posbv.cfd Open in urlscan Pro
154.39.200.64  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

• http://ads.vidoomy.com/sohu_18447.js HTTP 301
• https://ads.vidoomy.com/sohu_18447.js

Request Chain 37

• http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 302
• https://securepubads.g.doubleclick.net/tag/js/gpt.js

Request Chain 60

• http://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js HTTP 301
• https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js

Request Chain 94

• https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
• https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response posbv.cfd/	24 KB 8 KB	2599ms 575ms	Document text/html	154.39.200.64 HKMTC-AS-AP HONG ...
General Check archive.org Show headers Download Go to Full URL http://posbv.cfd/ Protocol HTTP/1.1 Server 154.39.200.64 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK), Reverse DNS Software nginx / Resource Hash 63435232f8abecf1aaee7eefcb2efa329ff52d7b17e775008703988092277e3f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html;charset=utf-8 Date Mon, 18 Sep 2023 16:45:53 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	lib-6acb1b.css statics.itc.cn/mp/article-page/wap/prod/css/	18 KB 4 KB	1635ms 300ms	Stylesheet text/css	2602:ffe4:c4b:1001:3::3f9 ZEN-ECN
General Check archive.org Show headers Download Go to Full URL http://statics.itc.cn/mp/article-page/wap/prod/css/lib-6acb1b.css Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Server 2602:ffe4:c4b:1001:3::3f9 , United States, ASN21859 (ZEN-ECN, US), Reverse DNS Software Tengine / Resource Hash c8aa2d602d8d1d94e824db25d26aa7ab6aaa12b42e818bc96d9381af4a508bf7 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Mon, 18 Sep 2023 11:53:17 GMT Via cache1.l2hk2[0,0,304-0,H], cache21.l2hk2[1,0], cache16.vn24[0,0,200-0,H], cache5.vn24[1,0] Content-Encoding gzip Meta-Source CUBE x-amz-request-id f811ed43-5c84-4699-b7c2-53697b9fb7a9 Age 3529 Content-MD5 55e9eb87d0a160103a1fe677733af1fa X-Swift-CacheTime 83298 Transfer-Encoding chunked X-Cache HIT TCP_HIT dirn:12:741947482 FSS-Cache MISS from 8525426.15144572.9771479, HIT from 9377407.16848521.10623473 Connection keep-alive X-Swift-SaveTime Mon, 18 Sep 2023 16:38:48 GMT x-ba-request-id f811ed43-5c84-4699-b7c2-53697b9fb7a9 Data-Source PALLAS2 Server Tengine Last-Modified Wed, 29 Mar 2023 02:40:11 GMT ETag W/"55e9eb87d0a160103a1fe677733af1fa" Vary Accept-Encoding Ali-Swift-Global-Savetime 1695052026 Content-Type text/css x-scs-request-id f811ed43-5c84-4699-b7c2-53697b9fb7a9 Access-Control-Allow-Origin * Cache-Control max-age=86400 FSS-Proxy Powered by 3544357.5182767.4790078 Timing-Allow-Origin * EagleId 9c3b8a9916950555554368267e
GET H/1.1	200 OK	default.main_abroad.main_article.main_qd.main_weixin-c1b1ef.css statics.itc.cn/mp/article-page/wap/prod/css/	5 KB 2 KB	1638ms 300ms	Stylesheet text/css	2602:ffe4:c4b:1001:3::3f9 ZEN-ECN
General Check archive.org Show headers Download Go to Full URL http://statics.itc.cn/mp/article-page/wap/prod/css/default.main_abroad.main_article.main_qd.main_weixin-c1b1ef.css Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Server 2602:ffe4:c4b:1001:3::3f9 , United States, ASN21859 (ZEN-ECN, US), Reverse DNS Software Tengine / Resource Hash 7215848b9610bab97915d760d22c1a2561dcca871d2e23ef08d4a30b2085b1bb Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Mon, 18 Sep 2023 11:09:14 GMT Via cache20.l2hk2[0,0,304-0,H], cache14.l2hk2[1,0], cache15.vn24[0,0,200-0,H], cache5.vn24[1,0] Content-Encoding gzip Meta-Source CUBE x-amz-request-id 08eb6cb1-90d8-409e-a830-8acc4fe9f33e Age 3529 Content-MD5 4821fef9a382a53cf82e7caf4d649a11 X-Swift-CacheTime 83298 Transfer-Encoding chunked X-Cache HIT TCP_MEM_HIT dirn:7:575529997 FSS-Cache MISS from 9245821.16651399.10426094, HIT from 2626839.3347745.3872546 Connection keep-alive X-Swift-SaveTime Mon, 18 Sep 2023 16:38:48 GMT x-ba-request-id 08eb6cb1-90d8-409e-a830-8acc4fe9f33e Data-Source PALLAS2 Server Tengine Last-Modified Mon, 03 Apr 2023 09:47:39 GMT ETag W/"4821fef9a382a53cf82e7caf4d649a11" Vary Accept-Encoding Ali-Swift-Global-Savetime 1695052026 Content-Type text/css x-scs-request-id 08eb6cb1-90d8-409e-a830-8acc4fe9f33e Access-Control-Allow-Origin * Cache-Control max-age=86400 FSS-Proxy Powered by 3609894.5313840.4855616 Timing-Allow-Origin * EagleId 9c3b8a9916950555554388272e
GET H/1.1	200 OK	default.main.main_abroad.main_article-063ba6.css statics.itc.cn/mp/article-page/wap/prod/css/	21 KB 5 KB	1639ms 301ms	Stylesheet text/css	2602:ffe4:c4b:1001:3::3f9 ZEN-ECN
General Check archive.org Show headers Download Go to Full URL http://statics.itc.cn/mp/article-page/wap/prod/css/default.main.main_abroad.main_article-063ba6.css Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Server 2602:ffe4:c4b:1001:3::3f9 , United States, ASN21859 (ZEN-ECN, US), Reverse DNS Software Tengine / Resource Hash 55817b93ead7fe65bbe3d830aa25c398e208da72da409580075dd7ac46d6eff2 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Mon, 18 Sep 2023 07:44:18 GMT Via cache1.l2hk2[0,0,304-0,H], cache3.l2hk2[1,0], cache9.vn24[0,0,200-0,H], cache5.vn24[0,0] Content-Encoding gzip Meta-Source CUBE x-amz-request-id 22b9e9fa-21a0-4cbf-bb38-4dd40ed0bfde Age 3529 Content-MD5 b1158aeb923ae368b6a5ef13a79572ae X-Swift-CacheTime 83298 Transfer-Encoding chunked X-Cache HIT TCP_MEM_HIT dirn:13:829154675 FSS-Cache MISS from 8525426.15144572.9771479, HIT from 4265009.6689851.5445206 Connection keep-alive X-Swift-SaveTime Mon, 18 Sep 2023 16:38:48 GMT x-ba-request-id 22b9e9fa-21a0-4cbf-bb38-4dd40ed0bfde Data-Source PALLAS2 Server Tengine Last-Modified Mon, 03 Apr 2023 09:47:39 GMT ETag W/"b1158aeb923ae368b6a5ef13a79572ae" Vary Accept-Encoding Ali-Swift-Global-Savetime 1695052026 Content-Type text/css x-scs-request-id 22b9e9fa-21a0-4cbf-bb38-4dd40ed0bfde Access-Control-Allow-Origin * Cache-Control max-age=86400 FSS-Proxy Powered by 3544357.5182767.4790078 Timing-Allow-Origin * EagleId 9c3b8a9916950555554418280e
GET H/1.1	200 OK	default.main_abroad.main_article.main_weixin-9f19f8.css statics.itc.cn/mp/article-page/wap/prod/css/	14 KB 3 KB	1658ms 315ms	Stylesheet text/css	2602:ffe4:c4b:1001:3::3f9 ZEN-ECN
General Check archive.org Show headers Download Go to Full URL http://statics.itc.cn/mp/article-page/wap/prod/css/default.main_abroad.main_article.main_weixin-9f19f8.css Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Server 2602:ffe4:c4b:1001:3::3f9 , United States, ASN21859 (ZEN-ECN, US), Reverse DNS Software Tengine / Resource Hash 4dd2139e1140682df9660f95ab9487d9b905db5ec9ec11477fd9620f1a5cfbd7 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Mon, 18 Sep 2023 02:58:13 GMT Via cache36.l2hk2[0,0,304-0,H], cache6.l2hk2[1,0], cache14.vn24[0,0,200-0,H], cache5.vn24[1,0] Content-Encoding gzip Meta-Source CUBE x-amz-request-id 46bc65e8-8641-4348-bd7e-656b53fb2de5 Age 3529 Content-MD5 46d4b11e150d24c71a6cc0a9703c2ece X-Swift-CacheTime 83298 Transfer-Encoding chunked X-Cache HIT TCP_MEM_HIT dirn:13:91936123 FSS-Cache MISS from 3053471.4167593.4332464, HIT from 2626839.3347745.3872546 Connection keep-alive X-Swift-SaveTime Mon, 18 Sep 2023 16:38:48 GMT x-ba-request-id 46bc65e8-8641-4348-bd7e-656b53fb2de5 Data-Source PALLAS2 Server Tengine Last-Modified Thu, 06 Apr 2023 02:51:08 GMT ETag W/"46d4b11e150d24c71a6cc0a9703c2ece" Vary Accept-Encoding Ali-Swift-Global-Savetime 1695052026 Content-Type text/css x-scs-request-id 46bc65e8-8641-4348-bd7e-656b53fb2de5 Access-Control-Allow-Origin * Cache-Control max-age=86400 FSS-Proxy Powered by 6886744.11867490.8132516 Timing-Allow-Origin * EagleId 9c3b8a9916950555554528333e
GET H/1.1	200 OK	default.main.main_abroad-ace6fe.css statics.itc.cn/mp/article-page/wap/prod/css/	110 KB 16 KB	1656ms 313ms	Stylesheet text/css	2602:ffe4:c4b:1001:3::3f9 ZEN-ECN
General Check archive.org Show headers Download Go to Full URL http://statics.itc.cn/mp/article-page/wap/prod/css/default.main.main_abroad-ace6fe.css Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Server 2602:ffe4:c4b:1001:3::3f9 , United States, ASN21859 (ZEN-ECN, US), Reverse DNS Software Tengine / Resource Hash 5f45d16be2281bb576f68828c738c7bc8b8f8396bd22bc0b108608832974af8c Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Mon, 18 Sep 2023 04:48:29 GMT Via cache36.l2hk2[0,0,304-0,H], cache14.l2hk2[2,0], cache4.vn24[0,0,200-0,H], cache5.vn24[1,0] Content-Encoding gzip Meta-Source CUBE x-amz-request-id c3c98d3f-e231-4219-92f5-4c0ca11f1316 Age 3529 Content-MD5 bc425b63eef8341ad46fd88a191362cc X-Swift-CacheTime 83298 Transfer-Encoding chunked X-Cache HIT TCP_MEM_HIT dirn:12:456293433 FSS-Cache MISS from 8525426.15144572.9771479, HIT from 2692376.3478818.3938084 Connection keep-alive X-Swift-SaveTime Mon, 18 Sep 2023 16:38:48 GMT x-ba-request-id c3c98d3f-e231-4219-92f5-4c0ca11f1316 Data-Source PALLAS2 Server Tengine Last-Modified Mon, 03 Apr 2023 09:47:39 GMT ETag W/"bc425b63eef8341ad46fd88a191362cc" Vary Accept-Encoding Ali-Swift-Global-Savetime 1695052026 Content-Type text/css x-scs-request-id c3c98d3f-e231-4219-92f5-4c0ca11f1316 Access-Control-Allow-Origin * Cache-Control max-age=86400 FSS-Proxy Powered by 6886744.11867490.8132516 Timing-Allow-Origin * EagleId 9c3b8a9916950555554528334e
GET H/1.1	200 OK	default.main_abroad.main_article-9e5266.css statics.itc.cn/mp/article-page/wap/prod/css/	6 KB 2 KB	1657ms 314ms	Stylesheet text/css	2602:ffe4:c4b:1001:3::3f9 ZEN-ECN
General Check archive.org Show headers Download Go to Full URL http://statics.itc.cn/mp/article-page/wap/prod/css/default.main_abroad.main_article-9e5266.css Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Server 2602:ffe4:c4b:1001:3::3f9 , United States, ASN21859 (ZEN-ECN, US), Reverse DNS Software Tengine / Resource Hash 226cd6195ab73068fa0b27007c78ff1ca222529b8863ce6274ebf0c49f212180 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Mon, 18 Sep 2023 10:10:17 GMT Via cache21.l2hk2[0,0,304-0,H], cache23.l2hk2[1,0], cache18.vn24[0,0,200-0,H], cache5.vn24[1,0] Content-Encoding gzip Meta-Source CUBE x-amz-request-id 322f9f18-f267-42b3-9460-6b1bc4294c5d Age 3529 Content-MD5 9b8780e5dfdcd12efc1b337800c11aed X-Swift-CacheTime 83298 Transfer-Encoding chunked X-Cache HIT TCP_MEM_HIT dirn:12:138509362 FSS-Cache MISS from 6428242.10950236.7674263, HIT from 2692376.3478818.3938084 Connection keep-alive X-Swift-SaveTime Mon, 18 Sep 2023 16:38:48 GMT x-ba-request-id 322f9f18-f267-42b3-9460-6b1bc4294c5d Data-Source PALLAS2 Server Tengine Last-Modified Mon, 03 Apr 2023 09:47:39 GMT ETag W/"9b8780e5dfdcd12efc1b337800c11aed" Vary Accept-Encoding Ali-Swift-Global-Savetime 1695052026 Content-Type text/css x-scs-request-id 322f9f18-f267-42b3-9460-6b1bc4294c5d Access-Control-Allow-Origin * Cache-Control max-age=86400 FSS-Proxy Powered by 6886744.11867490.8132516 Timing-Allow-Origin * EagleId 9c3b8a9916950555554518328e
GET H/1.1	200 OK	main_abroad-a3dd91.css statics.itc.cn/mp/article-page/wap/prod/css/	1 KB 1 KB	1935ms 299ms	Stylesheet text/css	2602:ffe4:c4b:1001:3::3f9 ZEN-ECN
General Check archive.org Show headers Download Go to Full URL http://statics.itc.cn/mp/article-page/wap/prod/css/main_abroad-a3dd91.css Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Server 2602:ffe4:c4b:1001:3::3f9 , United States, ASN21859 (ZEN-ECN, US), Reverse DNS Software Tengine / Resource Hash 28e1d3a75e9d265f3c86ffb895d6e3143832c0e310cb8bc73233fce1e4cfb451 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Sun, 17 Sep 2023 12:25:51 GMT Via cache18.l2hk2[0,0,304-0,H], cache12.l2hk2[1,0], cache20.vn24[0,0,200-0,H], cache5.vn24[0,0] Content-Encoding gzip Meta-Source CUBE x-amz-request-id cd830c0f-8902-4ce6-8a25-201859c710c0 Age 45229 Content-MD5 21caaf95fd8c97d940a4a67b5c171058 X-Swift-CacheTime 80706 Transfer-Encoding chunked X-Cache HIT TCP_MEM_HIT dirn:13:596117629 FSS-Cache MISS from 3053471.4167593.4332464, HIT from 2757913.3609891.4003622 Connection keep-alive X-Swift-SaveTime Mon, 18 Sep 2023 05:47:00 GMT x-ba-request-id cd830c0f-8902-4ce6-8a25-201859c710c0 Data-Source PALLAS2 Server Tengine Last-Modified Mon, 03 Apr 2023 09:47:39 GMT ETag W/"21caaf95fd8c97d940a4a67b5c171058" Vary Accept-Encoding Ali-Swift-Global-Savetime 1695010326 Content-Type text/css x-scs-request-id cd830c0f-8902-4ce6-8a25-201859c710c0 Access-Control-Allow-Origin * Cache-Control max-age=86400 FSS-Proxy Powered by 3609894.5313840.4855616 Timing-Allow-Origin * EagleId 9c3b8a9916950555557371373e
