmSmKgd7BVG4dAxL5YsW_SneWtcg4rED6bL6lLoKfFrUuPWyd3eXN3u4nh-wFZ0WoV4AVacWz8dBXeczLJbZHAoAuXH9x5rzfR4DdcSWAovN-j4pRIsdhfM1SkHyNl4zYrDrsg1S-vmElxujwVqhlnkf41tbuq6IPY-cAl1oD5aYd7GXAXL9s5Fyx0Msw96yjM91GsVh-nSdzjn3F1EVWQQLu7Ow4IDAZzWSauvJTJOOqiiPi-oAjp0yjH85RaHvorTWLvibXi4HQ7flm4tvC1qIOkoUz7tf56_oIuCskKGrOGdCfqnuVkXKPecfCiB5NqZNgdv2IucUcfyQ-moGoHY2Xwtog9bIpOHzkcBXO7C5RXRJwiBVrZE4rgVz2zmP4OmptvF1aRM7GFyw0DdGcKa8TDgfR5QTqOOMXYIMdhrDVwcHjo8rf73VAMpnwH58BtTtTPbW7Mu7AOFlGJjG45j-c-x9NMDrIS4s_eXdqqlCWJyz43nZ1wbgnWLyVMDNykzbU7xNF8xWWTvhQuZpUDXG4h7dMwu3DcAmR2XF9DjZ8E1kctYOF1g8LwSWSbtoNxfrAGIr6GeY3MkNDct9_NoZTzxGLagmIOHowDhJxf5xT32xhymnaSPff-PAVTLRtulnJc6e0xDNwvpizqxndQ2ssaCwGOTAEyQM8RPunKbiHrG_9_s0K7mejpYSksw4ZxBFNFlHC9KF5lB_oobGfBlQMYOquS9m1nngeKOj9hBWvIEx6CE00B9AEikviT2H0kT4dTTAuUyU2KbMRE6F5vZ32BSNsxo538FtDqF9dNdlsfI-Mykyq67Sk55_WooYCDMkVx-7pAIQZ49djX-6R94kbBY_-EAqXj9CZVAay3s13MLhwuwuVmKja89BI0Meb3t2FhXpojrGBZ_aMxTp-9SGdgTEaXWK3SFtChI5FYFbuLGN-n-xZ-c8UaqUdn0SFcscoj1_92LGsZXpHfCo711fdX40u5a1Lfbj9K4PRLYwlEIEiOf7V0JLd7c0WhRiNdPJiDV63dIA9VWGXQih9k1S1RUaovwXDTqCiYTPqcql4xFzTALbl7DscYwSqV-UH7_Sy_NQ_dEaYBih5DdrjeBu-v-JgaGAfUTW4TqvYWgYPxM0VyZgREQ35YBkZ817_fe8GQ1A2ABGFRkhvR-uORUMc-8HvA4V2NiP78DTglDiJv3NXBD1WyUusQe_jkqmU98Ee3T3pusW3dbUr8M5X77ArVKndXeojqOyZgo_TgNb3vHjIZkp_WuWu8mcV3_17Y3P7_N3TBZRfdDumX91TFlOxi-ZEuewyoj_kAqfExxN_IYZepwSHEUMu3QPfJZZkRWEnw-WtITklvyD0oUN6gmvRX_2B3hlVaJZ3hVe9ChWfMs4cB-QfrZceCX5XIIyPudpTOFELdSRWbJIGQ5RU4aOe5HPXDOm_76uzfiSR_OuSDtmrR-oZ5CwVYNEXbueAToBRcQjHgwzjyUNGBjPsrMp2Ha83ctt3tjzQ5sfrgLqXPOOz3xy5JLxaSJOEBCVQvb0ESrXxT_8BearGHRVwAxx2tS_YkEwIZv9feRC3y-j0QomVR01T_uK5UEa8sYYNbTZE_9S5hV55m0SV80dW2vUantTD2xAXeuw0WwW9D7q7ZphYpNSuZKGCc9zk6NUMiSzJBrE5Pnb06gkjBp_XwxOwNIGMbI25C-bC9F-crexl0ranP7ltG4q00J-uGehM9FWV4VdloPCNsAXeh-bkxGhs9CGlk_EoEJLxlw5YT9_TxDMBaTYIi7PGZWk8seENdvXrofslI83B9SRob0bGj_alp4ZYcLGO3X-siRaYqXUJ-2fNlZ43Lg8ki6UCj4DIrVjYMHX9_lhe4UspGi_qsoqlAgPP8EoYsI0KQkD7ZZOYrNSjyf926uFtePZoxr9E9hcG9a1EZtQpXHrOICJ4uO8jSyIi1sRj1U1rZhCW9mtsMS3nWT_ZE-cBmTMIEmXzkolfmTM5Yc0AgoySzR3RXEsjp_LD5oDScXkrUhHJzCnV1_gLMXD8L_LVhamcLmaroP_yoh5UROtyABtLbLX6ukifKLamNPYjWgBj0GOAEghU7wpKtQn2LpvOXFJ8zB957srlI79nqJNGNufPvehUUaLm_sFX4wTKsu62CfiXTF6EXgSwuUyA9xfTXAaUk3pbw-8X-dpIGVnSuzBUYoLq-Xvs7QLaeomig1_We5KhFyTDT9o-6gXabT1_didr12yR1YKmIYlwXHBP0FKVZyZhrv4AbuB_gumVwhTdG7zuaj6pFMcg242RaUfMBM7cXlaBRRXB2MpfjoL8z7FKJjaop7-GPEUx5KL570rxjV0ZK9KTO3bu5Og4JXwPYUOvW6Ve7sznwg3drEhyRSgeF_sz4bebsILNmulkFc-wFn1I96utX1HQEmq4qA1fu78v8Wflt1SVH23nTQaW7kdNAk5ubrHeGE0IEb7QO9vrK_2-yDHRtcSXhDjf2xKXDgPYNKpDhAW3CaB-G-SXTWdM8UXCjvRipnKYR7gcFqB4vMhgO_wdv6WqAgsvPEv7R7i0OAQ&cid=CAASFeRoqfM9n1iArNp0n14srztwBZP-Tw&rfl=1%2Chttps%253A%252F%252Fwww.baixaki.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:49:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 19:49:31 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame D2DE 24 KB
10 KB 524ms
39ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 19:50:30 GMT

GET
H2 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame A67D 35 KB
13 KB 376ms
75ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 18:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 18:35:33 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3018 0
0 387ms
86ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=4113178433184000&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B04C 0
0 372ms
72ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=extra&rnd=2823498

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B04C 0
0 373ms
72ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=extra&rnd=3086884

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B04C 0
0 372ms
72ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=extra&rnd=1333367

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B04C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9a4bbcc7cfbe9bee2d33c88a89b44f096a478587b6e9893c68bf6276b4c7883

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2164 0
0 372ms
71ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=extra&rnd=3444332

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2164 0
0 373ms
72ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=extra&rnd=9349340

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2164 0
0 372ms
71ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=extra&rnd=7291072

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2164 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5bdef95670f73d85dbbd077b64a5f8bf93112ea5f2c1ad9346a8e45e18f8949