GET H2	200	fuse.js Show response cdn.fuseplatform.net/publift/tags/2/2383/	218 KB 56 KB	204ms 43ms	Script application/x-javascript	2a02:26f0:3500:12::1730:1788 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.fuseplatform.net/publift/tags/2/2383/fuse.js Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:12::1730:1788 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 4f82a96e567d83ebe83199925f34657ccaa20166d25c0931349a074e5937ffc3 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:56 GMT content-encoding gzip last-modified Thu, 08 Jun 2023 06:33:41 GMT server AkamaiNetStorage etag "89b99adb3187e8c3f1d5b314db5f9aa2:1686206021.150619" vary Accept-Encoding content-type application/x-javascript cache-control max-age=1800 accept-ranges bytes content-length 57021 expires Mon, 18 Sep 2023 17:15:56 GMT
GET H/1.1	200 OK	0ce1204a6c754fbdbcdf87c536b13f23.jpg image1.chinanews.com.cn/cnsupload/big/2022/11-16/4-426/	248 KB 248 KB	161ms 41ms	Image image/jpeg	138.113.35.27 ML-1432-54994
General Check archive.org Show headers Download Go to Show image Full URL http://image1.chinanews.com.cn/cnsupload/big/2022/11-16/4-426/0ce1204a6c754fbdbcdf87c536b13f23.jpg Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Server 138.113.35.27 , Canada, ASN54994 (ML-1432-54994, CA), Reverse DNS Software nginx / Resource Hash d8d6ad393e1dd6c1aa2eabc9e8b8e309cd09c072621c708ce56e016d3125d8b2 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Mon, 18 Sep 2023 16:45:56 GMT Last-Modified Wed, 16 Nov 2022 10:59:19 GMT Server nginx Age 1 ETag "6374c287-3e016" X-Ws-Request-Id 65087ec4_PSdgflkfFRA2po75_41904-12851 Content-Type image/jpeg X-Via 1.1 PS-WNZ-012WK122:10 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2lp71:17 (Cdn Cache Server V2.0) Connection keep-alive Accept-Ranges bytes Content-Length 253974
GET H2	200	sohu300x250.js Show response cdn-ali.onemob.mobi/js/	3 KB 2 KB	776ms 49ms	Script application/javascript	47.246.44.209 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://cdn-ali.onemob.mobi/js/sohu300x250.js Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 47.246.44.209 Stockholm, Sweden, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash cd0f6c723bf0927a5c690fe8aa19fe4b025d00e70670a02337b4afa3b55f5153 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:13:41 GMT via cache6.l2de2[629,190,304-0,C], cache10.l2de2[192,0], cache5.se1[0,0,200-0,H], cache5.se1[1,0] content-encoding gzip x-oss-request-id 65087735637FD2363952C0B5 content-md5 kyOzySXOweLaGZjLgiqfEQ== age 1935 x-swift-cachetime 3600 x-cache HIT TCP_MEM_HIT dirn:4:459851008 x-oss-cdn-auth success x-swift-savetime Mon, 18 Sep 2023 16:13:41 GMT content-length 1387 x-oss-object-type Normal last-modified Fri, 15 Sep 2023 09:59:40 GMT server Tengine etag "9323B3C925CEC1E2DA1998CB822A9F11" vary Accept-Encoding ali-swift-global-savetime 1695053621 content-type application/javascript x-oss-storage-class Standard accept-ranges bytes timing-allow-origin * x-oss-hash-crc64ecma 17685202591318092272 eagleid 2ff62c9916950555569285462e x-oss-server-time 2
GET H/1.1	200 OK	inc-all.js Show response js.tv.itc.cn/m/player/	249 KB 89 KB	1461ms 44ms	Script application/x-javascript	2a01:53c0:ff0a::43 ML-1432-54994
General Check archive.org Show headers Download Go to Full URL http://js.tv.itc.cn/m/player/inc-all.js Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Server 2a01:53c0:ff0a::43 , United States, ASN54994 (ML-1432-54994, CA), Reverse DNS Software nginx/SohuTv-N2162 / Resource Hash 2776f713bbc56095fd49be35aef7aec1010516c8962daa182b51672adac43049 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Mon, 18 Sep 2023 16:45:57 GMT Content-Encoding gzip Age 1 Transfer-Encoding chunked X-Via 1.1 PSrbJP1de68:4 (Cdn Cache Server V2.0), 1.1 PSygldLON2kt55:4 (Cdn Cache Server V2.0) FSS-Cache EXPIRED from 8394352.14882426.9640403, EXPIRED from 2626839.3347745.3872546 Connection keep-alive Last-Modified Tue, 08 Aug 2023 07:35:58 GMT Server nginx/SohuTv-N2162 ETag W/"64d1f05e-3e49d" X-Ws-Request-Id 65087ec5_PSygldLON2hl59_28778-29231 Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=1800 X-Cache-Hit by js.tv.itc.cn FSS-Proxy Powered by 8001130.14095988.9247175 Expires Mon, 18 Sep 2023 16:58:25 GMT
GET H/1.1	200 OK	runtime-7ef29e.js Show response statics.itc.cn/mp/article-page/wap/prod/js/	3 KB 3 KB	310ms 309ms	Script application/x-javascript	2602:ffe4:c4b:1001:3::3f9 ZEN-ECN
General Check archive.org Show headers Download Go to Full URL http://statics.itc.cn/mp/article-page/wap/prod/js/runtime-7ef29e.js Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Server 2602:ffe4:c4b:1001:3::3f9 , United States, ASN21859 (ZEN-ECN, US), Reverse DNS Software Tengine / Resource Hash 1d52315499d0571fba6e961c9a40ee37210ae79880fa3ff4a83a87836266a073 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Sun, 17 Sep 2023 21:05:11 GMT Via cache25.l2hk2[0,0,304-0,H], cache34.l2hk2[1,0], cache9.vn24[0,0,200-0,H], cache5.vn24[2,0] Content-Encoding gzip Meta-Source CUBE x-amz-request-id a11616ec-5b81-42fa-ac26-dabb003f12e1 Age 33363 Content-MD5 df6d656c1000bcfcd7ff3139e491f698 X-Swift-CacheTime 83215 Transfer-Encoding chunked X-Cache HIT TCP_HIT dirn:13:379080916 FSS-Cache MISS from 6231631.10557017.7477649, HIT from 2757913.3609891.4003622 Connection keep-alive X-Swift-SaveTime Mon, 18 Sep 2023 08:22:58 GMT x-ba-request-id a11616ec-5b81-42fa-ac26-dabb003f12e1 Data-Source PALLAS2 Server Tengine Last-Modified Tue, 23 May 2023 09:32:46 GMT ETag W/"df6d656c1000bcfcd7ff3139e491f698" Vary Accept-Encoding Ali-Swift-Global-Savetime 1695022193 Content-Type application/x-javascript x-scs-request-id a11616ec-5b81-42fa-ac26-dabb003f12e1 Access-Control-Allow-Origin * Cache-Control max-age=86400 FSS-Proxy Powered by 8852854.15799680.10098656 Timing-Allow-Origin * EagleId 9c3b8a9916950555561112802e
GET H/1.1	200 OK	default.main.main_abroad.main_article.main_qd.main_weixin-9de504.js Show response statics.itc.cn/mp/article-page/wap/prod/js/	28 KB 11 KB	302ms 301ms	Script application/x-javascript	2602:ffe4:c4b:1001:3::3f9 ZEN-ECN
General Check archive.org Show headers Download Go to Full URL http://statics.itc.cn/mp/article-page/wap/prod/js/default.main.main_abroad.main_article.main_qd.main_weixin-9de504.js Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Server 2602:ffe4:c4b:1001:3::3f9 , United States, ASN21859 (ZEN-ECN, US), Reverse DNS Software Tengine / Resource Hash cde0e083079b5de2afe9d68ae1768909cc9cf0f54f52d20f7b44f3c807421277 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Sun, 17 Sep 2023 21:05:10 GMT Via cache11.l2hk2[498,498,304-0,M], cache29.l2hk2[500,0], cache12.vn24[0,0,200-0,H], cache5.vn24[1,0] Content-Encoding gzip Meta-Source CUBE x-amz-request-id 2e679afe-64e4-4445-80c5-ada7be1e4aca Age 2735 Content-MD5 9e1eddf086e0e228b1e800ee0bdebbbb X-Swift-CacheTime 86400 Transfer-Encoding chunked X-Cache HIT TCP_HIT dirn:12:868503621 FSS-Cache MISS from 6559316.11212382.7805339, HIT from 2626839.3347745.3872546 Connection keep-alive X-Swift-SaveTime Mon, 18 Sep 2023 16:00:21 GMT x-ba-request-id 2e679afe-64e4-4445-80c5-ada7be1e4aca Data-Source PALLAS2 Server Tengine Last-Modified Tue, 23 May 2023 09:32:46 GMT ETag W/"9e1eddf086e0e228b1e800ee0bdebbbb" Vary Accept-Encoding Ali-Swift-Global-Savetime 1695052821 Content-Type application/x-javascript x-scs-request-id 2e679afe-64e4-4445-80c5-ada7be1e4aca Access-Control-Allow-Origin * Cache-Control max-age=86400 FSS-Proxy Powered by 6886744.11867490.8132516 Timing-Allow-Origin * EagleId 9c3b8a9916950555561092792e
GET H/1.1	200 OK	default.main_abroad.main_article.main_qd.main_weixin-dccb3f.js Show response statics.itc.cn/mp/article-page/wap/prod/js/	46 KB 16 KB	318ms 315ms	Script application/x-javascript	2602:ffe4:c4b:1001:3::3f9 ZEN-ECN
General Check archive.org Show headers Download Go to Full URL http://statics.itc.cn/mp/article-page/wap/prod/js/default.main_abroad.main_article.main_qd.main_weixin-dccb3f.js Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Server 2602:ffe4:c4b:1001:3::3f9 , United States, ASN21859 (ZEN-ECN, US), Reverse DNS Software Tengine / Resource Hash b11925e75973834ab4c101bf1767c05b460f3e519dad04ac4369cc23cfcff05d Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Sun, 17 Sep 2023 14:46:18 GMT Via cache13.l2hk2[499,499,304-0,M], cache37.l2hk2[502,0], cache10.vn24[0,0,200-0,H], cache5.vn24[1,0] Content-Encoding gzip Meta-Source CUBE x-amz-request-id 657f2118-ee8b-410b-94b2-5c426915b796 Age 30179 Content-MD5 6d219dddec2bb96c7f3da68038d574ed X-Swift-CacheTime 86400 Transfer-Encoding chunked X-Cache HIT TCP_HIT dirn:12:215052959 FSS-Cache MISS from 3216672.4527402.4462388, HIT from 9508481.17110667.10754549 Connection keep-alive X-Swift-SaveTime Mon, 18 Sep 2023 08:22:57 GMT x-ba-request-id 657f2118-ee8b-410b-94b2-5c426915b796 Data-Source PALLAS2 Server Tengine Last-Modified Tue, 23 May 2023 09:32:45 GMT ETag W/"6d219dddec2bb96c7f3da68038d574ed" Vary Accept-Encoding Ali-Swift-Global-Savetime 1695025377 Content-Type application/x-javascript x-scs-request-id 657f2118-ee8b-410b-94b2-5c426915b796 Access-Control-Allow-Origin * Cache-Control max-age=86400 FSS-Proxy Powered by 3544357.5182767.4790078 Timing-Allow-Origin * EagleId 9c3b8a9916950555561192829e
GET H/1.1	200 OK	backflow.js Show response caaceed4aeaf2.cdn.sohucs.com/js-sdk/backflow/1.4.1/	13 KB 5 KB	3027ms 267ms	Script application/x-javascript	2408:8720:0:421:3a::24 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL http://caaceed4aeaf2.cdn.sohucs.com/js-sdk/backflow/1.4.1/backflow.js Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Server 2408:8720:0:421:3a::24 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software Lego Server / Resource Hash 72889c571b5be81939e186b0baf281c9a092bc6fd59506801e0fe7a280ddbba4 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Mon, 18 Sep 2023 16:45:58 GMT Content-Encoding gzip X-Cache-Lookup Cache Hit Last-Modified Thu, 18 Apr 2019 08:04:38 GMT Server Lego Server Age 1763571 Etag "2fad0b49daf4e27c99cc3120a802a313" Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=60 X-NWS-LOG-UUID 15827600651015324792 Connection keep-alive Accept-Ranges bytes Content-Length 5134
GET H/1.1	200 OK	pv.js Show response js.sohu.com/	3 KB 1 KB	1698ms 39ms	Script application/x-javascript	101.33.11.106 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL http://js.sohu.com/pv.js?_t=20171214 Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Server 101.33.11.106 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software SWS / Resource Hash e2c82fd12830d7ba680e0215f5c5ed55da1d70b2ffef5ecaf56d9e3d9496e8d6 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Mon, 04 Sep 2023 04:11:40 GMT Content-Encoding gzip X-Cache-Lookup Cache Hit Last-Modified Mon, 21 Jun 2010 09:59:59 GMT Server SWS Vary Accept-Encoding Content-Type application/x-javascript FSS-SRC-Cache HIT from 3478565.5116975.4658750 Cache-Control no-transform, max-age=7776000 X-NWS-LOG-UUID 6489764304020916212 Connection keep-alive Accept-Ranges bytes Content-Length 957 Expires Sat, 02 Dec 2023 15:59:08 GMT
GET H2	200	passport-4.0.3.js Show response 39d0825d09f05.cdn.sohucs.com/sdk/	13 KB 13 KB	1078ms 43ms	Script application/x-javascript	2a01:53c0:ff0a::43 ML-1432-54994
General Check archive.org Show headers Download Go to Full URL https://39d0825d09f05.cdn.sohucs.com/sdk/passport-4.0.3.js Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 2a01:53c0:ff0a::43 , United States, ASN54994 (ML-1432-54994, CA), Reverse DNS Software SCSImageServer / Resource Hash 54c82b1f57c21c350a5742fa769d89246716a690053d5cfbee3b2da92d180f1e Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:57 GMT last-modified Thu, 18 Jan 2018 08:05:26 GMT server SCSImageServer age 1 etag "63d1d983f7235102d1101aa501345ea3" x-ws-request-id 65087ec5_PSygldLON2kt55_27037-49951 content-type application/x-javascript access-control-allow-origin * x-via 1.1 PSrbJP1tu67:6 (Cdn Cache Server V2.0), 1.1 PS-LHR-01q9k95:19 (Cdn Cache Server V2.0) cache-control max-age=7776000 fss-cache MISS from 9245821.16651399.10426094, MISS from 4242652.6733030.5335298 fss-proxy Powered by 2473153.3194059.3565772 content-length 13128
GET H/1.1	200 OK	index.js Show response statics.itc.cn/spm/prod/js/1.0.1/	46 KB 16 KB	310ms 307ms	Script application/x-javascript	2602:ffe4:c4b:1001:3::3f9 ZEN-ECN
General Check archive.org Show headers Download Go to Full URL http://statics.itc.cn/spm/prod/js/1.0.1/index.js Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Server 2602:ffe4:c4b:1001:3::3f9 , United States, ASN21859 (ZEN-ECN, US), Reverse DNS Software Tengine / Resource Hash dc271342fe98ce6c9b03951522ece45fe790884500d0ba37851b944ff8eea09c Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Mon, 18 Sep 2023 06:44:48 GMT Via cache35.l2hk2[0,0,304-0,H], cache26.l2hk2[1,0], cache1.vn24[0,0,200-0,H], cache5.vn24[1,0] Content-Encoding gzip Meta-Source CUBE x-amz-request-id 3e8dc89c-52a5-4080-b9cd-0d47017ffcc3 Age 7257 Content-MD5 93c81589038aa0a9f42c2c3838c57827 X-Swift-CacheTime 14357 X-Cache HIT TCP_MEM_HIT dirn:13:757107957 FSS-Cache MISS from 3216672.4527402.4462388, HIT from 9377407.16848521.10623473 Connection keep-alive X-Swift-SaveTime Mon, 18 Sep 2023 14:45:42 GMT Content-Length 15646 x-ba-request-id 3e8dc89c-52a5-4080-b9cd-0d47017ffcc3 Data-Source PALLAS2 Server Tengine Last-Modified Thu, 05 Jan 2023 10:36:01 GMT ETag "93c81589038aa0a9f42c2c3838c57827" Ali-Swift-Global-Savetime 1695048299 Content-Type application/x-javascript x-scs-request-id 3e8dc89c-52a5-4080-b9cd-0d47017ffcc3 Access-Control-Allow-Origin * Cache-Control max-age=14400 FSS-Proxy Powered by 3609894.5313840.4855616 Accept-Ranges bytes Timing-Allow-Origin * EagleId 9c3b8a9916950555561172824e
GET H/1.1	200 OK	sohu_18447.js Show response ads.vidoomy.com/ Redirect Chain http://ads.vidoomy.com/sohu_18447.js https://ads.vidoomy.com/sohu_18447.js	5 KB 5 KB	403ms 147ms	Script application/javascript	3.19.54.139 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.vidoomy.com/sohu_18447.js Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Server 3.19.54.139 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-19-54-139.us-east-2.compute.amazonaws.com Software Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33 Resource Hash 2bedb2cc81163a5bbf1647c04d13a554d8c5325c6fb287a494299933741be39e Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Pragma no-cache Date Mon, 18 Sep 2023 16:45:56 GMT Server Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 X-Powered-By PHP/7.0.33 Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Connection Keep-Alive Keep-Alive timeout=2, max=300 Content-Length 5144 Redirect headers Location https://ads.vidoomy.com/sohu_18447.js Date Mon, 18 Sep 2023 16:45:56 GMT Server Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 Connection Keep-Alive Keep-Alive timeout=2, max=300 Content-Length 245 Content-Type text/html; charset=iso-8859-1
GET H/1.1	403 Forbidden	pg.sohu.com.js m2d.m2.ai/	0 0	106ms 41ms	Script text/xml	18.239.50.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://m2d.m2.ai/pg.sohu.com.js Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Server 18.239.50.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-50-66.ams58.r.cloudfront.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	145 KB 50 KB	178ms 91ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4162412090504078 Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 93107dc82956d6ab9465a931b90e83d4e10f3e83acfaed16acb27d233b926e65 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://posbv.cfd/ Origin http://posbv.cfd accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:56 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50737 x-xss-protection 0 server cafe etag 11151967465949343475 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Mon, 18 Sep 2023 16:45:56 GMT
GET H/1.1	200 OK	qa_router.min.js Show response statres.quickapp.cn/quickapp/js/	13 KB 6 KB	4199ms 340ms	Script application/javascript	240e:95c:3004:15::7760:3423 CHINATELECOM-HUBE...
General Check archive.org Show headers Download Go to Full URL http://statres.quickapp.cn/quickapp/js/qa_router.min.js Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Server 240e:95c:3004:15::7760:3423 , China, ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN), Reverse DNS Software JSP3/2.0.14 / Resource Hash 8ff3bdd65402503d3acbcbb7e9a92c90241e3a11c19796d0e046b692d5e4bf2d Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Ohc-File-Size 13381 Date Mon, 18 Sep 2023 16:45:59 GMT Content-Encoding gzip Ohc-Cache-HIT wh4ct65 [2] Last-Modified Thu, 24 Aug 2023 09:57:40 GMT Server JSP3/2.0.14 Age 357937 ETag "64e72994-3445" X-Cache-Status HIT Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin https://admin.quickapp.cn Connection keep-alive Accept-Ranges bytes Ohc-Global-Saved-Time Thu, 14 Sep 2023 13:20:22 GMT
GET H/1.1	200 OK	loader.js Show response cdn.taboola.com/libtrc/sohuchina-sohucom/	425 KB 54 KB	83ms 39ms	Script application/javascript	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL http://cdn.taboola.com/libtrc/sohuchina-sohucom/loader.js Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 5e768fbf6df0c23496c0d8ed781cd0e7ab74a0beb4d993f9307c63604f58befd Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-amz-version-id TIaRhPKTjLRfrtRgiZDtXPuVu7d8xQFB Content-Encoding gzip Via 1.1 varnish Date Mon, 18 Sep 2023 16:45:56 GMT x-amz-request-id WTZXSS2FJTDDFM69 Age 22600 x-amz-server-side-encryption AES256 X-Cache HIT x-amz-replication-status PENDING Connection keep-alive Content-Length 54446 x-amz-id-2 NpQwJt5LKPea4njVSBK9asauJ9pV+ufg/C6eVcqOOV0frwR7Q5VZITMytozZFA/ug9d+ubitKOk= X-Served-By cache-fra-etou8220072-FRA Last-Modified Mon, 18 Sep 2023 10:29:03 GMT Server AmazonS3 X-Timer S1695055556.448564,VS0,VE0 ETag "a07dd309dbe15c695d32e8102f25cb0d" Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 abp 67 Access-Control-Allow-Origin * Cache-Control private,max-age=14401 Accept-Ranges bytes X-Cache-Hits 7
GET H/1.1	200 OK	adpushup.js Show response cdn.adpushup.com/42136/	516 KB 181 KB	121ms 49ms	Script application/javascript	2a02:26f0:480:f::213:7ec8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL http://cdn.adpushup.com/42136/adpushup.js Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Server 2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 965f635025e7579206a2e9a80542d58cbea63151427ad0f4e66df05ccf5de2f2 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Mon, 18 Sep 2023 16:45:56 GMT Content-Encoding gzip x-akamai-device mobile:false&tablet:false Connection keep-alive Server-Timing cdn-cache; desc=HIT, edge; dur=9, origin; dur=0, ak_p; desc="1695055556602_34831752_366223837_909_908_38_0_-";dur=1 Content-Length 184528 x-akamai-country DE X-AP-Device DESKTOP Last-Modified Wed, 13 Sep 2023 12:36:40 GMT Server nginx/1.18.0 Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=3600 X-AP-Geo DE Expires Mon, 18 Sep 2023 17:45:56 GMT
GET H2	204	choice.js Show response cmp.quantcast.com/choice/PRrmquD1Ggcb1/posbv.cfd/	0 436 B	542ms 447ms	XHR text/plain	2600:9000:211e:9400:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/posbv.cfd/choice.js?tag_version=V2 Requested by Host: cdn.fuseplatform.net URL: https://cdn.fuseplatform.net/publift/tags/2/2383/fuse.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211e:9400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:56 GMT via 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront) server AmazonS3 x-amz-cf-pop FRA56-C2 access-control-max-age 3000 access-control-allow-methods GET x-cache Error from cloudfront access-control-allow-origin http://posbv.cfd cache-control max-age=3600 access-control-allow-credentials true cross-origin-resource-policy cross-origin vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding x-amz-cf-id Mi7E-PfV8nF4PHku_ISPUfyXjLyF4WoaK65wvWlsVDnqgaMQT1IAXQ==
GET H2	200	prebid-c0c214e48e03df87531896fd3b7256c4.js Show response cdn.fuseplatform.net/prebid/	276 KB 86 KB	48ms 45ms	Script application/x-javascript	2a02:26f0:3500:12::1730:1788 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.fuseplatform.net/prebid/prebid-c0c214e48e03df87531896fd3b7256c4.js Requested by Host: cdn.fuseplatform.net URL: https://cdn.fuseplatform.net/publift/tags/2/2383/fuse.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:12::1730:1788 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 164563c2be58fbaebe0731aa059e28ce24f6b7453943f152b86bddbf08b108c3 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:56 GMT content-encoding gzip last-modified Sun, 12 Mar 2023 22:04:11 GMT server AkamaiNetStorage etag "6939a8ac4e13e0fb8c50c1f170bc6f99:1678658651.33012" vary Accept-Encoding content-type application/x-javascript cache-control max-age=86400000 accept-ranges bytes content-length 87511 expires Sun, 14 Jun 2026 16:45:56 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	99 KB 29 KB	229ms 141ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: cdn.fuseplatform.net URL: https://cdn.fuseplatform.net/publift/tags/2/2383/fuse.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0edce4028437b8e6443a1015fc1973e3ffc6d72f5c126e7c02cbbb7bc5eaed99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:56 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29290 x-xss-protection 0 server cafe etag 252 / 19618 / 31077933 / config-hash: 5872517447352829814 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 18 Sep 2023 16:45:56 GMT
GET H2	200	sohu_sohu_outstream.js Show response publift.mainroll.com/a/	39 KB 11 KB	173ms 56ms	Script text/javascript	108.138.17.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://publift.mainroll.com/a/sohu_sohu_outstream.js Requested by Host: cdn.fuseplatform.net URL: https://cdn.fuseplatform.net/publift/tags/2/2383/fuse.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.17.104 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-17-104.fra56.r.cloudfront.net Software Apache / Resource Hash 229c200cfc4864581be028c5f27ee8520bdfdf8f6af3628df787dacd00246386 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:46 GMT strict-transport-security max-age=31536000 content-encoding gzip via 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P7 age 10 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 10387 x-ovp-host vms-prod-frontend-spot-10-1-17-197 server Apache vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=90, stale-while-revalidate=900, stale-if-error=86400 x-amz-cf-id VMVZyrmw6d6j1KO3BITnPl4HQH7xOUCUIMHYssUviS-VaL5fqpNjSw== expires Mon, 18 Sep 2023 16:47:16 GMT
GET H2	200	noconsent Show response cdn.fuseplatform.net/telemetry/	1 B 210 B	169ms 51ms	Fetch text/plain	2a02:26f0:3500:12::1730:1788 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.fuseplatform.net/telemetry/noconsent?v=1&ttm=1695055556229&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=83437d45-c064-5884-a946-fd82c2345131&fid=2383&pubid=8&url=http%3A%2F%2Fposbv.cfd%2F&sid=114e7e7f4c99eb42a90d&srate=100&adserver=gpt&etm=4891&e=fuse-load Requested by Host: cdn.fuseplatform.net URL: https://cdn.fuseplatform.net/publift/tags/2/2383/fuse.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:12::1730:1788 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:56 GMT last-modified Wed, 10 Aug 2022 11:31:51 GMT server AkamaiNetStorage etag "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793" vary Origin content-type text/plain access-control-allow-origin http://posbv.cfd cache-control max-age=1800 accept-ranges bytes content-length 1 expires Mon, 18 Sep 2023 17:15:56 GMT
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 2 KB	131ms 48ms	XHR application/json	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230918 Requested by Host: cdn.fuseplatform.net URL: https://cdn.fuseplatform.net/prebid/prebid-c0c214e48e03df87531896fd3b7256c4.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d7aa321bc468e6616b61cbe0a90b654c320984049b23ba04e6fa79016121c8d3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://posbv.cfd/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Content-Type text/plain Response headers date Mon, 18 Sep 2023 16:45:56 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 2706 x-jsd-version 1.0.1817 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230103-FRA, cache-yyz4566-YYZ x-jsd-version-type version server cloudflare etag W/"63a-SiQiAtLDblMF8GqKmA6xE7urjwc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2yfjUaxO%2FDeg3w7bDPPmQTRSX72hl7ScL3NrvOjP1pN3B5KTJ9WSAFeOCxXRLu7u%2BZfxC4SQFH5VtUwB1OpFd85IaSOy2M%2F33E7kFbWmcKvWtS6jaZg0GZyPITSh5sQ8XYFYcnUyYgrgCWM4oE%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 808b0febbde530c6-FRA