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8777 22 KB
8 KB 339ms
38ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 24 Nov 2021 12:48:37 GMT
expires: Thu, 24 Nov 2022 12:48:37 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 25323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 index.html
s0.2mdn.net/sadbundle/6103495451613787474/ Frame 5FE2 64 KB
0 1001ms
219ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6103495451613787474/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Wed, 24 Nov 2021 11:01:34 GMT
expires: Thu, 24 Nov 2022 11:01:34 GMT
last-modified: Wed, 18 Nov 2020 17:52:16 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 19320
age: 31746
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D2DE 0
571 B 170ms
83ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJatnin6Mf3oaPYUW_nMdHacGlQ5VDTzRd1Qh44gVSjEDrhC0eXR9E9rxtnftKAoC95ePXgsqCklKsfqaH59SOB_Qp_3ebexl46VEgc5yviX_IPgxTygKOrVo2vKmOHi7nkyIWqKS3bpTtjD-scqlFq183G0yGRfne4NmzAW9BdtZ37-06z52I09TS-8kfaK7dAbE3Un4miNbk5En_fGW3bbji3iK3TIQWRitnlvPF88tWHEySZOiUAayxZDBq_JImmt5mFuCzEm3zoKkfG6RNKS3Fopz7Dc5SEsbmYIATqZK2ENnkRn9fWpT6Sx4-pVyHd8cYZKv8Nf1KTVHUpFMPlBkWtLiAcW_tbi09Fcv65r06pcoW0KEbr1rR9EDyVvtVTXaP1lr9s1-KHtfrjOlCjP4PxXzf_doSg0qDGju3rUrw--_aTkp-FI3H7hAkAaRiM1wgE9fhcdkbIDNx_oh33ZWnsSKWkF-ANtCWqt-vVUHilhljeNml7bywB5jgsWUgMP46dQPs9-kFupr3JlyFRDMWPGG7s9A5zHcbUnMPFZYFk_uzuYb0ErGoL9rmMo2x2Q53gecWN9RU6tylSNz9-EQUXXAw64UFQivXUZgqwDNdljfLXUZmHxnn4ksWoj7GxCTRhbw7Bsxb6SWITZfuyKG1Kl-NBa9D1ZBCNcG3ROcZr0iAy20Aa9V355DFBd8KzHxUGgO3tUMmk04Em7n251t9Zo84cz-JGww6snDXFM5C80BGI5yuzkssSM2DAcXf6rmDvv7pXbQBB_a6na0f0FnRKgYT5QUID7MBZCfU2pSHFuO-m5X0H3iyZKZMdNTMtewf2nmUkve3FefUGJ43vIIuV1Ik3qOQKt_m-9DEWDeY3hSLa4L2cRhKyzef98yYzX9vyJZVNwxt4AnEJ379s-Sh1sSPrlwPwGAj6i0jl-M2G2RaxEU9NLjFe7svxPmsoe7WVA2EADjoMFdWQuAs82Sn9KtFyWKmM6p5AKhXjq13mNkkQsSxBgMDiizqDVQUJ3L4yV5a4SmnJGYiwFEyImXNGZDlQ7VfZBs-86TMTEtca_H3hepqKdQxN95lZ84S2PLt1XeNGcsnBWhWWzrnvQxurDRt9bcmJhq8xUeFQHcRi4KViJwslkgDzEgKUgQnSGxAZ9mEZFRDDRmblAp_FjA&sai=AMfl-YT-e9sjJ1IO3uxQX5DPi3Ard4inQGXBwGHCTC2drbPXQvw5o3sZrTYaewx6mNkser54Vrh_aszywXLh17BQQXid7ahQLkqNy9vPcG8j5uXAOxVtm2S67sRZnCS8UlNcoo22WxDz9k08W2pSNi1Cey0dVF3B8zcrG27rX6I&sig=Cg0ArKJSzHtaBLM2AQnJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=503&cbvp=1&cstd=499&cisv=r20211111.04563&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.baixaki.com
URL: https://www.baixaki.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 24 Nov 2021 19:50:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D2DE 41 KB
15 KB 339ms
38ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 12:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 24 Nov 2022 12:48:36 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D2DE 0
0 372ms
72ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=extra&rnd=4819832

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D2DE 0
0 372ms
71ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=extra&rnd=9024183

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D2DE 0
0 373ms
72ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=extra&rnd=6079702

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D2DE 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e74b43aacaf763cf1b158bed64b1042580e48272d675cc646bf2f6ab70122ed8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK ma1tq3l10cm4 Show response
hal9000.redintelligence.net/zone/ Frame 9A62 11 KB
4 KB 47ms
12ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/ma1tq3l10cm4?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzevtjpeeYdiRB8ik9u8PrvCugAK1zfmDV5zfuavlDPAuEAEgwqbWG2CV4pCCoAfIAQmpAktEnNnTzLI-qAMBqgSEAk_QK0gWpT6GHIp-5_9a9I04eR30z9cYM4JykytoCtyym9_JzLxVCv7FJRqxDB-KYwMbe-52ZxRGKQkuXSufwoIpKZf4WyUuG2_ycp487TMilDwlZHX4wUOnHRhwDn5mojCQFDOlD3jaMJeEvQuk6fCVP_Fb85l3uzlNrnmZGVnhsnqv6kMSKzRRNBPf-C8J76diZXzdtNys2MQXeoH0UlK8W0-at2G_aN5DdTdCrsKYorSiX3UgaWa1xH7hd7Sh5H5q4-ue6ncU6AzZVwgKTwzMgBuxeEFkpQHpguhrPZ0LcEhpl6oMPDksv2_yJqDrqNmSmOzU7NU0MFp866ccDmz-QhtzwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoOUnR45ANGIzgD41U6PX1qPX9vw%26sig%3DAOD64_16K6m_VYTjQw9ivGN7NX7lHGORBA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-C2blkOKwORKDaqGcF8tMUynm3UShyWPVCLxJOV86HHieA-31HB_vin-Mv23i8Njl3hMS4UQx31N85Ay7WOcYAcKECwjQxUUkbVYBreAvijrlNeiONw3z_GaOxXUkMD6Hwd-KZQ3NaIETfaoBnuNtTrIj2CMA%26cry%3D1%26dbm_d%3DAKAmf-DeCw3Tns_nTm9OAgx0Y-8SIP_LyLIzRFyWJ0ANOjUi4Gr_8URzNtSCBLp831_Xmc2IKMTkGfRqmQSrKcvCxGEIgbvj1Trr0ikXrkILFHqkyQbctmcB7aqj0EeZ8hRvlItwmlhAYOAjQujHYsMZ5sRYuneKjl0JR4T42DVyo7maFx_Odo3ONW2LsC32eZUfkzc6Ifg4e3_qIgRRY8TG0-1bWPAszuIKlHcTZ4bUi96DHhMr6BlekliEQ6DEGEMFQS1RxLiJHbFt7WU5bHZXPv8nfmuZBdVW1W7isAhFY8EV3Mh7JcTFvI4SQv9aan6918tTvVI_TvOAdL3iWDwLvbrwtD6EBIh_f4Myu1bzZqnC9QXqprN2-KZ0fEB6S5x4k1DrB2TIaMWhkT6MUwhH50jZ6udIOijEYRQEzdiCs9cbY62Af7CeJq-gkcy4QgDxE3q1FalV%26adurl%3D
Requested by: Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 19c37f0ce29dee5d40bfee9912049cb0e7b58a7d540a030ae7c4add2a4d862b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 19:50:40 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3933
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

request.php Show response
hal900025.redintelligence.net/ Frame 9A62
Redirect Chain

https://hal900025.redintelligence.net/request.php?zone=ma1tq3l10cm4&nw=20&renderingType=javascript&namespace=d30a0d6f5f&subid=&uid=614d55df724f9f97&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900025.redintelligence.net/request.php?zone=ma1tq3l10cm4&nw=20&renderingType=javascript&namespace=d30a0d6f5f&subid=&uid=614d55df724f9f97&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

97ms
76ms

Script
application/x-javascript

138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/request.php?zone=ma1tq3l10cm4&nw=20&renderingType=javascript&namespace=d30a0d6f5f&subid=&uid=614d55df724f9f97&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzevtjpeeYdiRB8ik9u8PrvCugAK1zfmDV5zfuavlDPAuEAEgwqbWG2CV4pCCoAfIAQmpAktEnNnTzLI-qAMBqgSEAk_QK0gWpT6GHIp-5_9a9I04eR30z9cYM4JykytoCtyym9_JzLxVCv7FJRqxDB-KYwMbe-52ZxRGKQkuXSufwoIpKZf4WyUuG2_ycp487TMilDwlZHX4wUOnHRhwDn5mojCQFDOlD3jaMJeEvQuk6fCVP_Fb85l3uzlNrnmZGVnhsnqv6kMSKzRRNBPf-C8J76diZXzdtNys2MQXeoH0UlK8W0-at2G_aN5DdTdCrsKYorSiX3UgaWa1xH7hd7Sh5H5q4-ue6ncU6AzZVwgKTwzMgBuxeEFkpQHpguhrPZ0LcEhpl6oMPDksv2_yJqDrqNmSmOzU7NU0MFp866ccDmz-QhtzwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoOUnR45ANGIzgD41U6PX1qPX9vw%26sig%3DAOD64_16K6m_VYTjQw9ivGN7NX7lHGORBA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-C2blkOKwORKDaqGcF8tMUynm3UShyWPVCLxJOV86HHieA-31HB_vin-Mv23i8Njl3hMS4UQx31N85Ay7WOcYAcKECwjQxUUkbVYBreAvijrlNeiONw3z_GaOxXUkMD6Hwd-KZQ3NaIETfaoBnuNtTrIj2CMA%26cry%3D1%26dbm_d%3DAKAmf-DeCw3Tns_nTm9OAgx0Y-8SIP_LyLIzRFyWJ0ANOjUi4Gr_8URzNtSCBLp831_Xmc2IKMTkGfRqmQSrKcvCxGEIgbvj1Trr0ikXrkILFHqkyQbctmcB7aqj0EeZ8hRvlItwmlhAYOAjQujHYsMZ5sRYuneKjl0JR4T42DVyo7maFx_Odo3ONW2LsC32eZUfkzc6Ifg4e3_qIgRRY8TG0-1bWPAszuIKlHcTZ4bUi96DHhMr6BlekliEQ6DEGEMFQS1RxLiJHbFt7WU5bHZXPv8nfmuZBdVW1W7isAhFY8EV3Mh7JcTFvI4SQv9aan6918tTvVI_TvOAdL3iWDwLvbrwtD6EBIh_f4Myu1bzZqnC9QXqprN2-KZ0fEB6S5x4k1DrB2TIaMWhkT6MUwhH50jZ6udIOijEYRQEzdiCs9cbY62Af7CeJq-gkcy4QgDxE3q1FalV%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com&random=1830140073064&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 6e363ef04f4e823072a3170d398719190601ce05b2a1e577cfbc181565d2465d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 19:50:40 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 70305000151387900710624011788025
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1313
Expires: Wed, 24 Nov 2021 19:50:40 +0100