GET H2	200	impl.20230918-3-RELEASE.js Show response cdn.taboola.com/libtrc/	809 KB 168 KB	126ms 40ms	Script application/javascript	151.101.193.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/impl.20230918-3-RELEASE.js Requested by Host: cdn.taboola.com URL: http://cdn.taboola.com/libtrc/sohuchina-sohucom/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3-br / Resource Hash 704724d4dcbd3f1c768814ab246eae30ca4b0711e8e4722d44b437e025e4e77e Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-amz-version-id DaEDoPl2TmHEdznh3qQh.Yv79OcZ9zNB content-encoding br via 1.1 varnish date Mon, 18 Sep 2023 16:45:56 GMT x-amz-request-id V5MF598G9GXEMVSB age 23802 x-amz-server-side-encryption AES256 x-cache HIT content-length 171436 x-amz-id-2 mew1laQ+Rl1qM3JBvjxv/cDFEYHbr1ZvLswqo5KHtLwZ8nl/FtD8fQJf3OrAaJMTXPtEGPo0LJg= x-served-by cache-fra-eddf8230099-FRA last-modified Mon, 18 Sep 2023 10:09:15 GMT server AmazonS3-br x-timer S1695055557.712932,VS0,VE0 etag "69617b479e4738a79450104db8649ba4" vary Accept-Encoding content-type application/javascript abp 62 access-control-allow-origin * cache-control private,max-age=31536000 accept-ranges bytes x-cache-hits 97047
GET H/1.1	200 OK	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 31 KB	114ms 63ms	Script application/javascript	2a04:4e42:600::649 FASTLY
General Check archive.org Show headers Download Go to Full URL http://code.jquery.com/jquery-3.6.0.min.js Requested by Host: cdn.adpushup.com URL: http://cdn.adpushup.com/42136/adpushup.js Protocol HTTP/1.1 Server 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Mon, 18 Sep 2023 16:45:56 GMT Content-Encoding gzip Via 1.1 varnish, 1.1 varnish Age 151761 X-Cache HIT, HIT Connection keep-alive Content-Length 30875 X-Served-By cache-lga21931-LGA, cache-fra-eddf8230026-FRA Last-Modified Fri, 18 Oct 1991 12:00:00 GMT Server nginx X-Timer S1695055557.835283,VS0,VE0 ETag W/"28feccc0-15d9d" Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=31536000, stale-while-revalidate=604800 Accept-Ranges bytes X-Cache-Hits 1, 138949
GET H2	200	bluebillywig_pbjs.js Show response cdn.bluebillywig.com/scripts/prebid/7.54.3/cbaea51dad3dabe7f0585e06a5be59fa1340c820d8b2c1f17280a1d2e663f1b4/	515 KB 144 KB	145ms 44ms	Script application/javascript	2600:9000:206f:be00:16:d4d3:a440:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.bluebillywig.com/scripts/prebid/7.54.3/cbaea51dad3dabe7f0585e06a5be59fa1340c820d8b2c1f17280a1d2e663f1b4/bluebillywig_pbjs.js Requested by Host: publift.mainroll.com URL: https://publift.mainroll.com/a/sohu_sohu_outstream.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:be00:16:d4d3:a440:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e526b3063d2f5c5a6643a6ee476bf557792efcb2e8dcbb364604f68b6799fa3f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Sun, 17 Sep 2023 02:00:16 GMT x-amz-version-id 3r3MbTWKa3KEkOEX03lNl6uI7aC8OFJP content-encoding br x-content-type-options nosniff via 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront) strict-transport-security max-age=31536000 x-amz-cf-pop FRA56-C1 age 139541 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-storage-class INTELLIGENT_TIERING x-amz-replication-status REPLICA x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Mon, 11 Sep 2023 03:50:23 GMT server AmazonS3 etag W/"7f67c80741d5f9af1b5dce27483cc57a" vary Accept-Encoding, Origin x-frame-options SAMEORIGIN content-type application/javascript cache-control public,max-age=2419200 x-amz-cf-id 4QdVu1z5FSY5M8OaCuyW5qOVLv4fRwBYHsENyT5-9gUTOCybp8y1Ew==
GET H2	200	os-player.js Show response cdn.bluebillywig.com/apps/player/20230918.114410/	811 KB 178 KB	187ms 136ms	Script application/javascript	2600:9000:206f:be00:16:d4d3:a440:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.bluebillywig.com/apps/player/20230918.114410/os-player.js Requested by Host: publift.mainroll.com URL: https://publift.mainroll.com/a/sohu_sohu_outstream.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:be00:16:d4d3:a440:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash aea544dc3298d51eafe5bbee9610f3c622f9104d28dc8db26f2d2261ccb0389b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 11:46:43 GMT x-amz-version-id y7mPnrJnXu_PeNZAQBtwjX7EOcPXBENY content-encoding br x-content-type-options nosniff via 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront) strict-transport-security max-age=31536000 x-amz-cf-pop FRA56-C1 age 17954 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status REPLICA x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Mon, 18 Sep 2023 11:45:38 GMT server AmazonS3 etag W/"6cb875f07f2d8e112528876c156cd7ea" vary Accept-Encoding, Origin x-frame-options SAMEORIGIN content-type application/javascript cache-control public,max-age=1209600 x-amz-cf-id PQ1DALeAdz9UWlGS4EHMnV3So_7DmGtBLgtknaLNbAbyj0rTxJm8BQ==
GET H2	204	debug trc-events.taboola.com/sohuchina-sohucom/log/2/	0 90 B	187ms 43ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://trc-events.taboola.com/sohuchina-sohucom/log/2/debug?tim=18%3A45%3A56.854&type=info&msg=http%3A%2F%2Fposbv.cfd%2F&llvl=2&id=1536&cv=20230918-3-RELEASE&lt=deflated&pct=1 Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:57 GMT access-control-allow-credentials true server nginx x-fastly-to-nlb-rtt 42959
POST H2	202	logs Show response http-intake.logs.datadoghq.com/api/v2/	2 B 253 B	401ms 141ms	Fetch application/json	2600:1f18:24e6:b900:996c:8fd4:8527:1690 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js Requested by Host: cdn.adpushup.com URL: http://cdn.adpushup.com/42136/adpushup.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:24e6:b900:996c:8fd4:8527:1690 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://posbv.cfd/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 18 Sep 2023 16:45:57 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff accept-encoding identity,gzip,x-gzip,deflate,x-deflate,zstd content-type application/json access-control-allow-origin * cross-origin-resource-policy cross-origin content-length 2
GET H2	200	quantcast.js Show response cdn.adpushup.com/pbuseridscripts/	450 B 561 B	160ms 40ms	Script application/javascript	2a02:26f0:480:f::213:7ec8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.adpushup.com/pbuseridscripts/quantcast.js Requested by Host: cdn.adpushup.com URL: http://cdn.adpushup.com/42136/adpushup.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-akamai-country DE date Mon, 18 Sep 2023 16:45:57 GMT content-encoding br last-modified Mon, 28 Jun 2021 04:15:23 GMT server nginx/1.18.0 etag W/"60d94cdb-1c2" vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-akamai-device mobile:false&tablet:false cache-control max-age=31536000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1695055556941_34831752_366224643_16_1240_38_79_146";dur=1 content-length 211 expires Tue, 17 Sep 2024 16:45:57 GMT
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/ Redirect Chain http://securepubads.g.doubleclick.net/tag/js/gpt.js https://securepubads.g.doubleclick.net/tag/js/gpt.js	98 KB 28 KB	112ms 112ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol H3 Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 06f377a26630ded5e3b07ebf4baf8bc93bc5052882586f57053321c36b33f1da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:57 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28936 x-xss-protection 0 server cafe etag 796 / 19618 / m202309120101 / config-hash: 5872517447352829814 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 18 Sep 2023 16:45:57 GMT Redirect headers Date Mon, 18 Sep 2023 16:45:56 GMT X-Content-Type-Options nosniff Server cafe Vary Accept-Encoding P3P policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Location https://securepubads.g.doubleclick.net/tag/js/gpt.js Content-Type text/html; charset=UTF-8 Cache-Control private, max-age=900, stale-while-revalidate=3600 Cross-Origin-Resource-Policy cross-origin Timing-Allow-Origin * Content-Length 0 X-XSS-Protection 0 Expires Mon, 18 Sep 2023 16:45:56 GMT
GET H2	200	testmode e3.adpushup.com/AdPushupFeedbackWebService/feedback/	70 B 316 B	225ms 90ms	Image image/png	23.97.225.52 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTUwNTU1NTY4ODcsInBhY2tldElkIjoiMDAwMEE0OTgtNTIwYTAwNmUtYmViMS00Yzk1LThiOTctMmUxNjZkZjE4MTFjIiwic2l0ZUlkIjo0MjEzNiwic2l0ZURvbWFpbiI6Imh0dHA6Ly93d3cuc29odS5jb20iLCJ1cmwiOiJodHRwOi8vcG9zYnYuY2ZkLyIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJjb3VudHJ5IjoiREUifQ%3D%3D&c_b=5549.299999237061 Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Mon, 18 Sep 2023 16:45:57 GMT server nginx/1.18.0 (Ubuntu) access-control-allow-methods GET, POST content-type image/png access-control-allow-origin http://posbv.cfd cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-robots-tag noindex content-length 70 expires 0
GET H/1.1	200	sync e3.adpushup.com/AdPushupFeedbackWebService/user/	70 B 523 B	88ms 42ms	Image image/png	23.97.225.52 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL http://e3.adpushup.com/AdPushupFeedbackWebService/user/sync Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Server 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Pragma no-cache Date Mon, 18 Sep 2023 16:45:57 GMT Server nginx/1.18.0 (Ubuntu) Ap-Cookie-Status cookies ap_uid and ap_usid not set due to GDPR Access-Control-Allow-Methods GET, POST Content-Type image/png Access-Control-Allow-Origin http://posbv.cfd Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive X-Robots-Tag noindex Content-Length 70 Expires 0
GET H2	200	feedback e3.adpushup.com/AdPushupFeedbackWebService/	70 B 315 B	166ms 91ms	Image image/png	23.97.225.52 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTUwNTU1NTY4OTIsInBhY2tldElkIjoiMDAwMEE0OTgtNTIwYTAwNmUtYmViMS00Yzk1LThiOTctMmUxNjZkZjE4MTFjIiwic2l0ZUlkIjo0MjEzNiwic2l0ZURvbWFpbiI6Imh0dHA6Ly93d3cuc29odS5jb20iLCJ1cmwiOiJodHRwOi8vcG9zYnYuY2ZkLyIsIm1vZGUiOjIsImVycm9yQ29kZSI6NywicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJjb3VudHJ5IjoiREUifQ%3D%3D&c_b=5553.900001525879 Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Mon, 18 Sep 2023 16:45:57 GMT server nginx/1.18.0 (Ubuntu) access-control-allow-methods GET, POST content-type image/png access-control-allow-origin http://posbv.cfd cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-robots-tag noindex content-length 70 expires 0
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/	408 KB 129 KB	40ms 39ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077933 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2566f2f20ba122f78d6713a1c25217fd221f65a98cda4dedea1571e2e5df19b3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Sun, 17 Sep 2023 17:02:39 GMT content-encoding br x-content-type-options nosniff age 85397 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 131705 x-xss-protection 0 server cafe etag 17641473086515647811 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Mon, 16 Sep 2024 17:02:39 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	31 B 59 B	155ms 76ms	XHR application/json	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=posbv.cfd Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1a6dce1d021fbadb3a5a13983e5ab172c9716e12702fc5b5146672d3b38d2839 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:57 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 x-xss-protection 0 expires Mon, 18 Sep 2023 16:45:57 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	237 KB 83 KB	146ms 53ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-DFBWYFE6Q0 Requested by Host: cdn-ali.onemob.mobi URL: https://cdn-ali.onemob.mobi/js/sohu300x250.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash af3bf18176732e20590e14a4bee3de9d3e44bfc32805c5f53e0a376cda4b7420 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:57 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 84748 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 18 Sep 2023 16:45:57 GMT
GET H2	200	fuse.js Show response cdn.fuseplatform.net/publift/tags/2/2383/	218 KB 56 KB	42ms 42ms	Script application/x-javascript	2a02:26f0:3500:12::1730:1788 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.fuseplatform.net/publift/tags/2/2383/fuse.js Requested by Host: cdn-ali.onemob.mobi URL: https://cdn-ali.onemob.mobi/js/sohu300x250.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:12::1730:1788 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 4f82a96e567d83ebe83199925f34657ccaa20166d25c0931349a074e5937ffc3 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:56 GMT content-encoding gzip last-modified Thu, 08 Jun 2023 06:33:41 GMT server AkamaiNetStorage etag "89b99adb3187e8c3f1d5b314db5f9aa2:1686206021.150619" vary Accept-Encoding content-type application/x-javascript cache-control max-age=1800 accept-ranges bytes content-length 57021 expires Mon, 18 Sep 2023 17:15:56 GMT
GET H/1.1	200 OK	js_count.php Show response stat.onemob.mobi/plgn/	5 B 159 B	1440ms 308ms	Script text/html	47.90.33.151 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://stat.onemob.mobi/plgn/js_count.php?co=sohu&ad=D&stype=pc Requested by Host: cdn-ali.onemob.mobi URL: https://cdn-ali.onemob.mobi/js/sohu300x250.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 47.90.33.151 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash f4e07933b237d30b8a4076b537153be63d257f568a656b3eca101a537624791b Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Mon, 18 Sep 2023 16:45:58 GMT Server nginx Connection keep-alive Content-Length 5 Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	js_count.php Show response stat.onemob.mobi/plgn/	5 B 159 B	1434ms 305ms	Script text/html	47.90.33.151 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://stat.onemob.mobi/plgn/js_count.php?co=pys&ad=sohu-22379996764&stype=pc Requested by Host: cdn-ali.onemob.mobi URL: https://cdn-ali.onemob.mobi/js/sohu300x250.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 47.90.33.151 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash f4e07933b237d30b8a4076b537153be63d257f568a656b3eca101a537624791b Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Mon, 18 Sep 2023 16:45:58 GMT Server nginx Connection keep-alive Content-Length 5 Content-Type text/html; charset=UTF-8
GET H2	200	tag Show response btloader.com/	53 KB 18 KB	152ms 51ms	Script application/javascript	2606:4700:20::681a:78b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://btloader.com/tag?o=5708166709903360&upapi=true Requested by Host: cdn.fuseplatform.net URL: https://cdn.fuseplatform.net/publift/tags/2/2383/fuse.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f156e9ac7a17b9f365f64fa37adaeceef80e183174cce9e4f9bfa9871e3bb9c Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:57 GMT via 1.1 google content-encoding br cf-cache-status HIT last-modified Mon, 18 Sep 2023 16:36:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 345 etag W/"4498f5475f0a9a4cf47035a654ed53a0" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdncVemtvtyEbalMt%2BLYRP6pR575yvBphfq2Org5L5ApaDN64G0VUmqBSyWr4AOjDh3ocbFpo6zAZx1KCtqAWH6v9bRgnUlXsNMcY8bpuYDVYIatgwStnrM4BpaFoQ7N0BBuq58vuZo1Tw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300 cf-ray 808b0ff0aa98365b-FRA
GET H/1.1	200	feedback e3.adpushup.com/AdPushupFeedbackWebService/	70 B 457 B	1972ms 1972ms	Image image/png	23.97.225.52 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL http://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTUwNTU1NTcwNTcsInBhY2tldElkIjoiMDAwMEE0OTgtNTIwYTAwNmUtYmViMS00Yzk1LThiOTctMmUxNjZkZjE4MTFjIiwic2l0ZUlkIjo0MjEzNiwic2l0ZURvbWFpbiI6Imh0dHA6Ly93d3cuc29odS5jb20iLCJ1cmwiOiJodHRwOi8vcG9zYnYuY2ZkLyIsIm1vZGUiOjIsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkeCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6Ik1PQklMRSIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjI2OWE3OTIxLTIzNGEtNDZmYS05M2IyLTRlMDFiMGEyNDgwNSIsInNlY3Rpb25OYW1lIjoiQVBfVF9NXzMzNlgyODBfMjY5YTciLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyMTM2XzMzNlgyODBfMjY5YTc5MjEtMjM0YS00NmZhLTkzYjItNGUwMWIwYTI0ODA1Iiwic2VydmljZXMiOlsyXSwiYWRVbml0VHlwZSI6MX1dfQ== Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Server 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Pragma no-cache Date Mon, 18 Sep 2023 16:45:59 GMT Server nginx/1.18.0 (Ubuntu) Access-Control-Allow-Methods GET, POST Content-Type image/png Access-Control-Allow-Origin http://posbv.cfd Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive X-Robots-Tag noindex Content-Length 70 Expires 0
GET H/1.1	200 OK	quant.js Show response edge.quantserve.com/	22 KB 9 KB	95ms 41ms	Script application/javascript	2620:116:800d:21:c5a4:625:6563:a5bb AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://edge.quantserve.com/quant.js Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js Protocol HTTP/1.1 Server 2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Mon, 18 Sep 2023 16:45:57 GMT Content-Encoding gzip Etag "6ioqmyHWSWLYz5hkRjy8Uw==" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control private, max-age=604800 Connection keep-alive Accept-Ranges bytes Expires Mon, 25 Sep 2023 16:45:57 GMT
GET H/1.1	200 OK	ima3.js Show response s0.2mdn.net/instream/html5/	357 KB 123 KB	102ms 48ms	Script text/javascript	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://s0.2mdn.net/instream/html5/ima3.js Requested by Host: cdn.bluebillywig.com URL: https://cdn.bluebillywig.com/apps/player/20230918.114410/os-player.js Protocol HTTP/1.1 Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3501b862c03ab2ac2110fcfff885ad42a47e4aef871f158665ecf63077dde6b4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Mon, 18 Sep 2023 16:45:57 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server sffe Vary Accept-Encoding Report-To {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} Content-Type text/javascript Cache-Control private, max-age=900 Cross-Origin-Resource-Policy cross-origin Accept-Ranges bytes Content-Length 125470 X-XSS-Protection 0 Cross-Origin-Opener-Policy-Report-Only same-origin; report-to="ads-doubleclick-media" Expires Mon, 18 Sep 2023 16:45:57 GMT
GET H2	200	/ stats.mainroll.com/	43 B 401 B	110ms 74ms	Image image/gif	108.138.17.104 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://stats.mainroll.com/?pm=%5B%22html5%22%2C%22%3C%2d%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&sid=%5B%22EzW3P99vPq4m%22%2C%22%3C%2d%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&ts=%5B1695055557135%2C1695055557136%2C1695055557141%2C1695055557144%5D&pp=%5B%22publift%22%2C%22%3C%2d%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&ev=%5B%22xst%22%2C%22it%22%2C%22xst%22%2C%22xit%22%5D&id=%5B%228yYft9Hlbe8w%22%2C%220%22%2C%228twNhAGPIe72%22%2C%22sohu_sohu_outstream%22%5D&et=%5B%22Session%22%2Cnull%2C%22View%22%2C%22~~02~~Unit%22%5D&cid=%5B%220%22%2Cnull%2C%220%22%2C%22%3C%2d%22%5D&xu=%5B%22http%3A%2F%2Fposbv.cfd%2F%22%2C%22%3C%2d%22%2C%22%3C%2d%22%2Cnull%5D&xr=%5B%22%22%2C%22%3C%2d%22%2C%22%3C%2d%22%2Cnull%5D&pt=%5B%22%5Buntitled%5D%22%2C%22%3C%2d%22%2C%22%3C%2d%22%2Cnull%5D&aup=%5B%220%22%2C%22%3C%2d%22%2Cnull%2Cnull%5D&aum=%5B%221%22%2C%22%3C%2d%22%2Cnull%2Cnull%5D&aul=%5B%220%22%2C%22%3C%2d%22%2Cnull%2Cnull%5D&sn=%5B1%2C2%2C3%2C4%5D&vu=%5Bnull%2C%22D10C9489%2dEE04%2d41E0%2dB0C7%2d1FDA8063212F%22%2Cnull%2Cnull%5D&pv=%5Bnull%2C%226.x%22%2Cnull%2Cnull%5D&ct=%5Bnull%2Cnull%2Cnull%2Cnull%5D&pd=%5Bnull%2Cnull%2Cnull%2Cnull%5D&vs=%5Bnull%2C%22n%2Fa%22%2Cnull%2Cnull%5D&rs=%5Bnull%2C%221600x1200%22%2Cnull%2Cnull%5D&fs=%5Bnull%2C%220%22%2C%22%3C%2d%22%2Cnull%5D&mt=%5Bnull%2C%22mainroll%22%2Cnull%2Cnull%5D&du=%5Bnull%2C0%2Cnull%2Cnull%5D&ut=%5Bnull%2C%22commercial%22%2C%22%3C%2d%22%2Cnull%5D&pid=%5Bnull%2Cnull%2C%228yYft9Hlbe8w%22%2C%228twNhAGPIe72%22%5D&pet=%5Bnull%2Cnull%2C%22Session%22%2C%22View%22%5D&iet=%5Bnull%2Cnull%2C%22default%22%2Cnull%5D&hn=%5Bnull%2Cnull%2C%22posbv.cfd%22%2C%22%3C%2d%22%5D&ap=%5Bnull%2Cnull%2Cnull%2C%22inarticle%22%5D Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.17.104 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-17-104.fra56.r.cloudfront.net Software nginx/1.14.0 (Ubuntu) / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:57 GMT via 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront) last-modified Mon, 28 Sep 1970 06:00:00 GMT server nginx/1.14.0 (Ubuntu) x-amz-cf-pop FRA56-P7 x-cache Miss from cloudfront content-type image/gif cache-control max-age=315360000 alt-svc h3=":443"; ma=86400 content-length 43 x-amz-cf-id 3Mhof0u7AOw4V2Ke1r1mbVkx3XoEDZPRgteEqXGchmk1FeZjacQpDA== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	/ stats.mainroll.com/	43 B 402 B	90ms 70ms	Image image/gif	108.138.17.104 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://stats.mainroll.com/?pm=%5B%22html5%22%2C%22%3C%2d%22%5D&sid=%5B%22EzW3P99vPq4m%22%2C%22%3C%2d%22%5D&ts=%5B1695055557145%2C1695055557152%5D&pp=%5B%22publift%22%2C%22%3C%2d%22%5D&ev=%5B%22xov%22%2C%22xit%22%5D&id=%5B%22sohu_sohu_outstream%22%2C%22sohu_sohu_outstream_~~00~~x%22%5D&et=%5B%22~~02~~Unit%22%2C%22LineItem%22%5D&cid=%5B%220%22%2C%22%3C%2d%22%5D&pid=%5B%228twNhAGPIe72%22%2C%22sohu_sohu_outstream%22%5D&pet=%5B%22View%22%2C%22~~02~~Unit%22%5D&ap=%5B%22inarticle%22%2C%22%3C%2d%22%5D&hn=%5B%22posbv.cfd%22%2C%22%3C%2d%22%5D&sn=%5B5%2C6%5D&at=%5Bnull%2C%22dfp%22%5D&ar=%5Bnull%2C%22https%3A%2F%2Fpub~~00~~s.g.doubleclick.net%2Fgamp~~00~~%2F~~00~~s%3Fiu%3D%2F71161633%2C21880406607%2FSOHU_sohu%2Fvideo_outstream%26description_url%3Dhttps%253A%252F%252Fwww.sohu.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D300x169%257C400x300%257C640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D%22%5D Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.17.104 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-17-104.fra56.r.cloudfront.net Software nginx/1.14.0 (Ubuntu) / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:57 GMT via 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront) last-modified Mon, 28 Sep 1970 06:00:00 GMT server nginx/1.14.0 (Ubuntu) x-amz-cf-pop FRA56-P7 x-cache Miss from cloudfront content-type image/gif cache-control max-age=315360000 alt-svc h3=":443"; ma=86400 content-length 43 x-amz-cf-id -9pehqbWpV65owALMChglDBRCxhxciWjhsCn-EZdY-oyZlZNercMlQ== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	204	state Show response api.btloader.com/mw/	0 101 B	249ms 154ms	Fetch	130.211.23.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/mw/state?bt_env=prod Requested by Host: btloader.com URL: https://btloader.com/tag?o=5708166709903360&upapi=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers access-control-allow-origin * date Mon, 18 Sep 2023 16:45:57 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 vary Origin
GET H2	200	px.gif ad-delivery.net/	43 B 929 B	148ms 54ms	Image image/gif	2606:4700:20::681a:246 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=2 Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:57 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 564508 x-guploader-uploadid ADPycdvoAKZcVYy5cu--d5Ie_gYPFlSzNJileWVO2kmxPAwROpZh4Fs17-VKE0vULL0UmTLXqr0kN90JfJJWI_t0CAlhpQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 5 x-goog-stored-content-encoding identity content-length 43 last-modified Wed, 05 May 2021 19:25:32 GMT server cloudflare etag "ad4b0f606e0f8465bc4c4c170b37e1a3" vary Accept-Encoding x-goog-generation 1620242732037093 content-type image/gif access-control-allow-origin * x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wl9zatfpS8rOGvMjdKZGvbvlxTpeP1T2mU%2Bqwkkk4UoNUra%2FazguI5kpa40zIZrU88%2FY%2FD2qaIL7ekYpD7T0kQ6PRqrWr6c6unZoplyClfa2mo3ckC6d3tRBSmqEkx0QYQKpP67M54h4EDXlZg%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 43 accept-ranges bytes cf-ray 808b0ff1d9f91e50-FRA expires Tue, 12 Sep 2023 04:18:21 GMT
GET H2	200	favicon.ico ad.doubleclick.net/	1 KB 571 B	143ms 39ms	Image image/x-icon	142.250.181.230 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f6.1e100.net Software sffe / Resource Hash d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 08:50:38 GMT content-encoding gzip x-content-type-options nosniff age 28519 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 104 x-xss-protection 0 last-modified Tue, 08 May 2012 13:08:06 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/x-icon access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Sep 2023 08:50:38 GMT