Redirect headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 19:50:40 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=ma1tq3l10cm4&nw=20&renderingType=javascript&namespace=d30a0d6f5f&subid=&uid=614d55df724f9f97&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzevtjpeeYdiRB8ik9u8PrvCugAK1zfmDV5zfuavlDPAuEAEgwqbWG2CV4pCCoAfIAQmpAktEnNnTzLI-qAMBqgSEAk_QK0gWpT6GHIp-5_9a9I04eR30z9cYM4JykytoCtyym9_JzLxVCv7FJRqxDB-KYwMbe-52ZxRGKQkuXSufwoIpKZf4WyUuG2_ycp487TMilDwlZHX4wUOnHRhwDn5mojCQFDOlD3jaMJeEvQuk6fCVP_Fb85l3uzlNrnmZGVnhsnqv6kMSKzRRNBPf-C8J76diZXzdtNys2MQXeoH0UlK8W0-at2G_aN5DdTdCrsKYorSiX3UgaWa1xH7hd7Sh5H5q4-ue6ncU6AzZVwgKTwzMgBuxeEFkpQHpguhrPZ0LcEhpl6oMPDksv2_yJqDrqNmSmOzU7NU0MFp866ccDmz-QhtzwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoOUnR45ANGIzgD41U6PX1qPX9vw%26sig%3DAOD64_16K6m_VYTjQw9ivGN7NX7lHGORBA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-C2blkOKwORKDaqGcF8tMUynm3UShyWPVCLxJOV86HHieA-31HB_vin-Mv23i8Njl3hMS4UQx31N85Ay7WOcYAcKECwjQxUUkbVYBreAvijrlNeiONw3z_GaOxXUkMD6Hwd-KZQ3NaIETfaoBnuNtTrIj2CMA%26cry%3D1%26dbm_d%3DAKAmf-DeCw3Tns_nTm9OAgx0Y-8SIP_LyLIzRFyWJ0ANOjUi4Gr_8URzNtSCBLp831_Xmc2IKMTkGfRqmQSrKcvCxGEIgbvj1Trr0ikXrkILFHqkyQbctmcB7aqj0EeZ8hRvlItwmlhAYOAjQujHYsMZ5sRYuneKjl0JR4T42DVyo7maFx_Odo3ONW2LsC32eZUfkzc6Ifg4e3_qIgRRY8TG0-1bWPAszuIKlHcTZ4bUi96DHhMr6BlekliEQ6DEGEMFQS1RxLiJHbFt7WU5bHZXPv8nfmuZBdVW1W7isAhFY8EV3Mh7JcTFvI4SQv9aan6918tTvVI_TvOAdL3iWDwLvbrwtD6EBIh_f4Myu1bzZqnC9QXqprN2-KZ0fEB6S5x4k1DrB2TIaMWhkT6MUwhH50jZ6udIOijEYRQEzdiCs9cbY62Af7CeJq-gkcy4QgDxE3q1FalV%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com&random=1830140073064&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 24 Nov 2021 19:50:40 +0100

GET
H2 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 8777 35 KB
13 KB 340ms
38ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 18:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 18:35:33 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 374ms
73ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=4113178433184000&bg=!s7ClsPTNAAZQLpa_UC47ACkAdvg8Wuci44wX6wtDGSJSKBxsd-KoI4YZkizAJuiG9CDWu9MaCx534QIAAABYUgAAAApoAQcKAP00NxxBWtn8qVfJc5OVMgw6O2cnoRO3fJkObD_pFAqgKQ7YsRNwDqEF5pEbElujzRUnjszc7ZqBWiFBeTM4mVMHeEyrSeZDUpHQWZBmOH33FlJCxeRBHV5t-IIflOncwhXAzt721O193OoVLeWHagoZErBwrs3lpdNgy9nrHcEW9IUHtPOcTwP9SCKL3R9ZDn0sGJjrtYbNgfmTNLTLWSeHfZgRHZYosbbecxTHa-5dEOhPRCOqdlDhzJCuVZQnYNqFxEkwn6XaKggqVkWGRIcQpNkZgQLgWhfRs_pSyDCzfxeK_D5APVWgHuM4baEGA1JQDk_slHPtFy6trkjWmQJ2QwLaJHAjsRV6WibUY2jk_wY1JqYs3LCIoySlp5RYxJptCbrJn0fQxe4B5YDSeYijIyV1DPWOGh4aqdJ3AySnqGpEn_ZpG4QCQqz53TiMLC8yVbmWEPZMfJmQpkIqHP8JZrkzZIX7p2YNpePTgXy0iM81nVk1BLTzXgN_oUm3QibV2cjiG6Xzp7Hv1QMeoMYm97AX-ox8Wt0Z7tmz1Cz2YoIxEIYA4BFf-vW2xseAXeGTEB3JpvYdfccaA8_bArRyYrGapvECVUwTPAX-rcq4-vx5CEFmUfZk4B_RN_SD_E3ylxQC5D7AgliTru32ydlhO6TASZL6EHzX5xHFbCJJ7ZFREx4SWFwnMDCutKlL60PYLQaenMMGPLfKh9uI-joug4jz430eFZuigcu5f2v7W7nbK5UaocUecvPg4vPaih8ge_l8HkUW0IoERWK1NKexn8gzFer1n3nVHl5CQFcJc3Y08Q17e5sFENKcX3VS1Cs1JNUyATxveByw4uf3QRDaVb04J0mHOJHH9nkolY7Jzd2handiJ657hvzj4-XseXN45YlO3KzhOf2kToAii0cPlQOLChI1N3FmLr76NW5t01cPDpR-U7fjcSz3NG0SsCTzI2uJZxqns30oQeHun_74s8aArWz6s4vP9y9mIfPQeVIBJgzVJBni2g15r2FswM5Q9SAAGPV9uZucSBNU_NeamrHmNbPixsOesX2fcwvpOpkjxaTy9sNyIszPvya0JLQkZ9R-qN2e696jiBgKMgzNTSlFcoRt0Gc9ZoKKmxHgXsHgE3Uh0YUXGhYZ_eF_CwyUWiLd4-vIdWoRSPTrvRu0QZkCP2PG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.baixaki.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 6CCE
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=70305000151387900710624011788025&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=70305000151387900710624011788025&actionid=879111&produktid=ratenkredit&dt_url=

0
628 B

94ms
60ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=70305000151387900710624011788025&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=ma1tq3l10cm4&nw=20&renderingType=javascript&namespace=d30a0d6f5f&subid=&uid=614d55df724f9f97&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzevtjpeeYdiRB8ik9u8PrvCugAK1zfmDV5zfuavlDPAuEAEgwqbWG2CV4pCCoAfIAQmpAktEnNnTzLI-qAMBqgSEAk_QK0gWpT6GHIp-5_9a9I04eR30z9cYM4JykytoCtyym9_JzLxVCv7FJRqxDB-KYwMbe-52ZxRGKQkuXSufwoIpKZf4WyUuG2_ycp487TMilDwlZHX4wUOnHRhwDn5mojCQFDOlD3jaMJeEvQuk6fCVP_Fb85l3uzlNrnmZGVnhsnqv6kMSKzRRNBPf-C8J76diZXzdtNys2MQXeoH0UlK8W0-at2G_aN5DdTdCrsKYorSiX3UgaWa1xH7hd7Sh5H5q4-ue6ncU6AzZVwgKTwzMgBuxeEFkpQHpguhrPZ0LcEhpl6oMPDksv2_yJqDrqNmSmOzU7NU0MFp866ccDmz-QhtzwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoOUnR45ANGIzgD41U6PX1qPX9vw%26sig%3DAOD64_16K6m_VYTjQw9ivGN7NX7lHGORBA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-C2blkOKwORKDaqGcF8tMUynm3UShyWPVCLxJOV86HHieA-31HB_vin-Mv23i8Njl3hMS4UQx31N85Ay7WOcYAcKECwjQxUUkbVYBreAvijrlNeiONw3z_GaOxXUkMD6Hwd-KZQ3NaIETfaoBnuNtTrIj2CMA%26cry%3D1%26dbm_d%3DAKAmf-DeCw3Tns_nTm9OAgx0Y-8SIP_LyLIzRFyWJ0ANOjUi4Gr_8URzNtSCBLp831_Xmc2IKMTkGfRqmQSrKcvCxGEIgbvj1Trr0ikXrkILFHqkyQbctmcB7aqj0EeZ8hRvlItwmlhAYOAjQujHYsMZ5sRYuneKjl0JR4T42DVyo7maFx_Odo3ONW2LsC32eZUfkzc6Ifg4e3_qIgRRY8TG0-1bWPAszuIKlHcTZ4bUi96DHhMr6BlekliEQ6DEGEMFQS1RxLiJHbFt7WU5bHZXPv8nfmuZBdVW1W7isAhFY8EV3Mh7JcTFvI4SQv9aan6918tTvVI_TvOAdL3iWDwLvbrwtD6EBIh_f4Myu1bzZqnC9QXqprN2-KZ0fEB6S5x4k1DrB2TIaMWhkT6MUwhH50jZ6udIOijEYRQEzdiCs9cbY62Af7CeJq-gkcy4QgDxE3q1FalV%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com&random=1830140073064&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Schwaig, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 24 Nov 2021 08:50:40 GMT
server: Microsoft-IIS/10.0
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Wed, 24 Nov 2021 19:50:39 GMT
content-length: 0