GET H2	200	px.gif ad-delivery.net/	43 B 343 B	80ms 55ms	Image image/gif	2606:4700:20::681a:246 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=1&e=0.6009162400316901 Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:57 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 564508 x-guploader-uploadid ADPycdvoAKZcVYy5cu--d5Ie_gYPFlSzNJileWVO2kmxPAwROpZh4Fs17-VKE0vULL0UmTLXqr0kN90JfJJWI_t0CAlhpQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 5 x-goog-stored-content-encoding identity content-length 43 last-modified Wed, 05 May 2021 19:25:32 GMT server cloudflare etag "ad4b0f606e0f8465bc4c4c170b37e1a3" vary Accept-Encoding x-goog-generation 1620242732037093 content-type image/gif access-control-allow-origin * x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MN8LUEkur5ggL%2F4Sx0npamOJvRheMJ8EE%2BqN1L7G0Y8Kbfrl9AAS1v3ojOBW8mLiTo02G8ePZCf0Ve4uBCPQDnfX%2BFo7V%2ByZ%2Bgkx5llJqR1Yx3HZXMCn1Akct4SGKgKEVY%2BxxIChiaGS0MBGTg%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 43 accept-ranges bytes cf-ray 808b0ff1d9fd1e50-FRA expires Tue, 12 Sep 2023 04:18:21 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 249 B	136ms 47ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-DFBWYFE6Q0&gtm=45je39d0&_p=1856575758&_gaz=1&cid=619849686.1695055557&ul=en-us&sr=1600x1200&_s=1&sid=1695055557&sct=1&seg=0&dl=http%3A%2F%2Fposbv.cfd%2F&dt=%E5%87%A4%E5%87%B0%E4%B8%8E%E5%BD%A9%E7%A5%A8-%E6%99%BA%E8%83%BD%E5%AE%B6%E5%B1%85%E7%B3%BB%E7%BB%9F-%E5%AE%B6%E6%A0%B8%E4%BC%98%E5%B1%85&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-DFBWYFE6Q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Mon, 18 Sep 2023 16:45:57 GMT server Golfe2 content-type text/plain access-control-allow-origin http://posbv.cfd cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 249 B	145ms 48ms	Ping text/plain	2a00:1450:400c:c03::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DFBWYFE6Q0&cid=619849686.1695055557&gtm=45je39d0&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-DFBWYFE6Q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Mon, 18 Sep 2023 16:45:57 GMT server Golfe2 content-type text/plain access-control-allow-origin http://posbv.cfd cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	167ms 77ms	Image image/gif	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DFBWYFE6Q0&cid=619849686.1695055557&gtm=45je39d0&aip=1&z=2126390377 Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Mon, 18 Sep 2023 16:45:57 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	rules-p-54Nt-1NAaEEe0.js Show response rules.quantcount.com/ Redirect Chain http://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js	160 B 634 B	128ms 39ms	Script application/javascript	2600:9000:223c:6200:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol H2 Server 2600:9000:223c:6200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:42:24 GMT via 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 214 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 160 last-modified Thu, 13 Oct 2022 15:29:19 GMT server AmazonS3 etag "05b131079c67d484167fd1b1f6c79577" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes x-amz-cf-id IVWXdUY8sgKSEVu9OsPVZys9dpaSRZSPfSI1AaUyBtOC-COmERv5Yg== Redirect headers Date Mon, 18 Sep 2023 16:45:57 GMT Via 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront) Server CloudFront X-Amz-Cf-Pop FRA56-P2 X-Cache Redirect from cloudfront Content-Type text/html Location https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js Connection keep-alive Content-Length 167 X-Amz-Cf-Id Zb1K91ndTqk7jR9hOxEs-lrTpiVV5LQ3fw2EigHTTRBvoyAlsngaGg==
GET H/1.1	200 OK	player.css css.tv.itc.cn/m/	21 KB 5 KB	2509ms 282ms	Stylesheet text/css	240d:c010:18:1:38::1f ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL http://css.tv.itc.cn/m/player.css Requested by Host: js.tv.itc.cn URL: http://js.tv.itc.cn/m/player/inc-all.js Protocol HTTP/1.1 Server 240d:c010:18:1:38::1f , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software SohuTv-N/1273392 / Resource Hash 57e0c01043d1e4a6563cb9a8eca7dda63c73d883eac07890711d7321706b16e7 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Sat, 27 May 2023 15:04:36 GMT Content-Encoding gzip X-Cache-Lookup Cache Hit FSS-Cache MISS from 2985637.4558511.3740093, EXPIRED from 2692376.3478818.3938084 Connection keep-alive Content-Length 4677 Last-Modified Wed, 02 Mar 2022 06:38:46 GMT Server SohuTv-N/1273392 Etag "621f10f6-55c5" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=1800 FSS-Proxy Powered by 4527157.7214143.5707358 X-NWS-LOG-UUID 18039281797006360654 Accept-Ranges bytes Expires Sat, 27 May 2023 15:34:36 GMT
GET H/1.1	200 OK	bridge3.589.0_en.html Show response imasdk.googleapis.com/js/core/ Frame CC74	722 KB 232 KB	99ms 44ms	Document text/html	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL http://imasdk.googleapis.com/js/core/bridge3.589.0_en.html Requested by Host: s0.2mdn.net URL: http://s0.2mdn.net/instream/html5/ima3.js Protocol HTTP/1.1 Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9ea746bcaeb49d78462db0b0740de88e2f00bf5f492e14e65a5e811b45ee0220 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://posbv.cfd/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Age 225695 Cache-Control public, max-age=31536000 Content-Encoding gzip Content-Length 236935 Content-Type text/html Cross-Origin-Opener-Policy same-origin; report-to="ads-doubleclick-instream-static" Cross-Origin-Resource-Policy cross-origin Date Sat, 16 Sep 2023 02:04:22 GMT Expires Sun, 15 Sep 2024 02:04:22 GMT Last-Modified Tue, 12 Sep 2023 02:58:09 GMT Report-To {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} Server sffe Vary Accept-Encoding X-Content-Type-Options nosniff X-XSS-Protection 0
GET H2	200	client.js Show response s0.2mdn.net/instream/video/	44 KB 17 KB	147ms 60ms	Script text/javascript	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/instream/video/client.js Requested by Host: s0.2mdn.net URL: http://s0.2mdn.net/instream/html5/ima3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:57 GMT content-encoding gzip x-content-type-options nosniff server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript cache-control private, max-age=900 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16746 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Sep 2023 16:45:57 GMT
GET H3	200	omweb-v1.js Show response pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8660	40 KB 14 KB	120ms 39ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js Requested by Host: s0.2mdn.net URL: http://s0.2mdn.net/instream/html5/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:36:14 GMT content-encoding gzip x-content-type-options nosniff age 583 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13893 x-xss-protection 0 last-modified Wed, 09 Aug 2023 15:57:08 GMT server sffe cross-origin-opener-policy same-origin; report-to="omsdk-team-release-policy" vary Accept-Encoding report-to {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Mon, 18 Sep 2023 17:36:14 GMT
GET H2	200	/ stats.mainroll.com/	43 B 402 B	69ms 68ms	Image image/gif	108.138.17.104 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://stats.mainroll.com/?pm=html5&sid=EzW3P99vPq4m&ts=1695055557483&pp=publift&ev=xls&id=sohu_sohu_outstream_~~00~~x&et=LineItem&cid=0&pid=sohu_sohu_outstream&pet=~~02~~Unit&at=dfp&ap=inarticle&ar=https%3A%2F%2Fpub~~00~~s.g.doubleclick.net%2Fgamp~~00~~%2F~~00~~s%3Fiu%3D%2F71161633%2C21880406607%2FSOHU_sohu%2Fvideo_outstream%26description_url%3Dhttps%253A%252F%252Fwww.sohu.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D300x169%257C400x300%257C640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1695055557143%26cust_params%3D&sdk=GOOGLE_IMA&hn=posbv.cfd&sn=7 Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.17.104 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-17-104.fra56.r.cloudfront.net Software nginx/1.14.0 (Ubuntu) / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:57 GMT via 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront) last-modified Mon, 28 Sep 1970 06:00:00 GMT server nginx/1.14.0 (Ubuntu) x-amz-cf-pop FRA56-P7 x-cache Miss from cloudfront content-type image/gif cache-control max-age=315360000 alt-svc h3=":443"; ma=86400 content-length 43 x-amz-cf-id UU4KsCyv_8cIlhWXiPEWW2g2F9_rIRLmjbNVYugRoR1QuJ25JGl9ew== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	/ Show response pv.sohu.com/suv/	547 B 1 KB	1006ms 323ms	Script application/x-javascript	43.152.29.38 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL http://pv.sohu.com/suv/?t?=1695055557657438_1600_1200?r?= Requested by Host: js.sohu.com URL: http://js.sohu.com/pv.js?_t=20171214 Protocol HTTP/1.1 Server 43.152.29.38 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software nginx/1.0.15 / Resource Hash 95801c16549fd683b1e856b0f53a61ed9a93d17f865c6be24e52714b15801249 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Mon, 18 Sep 2023 16:45:58 GMT X-Cache-Lookup Cache Miss, Cache Miss, Cache Miss, Cache Miss Server nginx/1.0.15 Content-Type application/x-javascript P3P CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" X-NWS-LOG-UUID 11083653688118436008 Connection keep-alive Accept-Ranges bytes Content-Length 547
GET H/1.1	200 OK	sv.gif track.sohu.com/	43 B 638 B	5212ms 352ms	Image image/gif	43.152.29.38 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Show image Full URL http://track.sohu.com/sv.gif?page_refer_url=&device_resolution=1600_1200_1&spm-pre=&scm-cnt=&traffic_trans=&jump=&js_version=1.0.1_pre&spm-cnt=smwp.content-abroad.0.0.16950555576656BPlaza Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Server 43.152.29.38 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Pragma no-cache Date Mon, 18 Sep 2023 16:46:02 GMT X-Cache-Lookup Cache Miss, Cache Miss, Cache Miss, Cache Miss Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server openresty Content-Type image/gif Cache-Control max-age=3600 X-NWS-LOG-UUID 3456645673156215724 Connection keep-alive Content-Length 43
GET H/1.1	200 OK	se.gif track.sohu.com/	43 B 428 B	5469ms 609ms	Image image/gif	43.152.29.38 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Show image Full URL http://track.sohu.com/se.gif?page_refer_url=&device_resolution=1600_1200_1&spm-pre=&scm-cnt=&traffic_trans=&jump=&js_version=1.0.1_pre&spm-cnt-arr=smwp.content-abroad.0.0.16950555576656BPlaza%2C%2C Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Server 43.152.29.38 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Pragma no-cache Date Mon, 18 Sep 2023 16:46:02 GMT X-Cache-Lookup Cache Miss, Cache Miss, Cache Miss, Cache Miss Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server openresty Content-Type image/gif Cache-Control max-age=3600 X-NWS-LOG-UUID 245784066079912530 Connection keep-alive Content-Length 43
GET H2	204	debug trc-events.taboola.com/sohuchina-sohucom/log/2/	0 89 B	44ms 43ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://trc-events.taboola.com/sohuchina-sohucom/log/2/debug?tim=18%3A45%3A57.672&type=info&msg=http%3A%2F%2Fposbv.cfd%2F&llvl=2&id=835&cv=20230918-3-RELEASE&lt=deflated&pct=1 Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:57 GMT access-control-allow-credentials true server nginx x-fastly-to-nlb-rtt 43152
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/	380 KB 129 KB	121ms 120ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4162412090504078&plah=posbv.cfd Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4162412090504078 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 08222c56bf9b0ae48bd0732a3956d8f210fd0afe3a237bae418cb9b0536f36da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:57 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 131914 x-xss-protection 0 server cafe etag 6927281839000590812 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 18 Sep 2023 16:45:57 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/ Frame 81D9	10 KB 5 KB	126ms 38ms	Document text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4162412090504078 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://posbv.cfd/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 51427 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4438 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 18 Sep 2023 02:28:50 GMT etag 8554266389219770021 expires Mon, 02 Oct 2023 02:28:50 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response pubads.g.doubleclick.net/gampad/ Frame CC74	124 B 597 B	146ms 52ms	XHR text/xml	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2C21880406607%2FSOHU_sohu%2Fvideo_outstream&description_url=https%3A%2F%2Fwww.sohu.com%2F&tfcd=0&npa=0&sz=300x169%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1092022177317011&cust_params&vpa=auto&vpmute=1&sdkv=h.3.589.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&u_so=l&ctv=0&mpt=Blue%20Billywig%20Player&mpv=6.x&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=1630075128&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.589.0&sid=D10C9489-EE04-41E0-B0C7-1FDA8063212F&nel=0&eid=44772139%2C44773331%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44800470&url=http%3A%2F%2Fposbv.cfd%2F&dlt=1695055553941&idt=3857&dt=1695055557996&cookie_enabled=1&scor=1934659330519879&ged=ve4_td4_tt0_pd4_la4000_er3064.0.3222.300_vi0.0.1200.1600_vp0_eb16491 Requested by Host: imasdk.googleapis.com URL: http://imasdk.googleapis.com/js/core/bridge3.589.0_en.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:58 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 98 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-creative-id -2 content-type text/xml; charset=UTF-8 access-control-allow-origin http://imasdk.googleapis.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame CC74	0 234 B	165ms 72ms	Ping image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=ima&puid=1~lmp4bb13&c=4886601134345&slotId=2443300567172.5&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0 Requested by Host: imasdk.googleapis.com URL: http://imasdk.googleapis.com/js/core/bridge3.589.0_en.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Mon, 18 Sep 2023 16:45:58 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 1 KB	49ms 48ms	XHR application/json	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230918 Requested by Host: cdn.bluebillywig.com URL: https://cdn.bluebillywig.com/scripts/prebid/7.54.3/cbaea51dad3dabe7f0585e06a5be59fa1340c820d8b2c1f17280a1d2e663f1b4/bluebillywig_pbjs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d7aa321bc468e6616b61cbe0a90b654c320984049b23ba04e6fa79016121c8d3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://posbv.cfd/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Content-Type text/plain Response headers date Mon, 18 Sep 2023 16:45:58 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 2708 x-jsd-version 1.0.1817 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230103-FRA, cache-yyz4566-YYZ x-jsd-version-type version server cloudflare etag W/"63a-SiQiAtLDblMF8GqKmA6xE7urjwc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EzfU5eea%2BE6zNy6q9f6ap1RhCXpZh62ExkLM0KsaNCOf4tc87qWFy19E7qR4iExCR8VfKVfU%2FTH6FxM%2BISgg7pcmKv%2By0zDj8t%2F5QbYPJW8T%2FBlqxLRjxe7Iqauw20AlLNQsLkdoTNUOhlPxpAM%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 808b0ff69ae230c6-FRA
GET H/1.1	200 OK	localstore.js Show response script.4dex.io/	4 KB 2 KB	148ms 53ms	Script application/javascript	2606:4700:20::681a:9a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/localstore.js Requested by Host: cdn.bluebillywig.com URL: https://cdn.bluebillywig.com/scripts/prebid/7.54.3/cbaea51dad3dabe7f0585e06a5be59fa1340c820d8b2c1f17280a1d2e663f1b4/bluebillywig_pbjs.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 94dc330d7ff3d82152b1ceaa92a712469c9eae969fa025972b1090bfcd9cfb3e Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Mon, 18 Sep 2023 16:45:58 GMT Content-Encoding br CF-Cache-Status HIT Last-Modified Thu, 31 Aug 2023 12:44:55 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Age 1569277 ETag W/"f8af1a4095b4bc54b208ebf4d4dca750" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEX4wjnU%2BiUYvsJyL6CIIydNqaVHGHxqrNS8MrVGQypOTjI6b03aLh22xfxnx9RhfI8N%2BsEU%2Fu8GNnjO1DUlj1kfQXRmxqnMdxhcw4OfwTMtU8gdJ81mEhgDzwZQ%2FKADgPL9MwFQtD456CfG"}],"group":"cf-nel","max_age":604800} Cache-Control public, max-age=1800 Connection keep-alive CF-RAY 808b0ff73f085b4a-FRA
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 108 B	163ms 46ms	XHR text/plain	185.64.189.112 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: cdn.bluebillywig.com URL: https://cdn.bluebillywig.com/scripts/prebid/7.54.3/cbaea51dad3dabe7f0585e06a5be59fa1340c820d8b2c1f17280a1d2e663f1b4/bluebillywig_pbjs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://posbv.cfd/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin http://posbv.cfd date Mon, 18 Sep 2023 16:45:57 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
POST H2	200	prebid Show response ib.adnxs.com/ut/v3/	138 B 693 B	158ms 46ms	XHR application/json	185.89.210.122 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: cdn.bluebillywig.com URL: https://cdn.bluebillywig.com/scripts/prebid/7.54.3/cbaea51dad3dabe7f0585e06a5be59fa1340c820d8b2c1f17280a1d2e663f1b4/bluebillywig_pbjs.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash ce7e4ddc6044bcd4b137fe95177e601378f9bc0569934fdc2834128f718b3056 Security Headers Name Value X-Xss-Protection 0 Request headers Referer http://posbv.cfd/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 18 Sep 2023 16:45:58 GMT an-x-request-uuid cb2acfb2-a72a-4e13-9d55-dfea1f273e9c server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/json; charset=utf-8 access-control-allow-origin http://posbv.cfd cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 80.255.7.102; 80.255.7.102; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 138 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	auction Show response tlx.3lift.com/header/	19 B 537 B	154ms 40ms	XHR application/json	18.185.154.139 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.3&referrer=http%3A%2F%2Fposbv.cfd%2F&tmax=6000 Requested by Host: cdn.bluebillywig.com URL: https://cdn.bluebillywig.com/scripts/prebid/7.54.3/cbaea51dad3dabe7f0585e06a5be59fa1340c820d8b2c1f17280a1d2e663f1b4/bluebillywig_pbjs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.185.154.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-185-154-139.eu-central-1.compute.amazonaws.com Software / Resource Hash 0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer http://posbv.cfd/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 18 Sep 2023 16:45:58 GMT accept-ch sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent x-auction-status 3 content-type application/json; charset=utf-8 access-control-allow-origin http://posbv.cfd cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 19 x-xss-protection 0 expires Thu, 15 Oct 1992 20:10:00 GMT
POST H2	200	pbjs Show response htlb.casalemedia.com/openrtb/	36 B 539 B	146ms 55ms	XHR application/json	104.18.26.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/openrtb/pbjs?s=659901 Requested by Host: cdn.bluebillywig.com URL: https://cdn.bluebillywig.com/scripts/prebid/7.54.3/cbaea51dad3dabe7f0585e06a5be59fa1340c820d8b2c1f17280a1d2e663f1b4/bluebillywig_pbjs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 84cf9ed4b4ef2d8bd0dc7f4b24e0eda71fcd76d751871276b42370e3c514857e Request headers Referer http://posbv.cfd/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 18 Sep 2023 16:45:58 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkJvbuySfaHr1VVOhmHqipjs37jTbLRtffWFi9euH6lRe0MHZH9zHDVrkVRbPrRNhTqzMIK4G5aEiPte3KPjFxLxbV%2FDpraN%2FseOokDKwbm7aewYO02OJlf5Qs9UpAjPxsJkJjzR"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin http://posbv.cfd cache-control no-cache access-control-allow-credentials true cf-ray 808b0ff74cc72bf7-FRA alt-svc h3=":443"; ma=86400 content-length 36 expires 0
GET H3	200	/ stats.mainroll.com/	43 B 337 B	68ms 67ms	Image image/gif	108.138.17.29 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://stats.mainroll.com/?pm=%5B%22html5%22%2C%22%3C%2d%22%5D&sid=%5B%22EzW3P99vPq4m%22%2C%22%3C%2d%22%5D&ts=%5B1695055558159%2C1695055558160%5D&pp=%5B%22publift%22%2C%22%3C%2d%22%5D&ev=%5B%22xpf%22%2C%22xit%22%5D&id=%5B%22sohu_sohu_outstream_~~00~~x%22%2Cnull%5D&et=%5B%22LineItem%22%2C%22Creative%22%5D&cid=%5B%220%22%2C%22%3C%2d%22%5D&pid=%5B%22sohu_sohu_outstream%22%2C%228twNhAGPIe72%22%5D&pet=%5B%22~~02~~Unit%22%2C%22View%22%5D&at=%5B%22dfp%22%2C%22%3C%2d%22%5D&ap=%5B%22inarticle%22%2C%22%3C%2d%22%5D&ar=%5B%22https%3A%2F%2Fpub~~00~~s.g.doubleclick.net%2Fgamp~~00~~%2F~~00~~s%3Fiu%3D%2F71161633%2C21880406607%2FSOHU_sohu%2Fvideo_outstream%26description_url%3Dhttps%253A%252F%252Fwww.sohu.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D300x169%257C400x300%257C640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1695055557143%26cust_params%3D%22%2C%22%3C%2d%22%5D&why=%5B%22~~02~~Error%201009%3A%20The%20VAST%20response%20document%20is%20empty.%22%2Cnull%5D&~~00~~d=%5B%2d1%2Cnull%5D&sdk=%5B%22GOOGLE_IMA%22%2C%22%3C%2d%22%5D&hn=%5B%22posbv.cfd%22%2C%22%3C%2d%22%5D&sn=%5B8%2C9%5D&auc=%5Bnull%2C%22sohu_sohu_outstream%22%5D&lic=%5Bnull%2C%22sohu_sohu_outstream_~~00~~x%22%5D&vastid=%5Bnull%2C%22%5Bunknown%5D%22%5D&~~00~~p_ap=%5Bnull%2C1%5D&~~00~~p_ib=%5Bnull%2C%22false%22%5D&~~00~~p_md=%5Bnull%2C0%5D&~~00~~p_pi=%5Bnull%2C0%5D&~~00~~p_to=%5Bnull%2C0%5D&~~00~~p_ta=%5Bnull%2C1%5D Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 108.138.17.29 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-17-29.fra56.r.cloudfront.net Software nginx/1.14.0 (Ubuntu) / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:58 GMT via 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront) last-modified Mon, 28 Sep 1970 06:00:00 GMT server nginx/1.14.0 (Ubuntu) x-amz-cf-pop FRA56-P7 x-cache Miss from cloudfront content-type image/gif cache-control max-age=315360000 alt-svc h3=":443"; ma=86400 content-length 43 x-amz-cf-id j_52El3--S_BqgYB4d0yOaM9ecFeuGRJEC-5GmDIRYR252SuTeqeTA== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	/ stats.mainroll.com/	43 B 338 B	72ms 71ms	Image image/gif	108.138.17.29 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://stats.mainroll.com/?pm=%5B%22html5%22%2C%22%3C%2d%22%5D&sid=%5B%22EzW3P99vPq4m%22%2C%22%3C%2d%22%5D&ts=%5B1695055558161%2C1695055558166%5D&pp=%5B%22publift%22%2C%22%3C%2d%22%5D&ev=%5B%22xpf%22%2C%22xit%22%5D&id=%5Bnull%2C%22auction_798_lineitem_sohu_sohu_outstream%22%5D&et=%5B%22Creative%22%2C%22LineItem%22%5D&cid=%5B%220%22%2C%22%3C%2d%22%5D&pid=%5B%228twNhAGPIe72%22%2C%22sohu_sohu_outstream%22%5D&pet=%5B%22View%22%2C%22~~02~~Unit%22%5D&at=%5B%22dfp%22%2C%22auction_direct%22%5D&ap=%5B%22inarticle%22%2C%22%3C%2d%22%5D&ar=%5B%22https%3A%2F%2Fpub~~00~~s.g.doubleclick.net%2Fgamp~~00~~%2F~~00~~s%3Fiu%3D%2F71161633%2C21880406607%2FSOHU_sohu%2Fvideo_outstream%26description_url%3Dhttps%253A%252F%252Fwww.sohu.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D300x169%257C400x300%257C640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1695055557143%26cust_params%3D%22%2C%22__auction_direct__%22%5D&why=%5B%22~~02~~Error%201009%3A%20The%20VAST%20response%20document%20is%20empty.%22%2Cnull%5D&~~00~~d=%5B%2d1%2Cnull%5D&sdk=%5B%22GOOGLE_IMA%22%2Cnull%5D&auc=%5B%22sohu_sohu_outstream%22%2Cnull%5D&lic=%5B%22sohu_sohu_outstream_~~00~~x%22%2Cnull%5D&vastid=%5B%22%5Bunknown%5D%22%2Cnull%5D&hn=%5B%22posbv.cfd%22%2C%22%3C%2d%22%5D&sn=%5B10%2C11%5D Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 108.138.17.29 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-17-29.fra56.r.cloudfront.net Software nginx/1.14.0 (Ubuntu) / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:58 GMT via 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront) last-modified Mon, 28 Sep 1970 06:00:00 GMT server nginx/1.14.0 (Ubuntu) x-amz-cf-pop FRA56-P7 x-cache Miss from cloudfront content-type image/gif cache-control max-age=315360000 alt-svc h3=":443"; ma=86400 content-length 43 x-amz-cf-id HVtBBg1iY7EW0sxVkbXuVRjiL_TDisRGq_u5qew7yreTJ2aUDztBxA== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	script.js Show response cadmus.script.ac/dahhc4ozyvjm6/	3 B 435 B	157ms 52ms	Script application/javascript	2606:4700::6812:1691 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cadmus.script.ac/dahhc4ozyvjm6/script.js Requested by Host: script.4dex.io URL: https://script.4dex.io/localstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:58 GMT last-modified Mon, 01 Jan 2018 00:00:00 GMT server cloudflare age 0 etag W/"601055f6a0c6408859f97b5f0a84bdb88441a80e" vary Accept-Encoding content-type application/javascript cache-control public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200 cf-ray 808b0ff83a50366e-FRA content-length 3