Redirect headers

Server: nginx/1.19.7
Date: Wed, 24 Nov 2021 19:50:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Keep-Alive: timeout=20
X-Powered-By: PHP/7.2.34
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials: true
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=70305000151387900710624011788025&actionid=879111&produktid=ratenkredit&dt_url=
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID: B9D59BA4:B388_91EFC182:01BB_619E9790_D715FD3:2A265
X-IPLB-Instance: 40028
Cache-control: private

GET
H2 200 / Show response
adv.office-partner.de/ Frame 3B16 930 B
1 KB 68ms
7ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=ma1tq3l10cm4&nw=20&renderingType=javascript&namespace=d30a0d6f5f&subid=&uid=614d55df724f9f97&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzevtjpeeYdiRB8ik9u8PrvCugAK1zfmDV5zfuavlDPAuEAEgwqbWG2CV4pCCoAfIAQmpAktEnNnTzLI-qAMBqgSEAk_QK0gWpT6GHIp-5_9a9I04eR30z9cYM4JykytoCtyym9_JzLxVCv7FJRqxDB-KYwMbe-52ZxRGKQkuXSufwoIpKZf4WyUuG2_ycp487TMilDwlZHX4wUOnHRhwDn5mojCQFDOlD3jaMJeEvQuk6fCVP_Fb85l3uzlNrnmZGVnhsnqv6kMSKzRRNBPf-C8J76diZXzdtNys2MQXeoH0UlK8W0-at2G_aN5DdTdCrsKYorSiX3UgaWa1xH7hd7Sh5H5q4-ue6ncU6AzZVwgKTwzMgBuxeEFkpQHpguhrPZ0LcEhpl6oMPDksv2_yJqDrqNmSmOzU7NU0MFp866ccDmz-QhtzwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoOUnR45ANGIzgD41U6PX1qPX9vw%26sig%3DAOD64_16K6m_VYTjQw9ivGN7NX7lHGORBA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-C2blkOKwORKDaqGcF8tMUynm3UShyWPVCLxJOV86HHieA-31HB_vin-Mv23i8Njl3hMS4UQx31N85Ay7WOcYAcKECwjQxUUkbVYBreAvijrlNeiONw3z_GaOxXUkMD6Hwd-KZQ3NaIETfaoBnuNtTrIj2CMA%26cry%3D1%26dbm_d%3DAKAmf-DeCw3Tns_nTm9OAgx0Y-8SIP_LyLIzRFyWJ0ANOjUi4Gr_8URzNtSCBLp831_Xmc2IKMTkGfRqmQSrKcvCxGEIgbvj1Trr0ikXrkILFHqkyQbctmcB7aqj0EeZ8hRvlItwmlhAYOAjQujHYsMZ5sRYuneKjl0JR4T42DVyo7maFx_Odo3ONW2LsC32eZUfkzc6Ifg4e3_qIgRRY8TG0-1bWPAszuIKlHcTZ4bUi96DHhMr6BlekliEQ6DEGEMFQS1RxLiJHbFt7WU5bHZXPv8nfmuZBdVW1W7isAhFY8EV3Mh7JcTFvI4SQv9aan6918tTvVI_TvOAdL3iWDwLvbrwtD6EBIh_f4Myu1bzZqnC9QXqprN2-KZ0fEB6S5x4k1DrB2TIaMWhkT6MUwhH50jZ6udIOijEYRQEzdiCs9cbY62Af7CeJq-gkcy4QgDxE3q1FalV%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com&random=1830140073064&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/

Response headers

server: keycdn-engine
date: Wed, 24 Nov 2021 19:50:40 GMT
content-type: text/html
content-length: 930
last-modified: Thu, 06 May 2021 15:37:28 GMT
etag: "3a2-5c1ab16ba8ac4"
expires: Wed, 01 Dec 2021 19:50:40 GMT
cache-control: max-age=604800
link: <http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache: HIT
x-edge-location: defr
access-control-allow-origin: *
accept-ranges: bytes

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 9A62 1 KB
2 KB 213ms
105ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=70305000151387900710624011788025&nw=1
Requested by: Host: www.baixaki.com
URL: https://www.baixaki.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 584f16e32eb3235e831a93f0551776b53d6d9d3879976491db4013ad34072b75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 19:50:40 GMT
Last-Modified: Wed, 24 Nov 2021 19:50:40 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1233
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

activityi;dc_pre=CNS5xeHisfQCFaofBgAd71MNYw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7247421676296.621 Show response
8019191.fls.doubleclick.net/ Frame 9D73
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7247421676296.621?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CNS5xeHisfQCFaofBgAd71MNYw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7247421676296.621?

391 B
346 B

107ms
61ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CNS5xeHisfQCFaofBgAd71MNYw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7247421676296.621?

Requested by

Host: www.baixaki.com
URL: https://www.baixaki.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

4c6819a84354842b2520140c8ab8757fa3eb3b8fbc9770214caf2689a214dc9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 24 Nov 2021 19:50:40 GMT
expires: Wed, 24 Nov 2021 19:50:40 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 323
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 24 Nov 2021 19:50:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CNS5xeHisfQCFaofBgAd71MNYw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7247421676296.621?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900025.redintelligence.net/ Frame 49A8 7 KB
2 KB 33ms
11ms Document
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/request_content.php?s=70305000151387900710624011788025&a=49e2f2d0
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=ma1tq3l10cm4&nw=20&renderingType=javascript&namespace=d30a0d6f5f&subid=&uid=614d55df724f9f97&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzevtjpeeYdiRB8ik9u8PrvCugAK1zfmDV5zfuavlDPAuEAEgwqbWG2CV4pCCoAfIAQmpAktEnNnTzLI-qAMBqgSEAk_QK0gWpT6GHIp-5_9a9I04eR30z9cYM4JykytoCtyym9_JzLxVCv7FJRqxDB-KYwMbe-52ZxRGKQkuXSufwoIpKZf4WyUuG2_ycp487TMilDwlZHX4wUOnHRhwDn5mojCQFDOlD3jaMJeEvQuk6fCVP_Fb85l3uzlNrnmZGVnhsnqv6kMSKzRRNBPf-C8J76diZXzdtNys2MQXeoH0UlK8W0-at2G_aN5DdTdCrsKYorSiX3UgaWa1xH7hd7Sh5H5q4-ue6ncU6AzZVwgKTwzMgBuxeEFkpQHpguhrPZ0LcEhpl6oMPDksv2_yJqDrqNmSmOzU7NU0MFp866ccDmz-QhtzwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoOUnR45ANGIzgD41U6PX1qPX9vw%26sig%3DAOD64_16K6m_VYTjQw9ivGN7NX7lHGORBA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-C2blkOKwORKDaqGcF8tMUynm3UShyWPVCLxJOV86HHieA-31HB_vin-Mv23i8Njl3hMS4UQx31N85Ay7WOcYAcKECwjQxUUkbVYBreAvijrlNeiONw3z_GaOxXUkMD6Hwd-KZQ3NaIETfaoBnuNtTrIj2CMA%26cry%3D1%26dbm_d%3DAKAmf-DeCw3Tns_nTm9OAgx0Y-8SIP_LyLIzRFyWJ0ANOjUi4Gr_8URzNtSCBLp831_Xmc2IKMTkGfRqmQSrKcvCxGEIgbvj1Trr0ikXrkILFHqkyQbctmcB7aqj0EeZ8hRvlItwmlhAYOAjQujHYsMZ5sRYuneKjl0JR4T42DVyo7maFx_Odo3ONW2LsC32eZUfkzc6Ifg4e3_qIgRRY8TG0-1bWPAszuIKlHcTZ4bUi96DHhMr6BlekliEQ6DEGEMFQS1RxLiJHbFt7WU5bHZXPv8nfmuZBdVW1W7isAhFY8EV3Mh7JcTFvI4SQv9aan6918tTvVI_TvOAdL3iWDwLvbrwtD6EBIh_f4Myu1bzZqnC9QXqprN2-KZ0fEB6S5x4k1DrB2TIaMWhkT6MUwhH50jZ6udIOijEYRQEzdiCs9cbY62Af7CeJq-gkcy4QgDxE3q1FalV%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com&random=1830140073064&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 941fd2d65ca01dba1c195c0187f3d01548afe7a57069eb0119cd9763fe29ca9b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/

Response headers

Date: Wed, 24 Nov 2021 19:50:40 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 24 Nov 2021 19:50:40 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2024
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 9A62
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=70305000151387900710624011788025
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=70305000151387900710624011788025
https://ad-server.eu/wm/pb/native.png

68 B
312 B

143ms
28ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 19:55:03 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Wed, 24 Nov 2021 19:50:40 GMT
Server: nginx/1.19.7
X-IPLB-Request-ID: B9D59BA4:B388_91EFC182:01BB_619E9790_D715FD6:2A265
X-Powered-By: PHP/7.2.34
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type: text/html; charset=UTF-8
Location: https://ad-server.eu/wm/pb/native.png
Cache-control: private
Transfer-Encoding: chunked
Keep-Alive: timeout=20

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9A62 43 B
702 B 51ms
30ms Image
image/gif 104.92.94.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2601049&v=18332&q=376776&r=296283&pref1=70305000151387900710624011788025&pv=1

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-94-3.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 19:50:40 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A62 0
0 372ms
71ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=extra&rnd=4317966

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A62 0
0 373ms
72ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=extra&rnd=1507490

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A62 0
0 372ms
72ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=extra&rnd=9393951

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9A62 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4c0b908bed856bac07e87c4361711f681a398df5ccade819dea14f74fffe119

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 49A8 4 KB
0 2167ms
1866ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=70305000151387900710624011788025&a=49e2f2d0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 19:50:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 24 Nov 2021 19:50:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Nov 2021 19:50:40 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 49A8 92 KB
92 KB 34ms
12ms Image
image/png 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=70305000151387900710624011788025&a=49e2f2d0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a3fb6d011c45bbe0fb746abafef9c2a3d27c6187d20cf90dce2d1a0d140ffb91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 19:50:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 49A8 62 KB
62 KB 35ms
13ms Image
image/png 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/52343/creativesup/1200x627_2.jpg
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=70305000151387900710624011788025&a=49e2f2d0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: de9db89a2937460ed0938de6cfcac5719bdbae4d5ba37cf6f500099a0604ea99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 19:50:40 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 63771
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 49A8 76 KB
77 KB 35ms
13ms Image
image/png 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=70305000151387900710624011788025&a=49e2f2d0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 6634e9776b3e0c02ed4d409ac2dc199397cdbaa2ee5ba9537e53c99aedfebdf2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 19:50:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png

GET
H3 200 gtm.js
www.googletagmanager.com/ Frame 3B16 6 KB
0 411ms
411ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:50:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32164
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Nov 2021 19:50:40 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2C19 22 KB
8 KB 339ms
38ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 24 Nov 2021 12:48:37 GMT
expires: Thu, 24 Nov 2022 12:48:37 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 25323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 9A62 51 KB
51 KB 46ms
8ms Script
application/javascript 13.225.78.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=70305000151387900710624011788025&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-56.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 52678
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Wed, 24 Nov 2021 05:12:42 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: 7qnk9EtKvCV2isogZnfgq_tOmZbFdvBg4NmGqb358d4Wn8DigScaGQ==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 9A62 3 KB
3 KB 73ms
28ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=55872900158875000951435011788007&wglinkid=2513135
Requested by: Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 19:50:40 GMT
Last-Modified: Wed, 24 Nov 2021 19:50:40 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Content-Length: 2808
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dc_pre=CNS5xeHisfQCFaofBgAd71MNYw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7247421676296.621
adservice.google.com/ddm/fls/z/ Frame 9D73 42 B
262 B 376ms
75ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNS5xeHisfQCFaofBgAd71MNYw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7247421676296.621

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CNS5xeHisfQCFaofBgAd71MNYw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7247421676296.621?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8777 0
56 B 377ms
76ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bk8enj5eeYfLZIKjY7_UPv7eRuA0AAAAAOAHgBAI&bg=!PzylPHjNAAZQLpa_UC47ACkAdvg8WiwNz4D5k7CAbR2GJCRxUKdZJn_IZ3npEk6L5qmurK8kMAMGuwIAAABcUgAAAAZoAQcKAMSLZY1qBcQC3IncN5NsizDd5-L3aJdw-hUyoUAnqcxZBWtmLrQbukbxZ1NSuD0wMKBI-8-g8ICy1qPdsWHyxdC535uFI5HAV016UFLQaSembqK0lMVBcmz5gKIACY3YSlrZhTMq09JTXYHYyDFoo8GHU5wz_mQutNHieHGiOHagPUMrLY_d8uqc0Tu90kkJ7nN8Gpqif78gctClB2BFsnbB31gSWu-uUIWPWm4M5ElroaWc-GZHIt-vTNODjxgmA7wmCAp_mQLAygeA9kyP0X3ENDmgdLpCp4lrN84Kl_cHzy8gZjcKliCmxiuiB9z-V1yQ0f9UHMJkwdNeOR4KRuJHmQTzxQEejBACf1BFbPhiXYl97MdXdH8Pg0ynyKaWCrbM3JJ0zW4XpehRhsAEhT99nqH_WYD7VCKvPjYc7txIhkzKl42LD5_jfsSxplp11ti2VJqNS_mOh4_LGaayjATWhliLWNN32GSac1qjM1Tk039g1WHWRiKdq5wVybkXFjEQFhUZoqYnbncWynUsP3ocddNImcA4mUtLGHkkgC7VlsF8oXis5T6_Pd28YIGDSyjcOGnYeVmhpBWAMZNRzxPoU81WGIW3BUcwQT5qE3iaGUqra5RYgY4qSJvMBmRvS92xLo74A67rU0GfKVGVpP-9f6OZTihYvZjFwmm4h5KhPrj70ygIvuVkP1lTY-Hc1Md1XPOy36o5xfDbHlH3_c6Qp0ZZHVcEZ41W5k1EIGLY_6IbZcBQeOjXXdsS5cBuWjs_PRgzyikt_A-NJkIVjCRvtXhJGeTFZxNRrowSkBDLtdQClMg2hgB0W2MAuLNC2gegKTTV9bopFA90tbvuzcT9zudY_igQzvzOAm5AciiA7jD9-htLwQeAO6vYw1upj4T9ozbeyZ2TtGPt-73x49ZukW4MxnjbVndNJhwFsDQtCZptHXQ_IcPk_5BWuoauyfqSYqKTy0qtYWDXf0woVaZoGduz8vTKJFylR2hIYwgXGdzAxlRSMzRyCuRwJkc5xV-Sg7bx8a6FJ5OQc6T9uISBAl_OISqZ-TQUgzFFA7s8tLNu1ET_713HC7RdxkgwqrstvlLUGPR3buECPG55mIob8vSCWDdfxKeHAosPL4lH4hu0xnnk5JcFhBCbSomS5F2KLZf4jpK6m3fNbTOAypNFzYrayxSan6s8EOBCx1SF9yw2BzqKLm0

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C19 35 KB
13 KB 340ms
39ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 18:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 18:35:33 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D2DE 42 B
111 B 375ms
74ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvy-FcO5cC-35pt_MJvCgP9gnOV5OuuGHn24bIqnq1GtnN5hgEVzbzIkltG8VK0H01zm9oCv7B_SzWeZe8utg9u_VU-6rModiqAGpOMwsYTxANCGpnaFw&sai=AMfl-YSlBsV0r-o2UnYpt1i2CkpNaO8sDxfukfdjG8p2y1uDK8uJv-RDE3ti7b3XyjYH-daQHNFNEmJO79ZozAOf11BVr6W_8VH9dC5nZax7iYP2-R9oFHQwRKToQIzZ068&sig=Cg0ArKJSzNU_zOMosNBQEAE&cid=CAASFeRoqfM9n1iArNp0n14srztwBZP-Tw&id=lidar2&mcvt=1100&p=140,315,390,1285&mtos=1100,1100,1100,1100,1100&tos=1100,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3767517223&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637783438769&rpt=1451&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 9A62 16 B
232 B 102ms
102ms Fetch
application/json 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-101-139.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 24 Nov 2021 19:50:41 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2164 42 B
108 B 376ms
76ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8jWTzMrC7bim40aljaluy7i0wl_JTGJak86V9HNlMxuNpYCCIwpcqJoTi3qXJyCnwRzLl0vN29lPaIheJCVUP4vGxmQoyGQC3AyGHObL8SGr4dI2xeQ&sai=AMfl-YSsFNklDwAEYNmX5ro-OqWOvk1hx94q_6Umw5UtLCSiCQGDNvfEE9EJpbac8Gw1Z5STBqYn92DZ1TJhsgwKclhi1X7UbKZR8OdcUDDrzYSgcd_kpGMdXA2FScmNTQ0&sig=Cg0ArKJSzKanXMr_3CKwEAE&id=lidar2&mcvt=1029&p=998,1006,1260,1354&mtos=0,1029,1029,1029,1029&tos=0,1029,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.87&if=1&app=0&itpl=9&adk=1135348589&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637783438791&rpt=1134&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C19 0
56 B 375ms
74ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBe98j5eeYf38IsHw3wPUrowwAAAAADgB4AQC&bg=!KSqlKm7NAAZQLpa_UC47ACkAdvg8WoN_2OdFR94t6O1qGw4vGT395WP2H8Ox0iKUauyoLcYVH-m9xgIAAABgUgAAAAtoAQeZAspThiatyyPrMdHvJ2FNuwrVt_DA_3HkmzIMQ9QHmdXVSqPi5Lswq-ObHHNhqa408bJ0cLUFFncs3AcoHrSDHRDnndBJxBOybaOM_GmawJRBbPlD4TobEHcUtglHsktRNI9mREJyfs7z-5p9_48azf6s8Uq7g14INY5VtbZQUhbf_kSnoGfJWTha_JdxnsPEKPPwKwpCNo_mqgTiglD4rJ6ZG5fo1u-sTyl9a2zjxxcCXNbs_sNu2C9GuTkUyygzA5kcc8N8V-yPZjICLlx3HFLcDcVYPHvnZtlnw-0NGJjHxgVwworQcH3ofk9YH6x_4F-OKpanI2WverYqXR7n6iUzwvck4VkCRC6C_OmtWTXIJFE-vFd0FYI_4HOp42yAgM0jQ4tXYGPEkvEI6Bl6Zd9qdB11sxDiR0EHrcOxjjLAJV8IXnh-01BPi8ZOJSeRcg16OyvfLP8ohnysjUQ0DooBMocoyw0NlHB_yl52jNgYO8Rjo08NNG4s3sJocEHo7vLUKc8hbYBs04NzJpAkzovdPb4labNUTI4QgswENdKGRbRAh8W5kDJ8I1_XTxgVTH4DmpkQHSalcPDl-uF5GD5acqAdDo8NrPnP54fVM5MvZ7bBZH1dMubdhhquFyjlt4L9IcOD45qMgAWs6DOyAC9kQbst0norlsD3uH0yOlGOOgF1xrM6MIm0hdBYbsaTeKcW0KvexdT1YDmYV7J3eUvcNL64u5Z66akOv98-ypDx8jDdDO98102zzI4HCqOaXQHjx0oq0Vr-vk2feMlQygxVwCD-t-CF0-L4pJ3Y2XmzdwtcTigTcVBEVl_X3Sa5UpdlbO3McWHvHvZy7oYEl_Iw-CLYY0euP7F7bP8bS-DoiPprWvC6oi7Lu6IqkszHAHGWZ7ovCrm3aZC6_BXwoMNwmzwwNA1As43IlL_yg_RXUOf4-KbJDLaeN34

Requested by

Host: 03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
URL: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:50:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET css
fonts.googleapis.com/ Frame 5FE2 0
0

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 296ms
26ms Preflight 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-101-139.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 24 Nov 2021 19:50:41 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H3 200 DcmEnabler_01_245.js
s0.2mdn.net/879366/ Frame 5FE2 15 KB
0 39ms
39ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6103495451613787474/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6103495451613787474/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 15:47:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14592
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10285
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 Nov 2021 15:47:29 GMT

POST
H2 200 / Show response
api.goadopt.io/adopt/log/ 15 B
315 B 256ms
244ms XHR
text/html 2606:4700:20::681a:1e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.goadopt.io/adopt/log/?website_code=a8b131a9-d7fb-4185-b074-da8dd2ac7aa8
Requested by: Host: tag.goadopt.io
URL: https://tag.goadopt.io/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b9267503a62d762b6f254d86082b81643a0c3bb195f177a59fb2fe267523383a

Request headers

Referer: https://www.baixaki.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 24 Nov 2021 19:50:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9%2FcKjWvqsHLc4oLgGSs2LT%2BJBPcf%2FA4CZpucjCo1XonYPDbAAF3TYlxCcrkoW7eGxVfpVtW1LGLpEqIVMHV4E2wZXDVWIHuaT1ud11xe5Q4jA3YWAovQ5wlPV6RWKFhjW5hV3yH4LiQ2aik"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.baixaki.com
access-control-allow-credentials: true
cf-ray: 6b352af32de56955-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.scorecardresearch.com/	1970-01-20 16:13:11	Name: UID Value: 109KBUB470CQJUZ69PNSUFg1637783436
.pn.vg/	1970-01-19 22:56:25	Name: __cf_bm Value: GAwi1zVUP9GtnyTyb1Y5vJdji2DJ2UBSDdZ1_Oq42iw-1637783436-0-ARNVGXxb5bdglGZ/SmZd7ytPmkqkuX2TCapjrxozuN0xIMwmkR3e1RCyoV/y/epsntwp3060ZoiGtQe3jq7jCgg=
.baixaki.com/	1970-01-20 16:27:35	Name: _ga_KDJP529EVF Value: GS1.1.1637783436.1.0.1637783436.0
.baixaki.com/	1970-01-20 07:41:59	Name: _hjSessionUser_592798 Value: eyJpZCI6ImViMmNmZGU2LTMxOGMtNWJmNi05NzVkLWNkNDFmYTYwOTg3NCIsImNyZWF0ZWQiOjE2Mzc3ODM0MzYzNDYsImV4aXN0aW5nIjpmYWxzZX0=
.baixaki.com/	1970-01-19 22:56:25	Name: _hjFirstSeen Value: 1
.baixaki.com/	1970-01-19 22:56:25	Name: _hjSession_592798 Value: eyJpZCI6Ijk4ZWYxYzJlLWQ5YjItNDM0ZC1hZDE0LTk3OWQ2NzBkNzhmOCIsImNyZWF0ZWQiOjE2Mzc3ODM0MzY0MTN9
.baixaki.com/	1970-01-19 22:56:25	Name: _hjAbsoluteSessionInProgress Value: 0
.www.baixaki.com/	1970-01-19 22:57:06	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1637783436752],null,null,null,[]]
.baixaki.com/	1970-01-20 16:27:35	Name: _ga Value: GA1.2.1116588821.1637783436
.baixaki.com/	1970-01-19 22:57:49	Name: _gid Value: GA1.2.1067975023.1637783437
.baixaki.com/	1970-01-19 22:56:23	Name: _gat_baixaki Value: 1
.baixaki.com/	1970-01-19 22:56:23	Name: _gat_baixakib Value: 1
.baixaki.com/	1970-01-19 22:56:23	Name: _gat_geral Value: 1
.rubiconproject.com/	1970-01-20 07:41:59	Name: khaos Value: KWDXZ08U-1Q-3SRK
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|XoTpdAZC/OrCXi+t2tt8Mx7c5rJaP5uXhxpnGfrzPAh1r4f5PW3gQ6qaZLiJj4/FKQattD3GB2TGFkanCXKRK1XEokALhlcJ9R8vVZqPCx1KqnWuDc9aU/+oD8/ZWV4=
.rubiconproject.com/	1970-01-20 07:41:59	Name: audit Value: 1\|hLZGFuTafB2P5Ges7OJf2j5APvdogVCbaTd6KyMQnasCO6vdpaaRU6y8z0z1Z8MlwoKrdpLdaru3C22A2ZQIXCYbB5SW5XQ30o9VXpep90Cma+WVcS1g3g==
.navdmp.com/	1970-01-20 16:13:11	Name: nid Value: fc184bef14f9a2852ca674a6e09\|0\|354
.baixaki.com/	1970-01-20 07:41:59	Name: nav13767 Value: fc184bef137cc3a137f52018109\|2_329
.baixaki.com/	1970-01-20 08:17:59	Name: __gads Value: ID=5fa45ed00e61c56d-227fbdadf6cb00c8:T=1637783438:S=ALNI_MZqmjYH1PphCNg2x_2igpr6CTOe2g
.adnxs.com/	1970-01-20 01:05:59	Name: uuid2 Value: 5087369076858111087
.doubleclick.net/	1970-01-20 08:17:59	Name: IDE Value: AHWqTUnGkYbgOsXVRBh2ZeyiTn27fVEUzpXu_OQVJrmsOXtCEJiHtIqlpN0gzr1uKA0
.casalemedia.com/	1970-01-20 01:05:59	Name: CMPS Value: 3269
.casalemedia.com/	1970-01-20 07:41:59	Name: CMID Value: YZ6Xj7jbgvTQ.zj4eLSkuQAA
.casalemedia.com/	1970-01-20 01:05:59	Name: CMPRO Value: 1200
.casalemedia.com/	1970-01-19 22:57:49	Name: CMST Value: YZ6Xj2Gel48A
.adnxs.com/	1970-01-20 01:05:59	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C')mRx[r!]tbPl1M>e)ZlrFUfJ+tGXxoPZMy4$RgS5hc5uU`BIn=@[3rU]%LcbCXn6@%nugO%v4VB%no%H5x9V
.casalemedia.com/	1970-01-20 07:41:59	Name: CMRUM3 Value: 2d619e978f2760CAESEAOUtM7D-JyoNkkP8OWjXLk
.redintelligence.net/	1970-01-20 01:05:59	Name: 8lcfmzhxc8d6_uid Value: 7f85c98017bcf6a9
.doubleclick.net/	1970-01-19 22:56:27	Name: DSID Value: NO_DATA
.awin1.com/	1970-01-19 22:59:16	Name: awpv18332 Value: 296283\|1637783440\|cd64a600-4d5f-11ec-949f-22340a93398d
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 376776:2601049
.medialead.de/	1970-01-20 07:41:59	Name: trscj Value: MTYzNzc4MzQ0MHxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRPREZrTXpRd01EazVNMlV4WlRkbFAzTjFZbWxrUFRjd016QTFNREF3TVRVeE16ZzNPVEF3TnpFd05qSTBNREV4TnpnNE1ESTFKblE5YUhSc2NBPT18YUhSMGNITTZMeTh3TTJNeU1EZ3lPRGczWkdVME5qUTBNV0kzTkRZM01EWTJNelppT1RJMlppNXpZV1psWm5KaGJXVXVaMjl2WjJ4bGMzbHVaR2xqWVhScGIyNHVZMjl0THc9PQ%3D%3D
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: npsekgnctmg5rikaedfmcire
pb.media01.eu/	1970-01-20 16:27:35	Name: DTU Value: 85C5E3E53709F5AF5497A13F31F5C52A
.goadopt.io/	1970-01-20 00:22:47	Name: VisitorId Value: 95507997-cbf5-49e7-a80f-67c29d2a5d89
.baixaki.com/	1970-01-20 00:22:47	Name: AdoptId Value: JwVhAYHZmSFoDGAjAZiOAWYBTeBDADnBTgDZIEAmYAE0rxBoOCA=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://cdn.pn.vg/push/ilabspush.min.js Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=666; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

03c2082887de46441b746706636b926f.safeframe.googlesyndication.com
8019191.fls.doubleclick.net
ad-server.eu
adservice.google.com
adservice.google.de
adv.office-partner.de
analytics.webgains.io
api.goadopt.io
api.pn.vg
api.webgains.io
baixaki.com
c2shb.ssp.yahoo.com
cdn.jsdelivr.net
cdn.navdmp.com
cdn.pn.vg
cdn.unblockia.com
cm.g.doubleclick.net
cookies.pn.vg
disclaimer-api.goadopt.io
dsum-sec.casalemedia.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900025.redintelligence.net
ib.adnxs.com
img.ibxk.com.br
medialead.de
obj.ibxk.com.br
osp-assets.pn.vg
pagead2.googlesyndication.com
pb.media01.eu
prg.smartadserver.com
pv.medialead.de
rtb.adpone.com
s0.2mdn.net
sb.scorecardresearch.com
script.hotjar.com
securepubads.g.doubleclick.net
static.hotjar.com
stats.g.doubleclick.net
tag.goadopt.io
tag.navdmp.com
tpc.googlesyndication.com
track.webgains.com
usr.navdmp.com
vars.hotjar.com
www.awin1.com
www.baixaki.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
fonts.googleapis.com
104.92.94.3
13.224.193.122
13.225.78.103
13.225.78.56
13.32.121.37
138.201.135.164
138.201.84.245
142.250.184.226
142.250.185.130
142.250.185.142
142.250.185.162
142.250.185.226
142.250.185.228
142.250.185.97
142.250.186.104
142.250.186.130
142.250.186.142
142.250.186.163
142.250.186.70
142.250.186.97
142.250.186.98
143.204.98.123
145.239.193.130
169.45.94.235
172.217.16.130
172.217.16.131
18.156.195.47
185.33.220.241
185.86.139.58
194.126.175.195
2.20.157.55
216.58.212.134
216.58.212.162
2602:803:c004:200::143
2606:4700:20::681a:1e8
2606:4700:20::681a:786
2606:4700:20::681a:b19
2606:4700:20::681a:e8
2606:4700:3039::6815:c0b3
2606:4700::6810:5614
2606:4700::6810:bf3
2a00:1450:4001:801::2006
2a00:1450:4001:811::200a
2a00:1450:4001:829::2008
2a00:1450:400c:c07::9d
2a0b:4d07:101::1
46.236.13.147
52.215.101.139
54.76.176.197
88.198.250.30
94.23.99.218
075fb12cf9fa783f0a48c8e53f0a372d94e32a583e3563f756326a7fe5896cab
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
0a1c949a408384e4b2ce4ace6ba1d1e96a105e2fa6c6eae021ddc48c3a52e13c
0a5b78349a159e78130db440d69a8f2c132269bb947ab2ba567e088ef27b7abf
0b125629b135235aea4609c07048a5a7671a9058910b632db5d69a0d09339ed4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13d4ff41ac9b473675e32d17ee4908d6232af50e07b4bd949da0b80933d0e0e3
14e4e66c3970c3403d6fc0bbe0d44b9c1188e910021e1e8d06bd8ffac4e977cb
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19c37f0ce29dee5d40bfee9912049cb0e7b58a7d540a030ae7c4add2a4d862b9
1b12ccc659ca03b3da767d34fb71e594d3a2066cbae3c41588cfb31720d6f40d
1e05b72fd7a0a9f78d03485795695bc0a5f9749013e33cca58a43c6041e834b4
1fadea1eb3b1a6d1375ee352f199714863482543338917087c1caea1cde6b8be
21598ab39b4b6f2face56e1a39143ac4feb7fff74a7566b4e170f5214608c2dc
21943a3c4a4d4574f564cfac429b734cb184f42fa12a12694830d670a16b738c
23277fcb3e32c1013186155c3042b6bcc011367775152a496e3bcdf2ac7dfa00
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
270ac85deabeb786abc369bf7c1cb955924b91d0230bd0066a1a0ad8a0de6c2c
2b33fed249bc29500fb7ddc52c59a97853f5d26827efd3e6a60cff498c361acf
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3220bdbb5cf48d81013c277796e9cb2704055cbed0b66c15b490467f13ab702e
3469aada33d3ec0b335ca25955f6ad41dfb06579bd3496246b2dea00fc0e5a08
3581cfc6f7a0c428468046001882fb3120d9c91b630ec65558d453b5d6e0e332
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3a6253a7c771493544e746819ad8f1fe0b89d16cd3aa1fcb6e0382b3d4dd5b2d
3dd60371c5481dd8d2f279abe622ac766eedbdaa8a8f42df612c5aaddbf98a9c
3e7ed3cd536142134dd4b6d5d558bf6b14115a831cb00f65becadf461779fc8b
3e96f47324fd2fcb535ba6df08f92adcae94c013a4ce777b0d8f92c48cf32ea7
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3f85f523f24f28d3c0a2dcb318677a161ec6ee58403b7fd5fa26e7387e79f18f
40f77602cce461772027e6e98d40af64aac49cc68662cc5de14433cbfbac42a7
422341e2b4c8e05aee20cd2a053cc7e58b1b4f6d076f4b3db65f4059106cfa60
495719fbc3aeda0709fe864b7c93ff4da4482813256bfa793ade3dba5dc4f579
4974a2d038799fe9033087f119ff2f1bab04d248ab121b54703e47abffa7e6ad
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6819a84354842b2520140c8ab8757fa3eb3b8fbc9770214caf2689a214dc9c
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5180c68d4bee59d9e1561bcb666c6b7ef224bef08bcfc114f7bb96dd11728f2c
536b3ce1074d9b9899aac640bff3eb2d71b98261b19a5f341f3d783320548189
56ca2336f6981d00ee046eec1ccab4d7085a8c3fc1ccc52fee13608f4348d0d7
584f16e32eb3235e831a93f0551776b53d6d9d3879976491db4013ad34072b75
5a751ffb91a071e541515d56f6b20062fbb5b905f33ca5a836de418e57bb25d7
5ab2448d1392d7506b0a580fc0610bd0fd415d0cd3d95ccbd71ab889511ebaf4
63d7da1b66ec00382543a1197a1e66792828046cdc5d8c4cd26bca16f4a5eeff
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
6634e9776b3e0c02ed4d409ac2dc199397cdbaa2ee5ba9537e53c99aedfebdf2
67f1dcaef5b580ef442ea6fe31b03add877746044929b11b527ec4c6e8a5223b
68068b088080b4fb45eb80a51db2f41fef576126c752319e813a3b9805a9148f
6e363ef04f4e823072a3170d398719190601ce05b2a1e577cfbc181565d2465d
70632d05edd0300641786d4c908d9ab48a5f9255900d8ccfdddfe17fae1cfe18
7287735cb481be63658ddbb5412092d2539823978d2f4d294da10aaa81e32265
73226a3c7e58b2f89a2141139c693719fac2a87539038a9c55a3526da967828c
762eec26c35697c778960f1348261ead87844a3fb32e847f237cc6fdab697ba5
7be4e9c783a9302f24facb52802ffba55df302f3bfb746f46595482372ff4d54
7dc6233e353072438134195252ae4301aee73bf5ea29efdd652218eaf37d8d49
7ff7e40f4d0d93e974e173224fb96cfe5dd926f3994efb60941252ffbd77f643
82034ccb611b4999a44de84329924ecf896423c06265f14d908025f2a7b32f06
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86866185c7b2df488fc2c3057d721e63a667b38d701cb9d0be1e4fe278d0264e
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8e53d6083851baacf7d091d83f14eac9d8b4a04d439e000e788de190c01c9480
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
941fd2d65ca01dba1c195c0187f3d01548afe7a57069eb0119cd9763fe29ca9b
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
983e357f89b271ec5b55552dd277c48b7891344bfaf230b5b3126fb0a55c1d69
98921e0a39f7da71f2cddc834a3433593eaf06ecda0b17d6497d4bbd1169708c
990c4063146a43a9e2875eed003a8ca9ac814ace25198517d786012e37d82e08
996ae9d3dcc9abd08d3a659df788e6a725ea47b665e6b96cf9f664680fa52e03
99c02df117ddd61aa9ec99a89d6145c18ca62e49bee6c48de0d4bbbdb4977442
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9dcfe61b46d6e4ea186169765f82a083fa369854eefccd6812b06a896f6c404d
9ea7ec188e5175fc2858af542f51bbc3acdb6b7a9ba43c0aa4c75ae830815403
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0229a19df04da6211d8b995d82e684e3df36d0a5662750db777a91e7f8e1426
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1dc62fa4bfa920c038d700a01519ab337bf390391ba4d49543e566f92bd09e7
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3fb6d011c45bbe0fb746abafef9c2a3d27c6187d20cf90dce2d1a0d140ffb91
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
abd2b091ae391fa4756f822e256e5b0055a36becb60e9774ecfc304a159df0ee
abf55d853f3bbe3a244ea8f3b8ed9b4127f028a096fefc942020a3605433d99a
acd8406712d2f6fdd0bcc0e9e2f0bfac4bb376f901a86b79d0bf4e608a8ac29c
adbecdb781a8f8ee4ce8d2eb61754505abfc0578213a14bdc1d282888466792c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afdccdc84af8780206f1a3064b8ff843c6d63cbaf9498fec058d34636322c335
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14912b49b62e71872cb1e6b2f8b032dceb9c5ca847611ecda15f87fbea12df1
b25841379137040a3f9cbad54fbe07eaa67885d83534bec03c4cff28483fc816
b262827f238014835d655f7016aadadebceda90fc2a29dc89ecd268a9278524b
b4581b3204145d68f054501bfaa02c7bd82b89ffe264e6e878d6a49a9092cbe4
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b6732ef598323e03a0c430d90f45d0a63934d22b3fa51f6bddfb6955ce651162
b80ff2abe3c49e79e4c1fb06f52af25002bb714c2d69fa9391a87dd7c17e5fd0
b913028cae336af75686538cf833779bac3d2e42701ac7800415dfe3d32a76d0
b9267503a62d762b6f254d86082b81643a0c3bb195f177a59fb2fe267523383a
bd12cc39b3d6baf7d608e13c8be0267ceff0e36e9a23822af33653ca2c54f866
bdaa1142b84ba4c21c346e8c6ef5bdc61bbb9c51856216754573c2c0adefd6a2
be1cd4c2520121be59f946c220261a9822a05e98413037fb924f2f5e496d5480
be339f8baf147b9c343cea4d6685a909c02f1c1ad17707eba82b30a19f5d20d1
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
c45ed15bba60ffcc5b1191a168cd2b438454aa77f8cb02ba97c3734b4333baef
c607a049027d347f353dd49bdee2abd410e130646f2bd35dd4655513fdc73108
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c94196a54ab552bdb2e839ce3699d87460a8d3d5dfd13a94a875de6cd5f5edcb
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9a4bbcc7cfbe9bee2d33c88a89b44f096a478587b6e9893c68bf6276b4c7883
ca6e46a2c9933137b081fbdaf97a1248b05e7f2aca3ba093fe858a07f1e67b2f
cb4bb6cdd7ee77007c1307310c4d0c4881582a8ca6256f77d5a221fb66ef6219
cd6140e909b223e1abe42d8ed06168475b4f60ffa5655f23d6dbecbd65bac752
ce90877b2e60d00ce3fb934aae8c27b560528face8114bdc6bbbaa26d787b5aa
d1638ee8450d1118f0d179554767e8cd77c642654b541e9e9d4b43d7b56f2188
d37e94f1214397be3c01268be271768cd7402af8f36e8f8da8a8217a4068e4db
d57403cadd39b3125488b6615ccd14a2786598b49c87db11f7c000c5c07f8c31
d5bdef95670f73d85dbbd077b64a5f8bf93112ea5f2c1ad9346a8e45e18f8949
d6ccf97320e8243001a889af66d83d01cbefd89412144c08310e3100828c39c2
d73ddca3311b118a245943ce4561cd8e9627a554fca5a1e8a3fb038a9fdc0559
dac7f7db9336d9ea8868272a5c7004a247f2399c709536f1da511684052a59fc
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
de9db89a2937460ed0938de6cfcac5719bdbae4d5ba37cf6f500099a0604ea99
deb68e16777fefa7c5ab4cefd475b2b9e9afaae5d243535a8eccc89c7fa3c17b
ded5d7f9ee1dabd6354378d5c52684ae4779fbfd1c3c96041252a9ad07027524
e32922bcf935c6efc8467c084fb5ea586a4649fcaa0d66a7c86fc398bce66528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c0b908bed856bac07e87c4361711f681a398df5ccade819dea14f74fffe119
e5905ae583d23c82b387ad485d391a24ac3929710c1876921d68f6e243f3befb
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e74b43aacaf763cf1b158bed64b1042580e48272d675cc646bf2f6ab70122ed8
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e849356207a7e3399c2eb11d210bd7f514101e05acf6a198c4c5702fc53c1ecc
e8f9c8e1c0e23f648c40a928f3396667d3f1807e4e569ab3091826aaa7aebaa1
ead3652ebc434189418c17095f3a2d04cef9b189514878ed17adeed2fd2eca9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4027703b6ec24809845dafad572c3182fc29bca1caf7d14fd2679761bea7179
f480698abfb1a5c2f689e58239174dc435e4eb24bae80857aeceebac570e0fae
f49b3a3800479c5633b1b813c16bb65a42f347da46038bd605a03ae882dba1b0
f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383
f813f230d0fd4b1daaedbad4a8b9dac3c94124d1b24cbb60153cdc9561b7d6bb
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
fea68631be1a14587d4095862c1c95c4aa138a16f472bd0ba80b7b2911eacca9

www.baixaki.com Open in urlscan Pro 194.126.175.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

218 Requests

94 %HTTPS

25 %IPv6

33 Domains

58 Subdomains

49 IPs

9 Countries

1947 kBTransfer

4714 kBSize

36 Cookies

77 Outgoing links

Page URL History

Redirected requests

218 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.baixaki.com Open in urlscan Pro
194.126.175.195 Public Scan

Screenshot
Live screenshot

Full Image

218
Requests

94 %
HTTPS

25 %
IPv6

33
Domains

58
Subdomains

49
IPs

9
Countries

1947 kB
Transfer

4714 kB
Size

36
Cookies

218 HTTP transactions
5 data transactions