GET H/1.1	200 OK	adagio.js Show response script.4dex.io/	75 KB 24 KB	214ms 131ms	Fetch application/javascript	2606:4700:20::681a:9a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/adagio.js Requested by Host: script.4dex.io URL: https://script.4dex.io/localstore.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 958622e2ce103c663883a5e931b64fe435a4f6cb60e151242416727ea8529448 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Mon, 18 Sep 2023 16:45:58 GMT Content-Encoding br CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive Last-Modified Thu, 31 Aug 2023 12:44:55 GMT Server cloudflare ETag W/"69d6e69258e345d4df1e72d8a9065e99" Vary Origin, Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPKBgRz9ureShzSdWbQGcYkHDzHlfn8TeZ81J1fBS0fFLgn4MDtSh5GPZQJnG71qI7uGbCC4z%2BvbJZFzKyQdIYdS1vS3Ib3cDLyDywyCpia3GDn5Qp3Bl6gnkVkK%2FQAWC7a8ea77i61a2mHW"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers Cache-Control public, max-age=1800 CF-RAY 808b0ff81dce03b0-FRA
GET H3	200	/ stats.mainroll.com/	43 B 338 B	69ms 68ms	Image image/gif	108.138.17.29 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://stats.mainroll.com/?pm=%5B%22html5%22%2C%22%3C%2d%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&sid=%5B%22EzW3P99vPq4m%22%2C%22%3C%2d%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&ts=%5B1695055558348%2C1695055558349%2C1695055558352%2C1695055558358%5D&pp=%5B%22publift%22%2C%22%3C%2d%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&ev=%5B%22xpf%22%2C%22xit%22%2C%22xpf%22%2C%22xfn%22%5D&id=%5B%22auction_798_lineitem_sohu_sohu_outstream%22%2Cnull%2C%22%3C%2d%22%2C%228twNhAGPIe72%22%5D&et=%5B%22LineItem%22%2C%22Creative%22%2C%22%3C%2d%22%2C%22View%22%5D&cid=%5B%220%22%2C%22%3C%2d%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&pid=%5B%22sohu_sohu_outstream%22%2C%228twNhAGPIe72%22%2C%22%3C%2d%22%2C%228yYft9Hlbe8w%22%5D&pet=%5B%22~~02~~Unit%22%2C%22View%22%2C%22%3C%2d%22%2C%22Session%22%5D&at=%5B%22auction_direct%22%2C%22%3C%2d%22%2C%22%3C%2d%22%2Cnull%5D&ap=%5B%22inarticle%22%2C%22%3C%2d%22%2C%22%3C%2d%22%2Cnull%5D&ar=%5B%22__auction_direct__%22%2C%22%3C%2d%22%2C%22%3C%2d%22%2Cnull%5D&hn=%5B%22posbv.cfd%22%2C%22%3C%2d%22%2C%22%3C%2d%22%2Cnull%5D&sn=%5B12%2C13%2C14%2C15%5D&auc=%5Bnull%2C%22sohu_sohu_outstream%22%2C%22%3C%2d%22%2Cnull%5D&lic=%5Bnull%2C%22auction_798_lineitem_sohu_sohu_outstream%22%2C%22%3C%2d%22%2Cnull%5D&vastid=%5Bnull%2C%22%5Bunknown%5D%22%2C%22%3C%2d%22%2Cnull%5D&~~00~~p_ap=%5Bnull%2C1%2Cnull%2Cnull%5D&~~00~~p_ib=%5Bnull%2C%22false%22%2Cnull%2Cnull%5D&~~00~~p_md=%5Bnull%2C0%2Cnull%2Cnull%5D&~~00~~p_pi=%5Bnull%2C0%2Cnull%2Cnull%5D&~~00~~p_to=%5Bnull%2C0%2Cnull%2Cnull%5D&~~00~~p_ta=%5Bnull%2C1%2Cnull%2Cnull%5D&sdk=%5Bnull%2Cnull%2Cnull%2Cnull%5D&fs=%5Bnull%2Cnull%2Cnull%2C%220%22%5D Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 108.138.17.29 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-17-29.fra56.r.cloudfront.net Software nginx/1.14.0 (Ubuntu) / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:45:58 GMT via 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront) last-modified Mon, 28 Sep 1970 06:00:00 GMT server nginx/1.14.0 (Ubuntu) x-amz-cf-pop FRA56-P7 x-cache Miss from cloudfront content-type image/gif cache-control max-age=315360000 alt-svc h3=":443"; ma=86400 content-length 43 x-amz-cf-id YkEhBCG-jSD8tVqH1AJzQWfYZfCQbAHhBPIBkPG8de0oczam1B3I9g== expires Thu, 31 Dec 2037 23:55:55 GMT
POST H2	204	csi csi.gstatic.com/ Frame CC74	0 54 B	74ms 73ms	Ping image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=ima&puid=2~lmp4bbb9&c=4886601134345&slotId=2443300567172.5&ghmsh_eids=44772139%2C44773331%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44800470 Requested by Host: imasdk.googleapis.com URL: http://imasdk.googleapis.com/js/core/bridge3.589.0_en.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Mon, 18 Sep 2023 16:45:58 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sync x.bidswitch.net/	43 B 146 B	139ms 41ms	Image image/gif	18.195.36.161 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?ssp=vidoomy&user_id=660990468.72458621801121507.2495792 Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.195.36.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-36-161.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:46:00 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif
GET H/1.1	204 No Content	sync.php pixel.rubiconproject.com/exchange/	0 239 B	212ms 41ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost ba134c4441b6cdf8ef9f5e0539a8ef3e P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H3	200	/ stats.mainroll.com/	43 B 338 B	72ms 71ms	Image image/gif	108.138.17.29 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://stats.mainroll.com/?pm=html5&sid=EzW3P99vPq4m&ts=1695055560196&pp=publift&ev=xiv&id=sohu_sohu_outstream&et=~~02~~Unit&cid=0&pet=View&ap=inarticle&hn=posbv.cfd&sn=16 Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 108.138.17.29 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-17-29.fra56.r.cloudfront.net Software nginx/1.14.0 (Ubuntu) / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:46:00 GMT via 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront) last-modified Mon, 28 Sep 1970 06:00:00 GMT server nginx/1.14.0 (Ubuntu) x-amz-cf-pop FRA56-P7 x-cache Miss from cloudfront content-type image/gif cache-control max-age=315360000 alt-svc h3=":443"; ma=86400 content-length 43 x-amz-cf-id 4L-a2LFr7RZeO9H2DDceDRGGQWXWWh-8cJ6ndz6Nf1wBqQ1XRaDpIA== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	noconsent Show response cdn.fuseplatform.net/telemetry/	1 B 210 B	42ms 42ms	Fetch text/plain	2a02:26f0:3500:12::1730:1788 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.fuseplatform.net/telemetry/noconsent?cwvRep=%5B%7B%22name%22%3A%22FCP%22%2C%22value%22%3A%224690.700000762939%22%2C%22rating%22%3A%22poor%22%2C%22id%22%3A%22v3-1695055556212-3337379507090%22%2C%22delta%22%3A%224690.700000762939%22%7D%2C%7B%22name%22%3A%22LCP%22%2C%22value%22%3A%224690.700000762939%22%2C%22rating%22%3A%22poor%22%2C%22id%22%3A%22v3-1695055556212-1314706078046%22%2C%22delta%22%3A%224690.700000762939%22%2C%22element%22%3A%22p%22%7D%2C%7B%22name%22%3A%22CLS%22%2C%22value%22%3A%220.026369749959309897%22%2C%22rating%22%3A%22good%22%2C%22id%22%3A%22v3-1695055556231-9920367936024%22%2C%22delta%22%3A%220.026369749959309897%22%2C%22element%22%3A%22p%22%7D%2C%7B%22name%22%3A%22LCP%22%2C%22value%22%3A%224913.400001525879%22%2C%22rating%22%3A%22poor%22%2C%22id%22%3A%22v3-1695055556212-1314706078046%22%2C%22delta%22%3A%22222.70000076293945%22%2C%22element%22%3A%22img%22%7D%5D&cmpj=unknown&v=1&ttm=1695055561268&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=83437d45-c064-5884-a946-fd82c2345131&fid=2383&pubid=8&url=http%3A%2F%2Fposbv.cfd%2F&sid=114e7e7f4c99eb42a90d&srate=100&adserver=gpt&etm=9931&e=web-vitals Requested by Host: cdn.fuseplatform.net URL: https://cdn.fuseplatform.net/publift/tags/2/2383/fuse.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:12::1730:1788 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881 Request headers accept-language de-DE,de;q=0.9 Referer http://posbv.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Mon, 18 Sep 2023 16:46:01 GMT last-modified Wed, 10 Aug 2022 11:31:51 GMT server AkamaiNetStorage etag "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793" vary Origin content-type text/plain access-control-allow-origin http://posbv.cfd cache-control max-age=1800 accept-ranges bytes content-length 1 expires Mon, 18 Sep 2023 17:16:01 GMT
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame AB5C	52 KB 17 KB	224ms 54ms	Document text/html	23.35.236.188 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: cdn.bluebillywig.com URL: https://cdn.bluebillywig.com/scripts/prebid/7.54.3/cbaea51dad3dabe7f0585e06a5be59fa1340c820d8b2c1f17280a1d2e663f1b4/bluebillywig_pbjs.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-236-188.deploy.static.akamaitechnologies.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Referer http://posbv.cfd/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Origin * Cache-Control max-age=86402 Connection keep-alive Content-Encoding gzip Content-Length 17053 Content-Type text/html Date Mon, 18 Sep 2023 16:46:01 GMT ETag "623de86a-cf34" Expires Tue, 19 Sep 2023 16:46:03 GMT Last-Modified Fri, 25 Mar 2022 16:06:02 GMT Server nginx/1.18.0 (Ubuntu) Vary Accept-Encoding
GET H2	200	sync Show response eb2.3lift.com/ Frame D268	37 B 140 B	133ms 41ms	Document image/gif	76.223.111.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://eb2.3lift.com/sync? Requested by Host: cdn.bluebillywig.com URL: https://cdn.bluebillywig.com/scripts/prebid/7.54.3/cbaea51dad3dabe7f0585e06a5be59fa1340c820d8b2c1f17280a1d2e663f1b4/bluebillywig_pbjs.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0f671730127a0812.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer http://posbv.cfd/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, no-store, must-revalidate content-length 37 content-type image/gif date Mon, 18 Sep 2023 16:46:01 GMT
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame 1B8E	15 KB 6 KB	195ms 57ms	Document text/html	23.35.236.201 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156762 Requested by Host: cdn.bluebillywig.com URL: https://cdn.bluebillywig.com/scripts/prebid/7.54.3/cbaea51dad3dabe7f0585e06a5be59fa1340c820d8b2c1f17280a1d2e663f1b4/bluebillywig_pbjs.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-236-201.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423 Request headers Referer http://posbv.cfd/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control max-age=26593 content-encoding gzip content-length 5606 content-type text/html date Mon, 18 Sep 2023 16:46:01 GMT expires Tue, 19 Sep 2023 00:09:14 GMT last-modified Fri, 01 Sep 2023 11:18:33 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache vary Accept-Encoding
GET H2	200	ixmatch.html Show response js-sec.indexww.com/um/ Frame 55FE	3 KB 2 KB	144ms 51ms	Document text/html	104.18.24.18 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/um/ixmatch.html Requested by Host: cdn.bluebillywig.com URL: https://cdn.bluebillywig.com/scripts/prebid/7.54.3/cbaea51dad3dabe7f0585e06a5be59fa1340c820d8b2c1f17280a1d2e663f1b4/bluebillywig_pbjs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb Request headers Referer http://posbv.cfd/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 426 cache-control public, max-age=14400 cf-cache-status HIT cf-ray 808b100b2cbe046e-FRA content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 18 Sep 2023 16:46:01 GMT expires Mon, 18 Sep 2023 20:46:01 GMT last-modified Mon, 25 Jul 2022 19:18:19 GMT p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" server cloudflare vary Accept-Encoding
GET H2	200	bounce Show response ib.adnxs.com/ Frame AB5C Redirect Chain https://ib.adnxs.com/async_usersync?cbfn=queuePixels https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels	0 644 B	47ms 46ms	Script text/html	185.89.210.122 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels Requested by Host: posbv.cfd URL: http://posbv.cfd/ Protocol H2 Server 185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Mon, 18 Sep 2023 16:46:02 GMT an-x-request-uuid 16f8e158-e8f6-4d2e-98a1-e826e2402592 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 80.255.7.102; 80.255.7.102; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Mon, 18 Sep 2023 16:46:02 GMT an-x-request-uuid f0e034ef-261a-42e6-8e28-3ea28bee67e8 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels cache-control no-store, no-cache, private x-proxy-origin 80.255.7.102; 80.255.7.102; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT