urlscan.io logo urlscan.io
SecurityTrails logo

decode.buzz Open in urlscan Pro
170.82.173.10  Public Scan

Go To Rescan Add Verdict Report
URL: http://decode.buzz/
Submission: On October 18 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 42 IPs in 9 countries across 35 domains to perform 107 HTTP transactions. The main IP is 170.82.173.10, located in São Paulo, Brazil and belongs to 3L CLOUD INTERNET SERVICES LTDA - EPP, BR. The main domain is decode.buzz.
This is the only time decode.buzz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 170.82.173.10 266444 (3L CLOUD ...)
7 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
10 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:205... 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 4 34.201.236.255 14618 (AMAZON-AES)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 13.32.29.81 16509 (AMAZON-02)
13 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.206.97.213 14618 (AMAZON-AES)
6 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 2620:119:50e1... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 108.174.10.14 14413 (LINKEDIN)
1 142.250.74.194 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.32.29.128 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 143.204.215.26 16509 (AMAZON-02)
3 2a03:2880:f12... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 4 142.250.184.194 15169 (GOOGLE)
2 2 2.18.233.201 16625 (AKAMAI-AS)
1 212.82.100.182 34010 (YAHOO-IRD)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 35.186.194.101 15169 (GOOGLE)
2 2 151.101.194.49 54113 (FASTLY)
1 51.178.20.140 16276 (OVH)
1 52.208.103.128 16509 (AMAZON-02)
2 2 104.111.215.191 16625 (AKAMAI-AS)
1 2a04:4e42:400... 54113 (FASTLY)
1 99.81.82.31 16509 (AMAZON-02)
1 2 52.49.107.116 16509 (AMAZON-02)
2 2 185.33.221.89 29990 (ASN-APPNEX)
3 3 13.248.242.197 16509 (AMAZON-02)
1 2 185.86.138.144 201081 (SMARTADSE...)
107 42
5    170.82.173.10 (São Paulo, Brazil)

ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR)
decode.buzz
7    2a02:26f0:6c00::210:ba0b (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
4    2a02:26f0:6c00::210:ba79 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
consent.cookiebot.com
10    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2600:9000:2057:ec00:c:a60c:ce00:21 (United States)

ASN16509 (AMAZON-02, US)
d2nn9xjflnubzs.cloudfront.net
1    2a02:26f0:6c00:2ae::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    34.201.236.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-236-255.compute-1.amazonaws.com
snowplow-pixel.dev.decode.buzz
5    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:6c00::210:ba0a (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    13.32.29.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-81.fra56.r.cloudfront.net
static.hotjar.com
13    2606:4700::6810:cf3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
sync2.navdmp.com
sync.navdmp.com
1    18.206.97.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-97-213.compute-1.amazonaws.com
ec2-18-206-97-213.compute-1.amazonaws.com
6    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2620:119:50e1:101::6cae:b25 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com
px4.ads.linkedin.com
1    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
www.googleadservices.com
2    2a02:26f0:6c00:281::f09 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com
1    2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    13.32.29.128 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-128.fra56.r.cloudfront.net
script.hotjar.com
1    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    143.204.215.26 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-26.fra53.r.cloudfront.net
vars.hotjar.com
3    2a03:2880:f12d:181:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
2    2.18.233.201 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    212.82.100.182 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
4    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    35.186.194.101 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com
ad.sxp.smartclip.net
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    51.178.20.140 (France)

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu
gu.dyntrk.com
1    52.208.103.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    104.111.215.191 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    2a04:4e42:400::300 (Ascension Island)

ASN54113 (FASTLY, US)
trc.taboola.com
1    99.81.82.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-82-31.eu-west-1.compute.amazonaws.com
beacon.krxd.net
2    52.49.107.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-107-116.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    185.33.221.89 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
3    13.248.242.197 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
2    185.86.138.144 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
Apex Domain
Subdomains		 Transfer
14 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
214 KB
13 navdmp.com
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
sync2.navdmp.com
sync.navdmp.com
7 KB
11 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
static.doubleclick.net
cm.g.doubleclick.net
11 KB
9 decode.buzz
decode.buzz
snowplow-pixel.dev.decode.buzz
1 MB
8 youtube.com
www.youtube.com
649 KB
8 typekit.net
use.typekit.net
p.typekit.net
249 KB
6 facebook.net
connect.facebook.net
469 KB
6 cookiebot.com
consent.cookiebot.com
consentcdn.cookiebot.com
35 KB
5 google.com
adservice.google.com
www.google.com
3 KB
4 linkedin.com
px.ads.linkedin.com
www.linkedin.com
px4.ads.linkedin.com
3 KB
4 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com Failed
122 KB
3 adsrvr.org
match.adsrvr.org
1 KB
3 facebook.com
www.facebook.com
515 B
3 google.de
adservice.google.de
www.google.de
1 KB
2 smartadserver.com
sync.smartadserver.com
752 B
2 adnxs.com
secure.adnxs.com
2 KB
2 demdex.net
dpm.demdex.net
1 KB
2 bluekai.com
tags.bluekai.com
565 B
2 everesttech.net
sync-tm.everesttech.net
596 B
2 smartclip.net
ad.sxp.smartclip.net
775 B
2 mathtag.com
pixel.mathtag.com
1 KB
2 googleadservices.com
partner.googleadservices.com
www.googleadservices.com
15 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 googletagmanager.com
www.googletagmanager.com
87 KB
2 cloudfront.net
d2nn9xjflnubzs.cloudfront.net
101 KB
2 unpkg.com
unpkg.com
2 KB
1 krxd.net
beacon.krxd.net
481 B
1 taboola.com
trc.taboola.com
390 B
1 crwdcntrl.net
sync.crwdcntrl.net
1 dyntrk.com
gu.dyntrk.com
215 B
1 yahoo.com
cms.analytics.yahoo.com
1 gstatic.com
fonts.gstatic.com
15 KB
1 amazonaws.com
ec2-18-206-97-213.compute-1.amazonaws.com
1 licdn.com
snap.licdn.com
2 KB
1 googleapis.com
fonts.googleapis.com
1 KB
107 35
Domain Requested by
10 pagead2.googlesyndication.com decode.buzz
pagead2.googlesyndication.com
tpc.googlesyndication.com
8 www.youtube.com decode.buzz
www.youtube.com
7 use.typekit.net decode.buzz
use.typekit.net
6 connect.facebook.net decode.buzz
connect.facebook.net
consent.cookiebot.com
5 sync.navdmp.com decode.buzz
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.youtube.com
www.googleadservices.com
consent.cookiebot.com
5 decode.buzz decode.buzz
4 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
4 cm.g.doubleclick.net 4 redirects
4 www.google.com decode.buzz
tpc.googlesyndication.com
4 snowplow-pixel.dev.decode.buzz 2 redirects decode.buzz
4 consent.cookiebot.com decode.buzz
consent.cookiebot.com
3 match.adsrvr.org 3 redirects
3 www.facebook.com decode.buzz
2 sync.smartadserver.com 1 redirects
2 secure.adnxs.com 2 redirects
2 dpm.demdex.net 1 redirects
2 tags.bluekai.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 ad.sxp.smartclip.net 1 redirects
2 pixel.mathtag.com 2 redirects
2 sync2.navdmp.com decode.buzz
2 cdn.navdmp.com tag.navdmp.com
consent.cookiebot.com
2 www.google.de decode.buzz
2 usr.navdmp.com tag.navdmp.com
consent.cookiebot.com
2 script.hotjar.com static.hotjar.com
consent.cookiebot.com
2 consentcdn.cookiebot.com consent.cookiebot.com
2 px.ads.linkedin.com 2 redirects
2 tag.navdmp.com decode.buzz
tag.navdmp.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com decode.buzz
www.googletagmanager.com
2 d2nn9xjflnubzs.cloudfront.net decode.buzz
d2nn9xjflnubzs.cloudfront.net
2 unpkg.com 1 redirects decode.buzz
1 beacon.krxd.net tag.navdmp.com
1 trc.taboola.com tag.navdmp.com
1 sync.crwdcntrl.net tag.navdmp.com
1 gu.dyntrk.com tag.navdmp.com
1 cms.analytics.yahoo.com decode.buzz
1 vars.hotjar.com static.hotjar.com
consent.cookiebot.com
1 static.doubleclick.net www.youtube.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googleadservices.com www.googletagmanager.com
1 px4.ads.linkedin.com decode.buzz
1 www.linkedin.com 1 redirects
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 fonts.gstatic.com www.youtube.com
1 ec2-18-206-97-213.compute-1.amazonaws.com decode.buzz
1 static.hotjar.com decode.buzz
1 snap.licdn.com www.googletagmanager.com
1 p.typekit.net use.typekit.net
1 fonts.googleapis.com decode.buzz
107 53

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.linkedin.com
Subject Issuer Validity Valid
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-08-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-02 -
2022-07-01		 a year crt.sh
consent.cookiebot.com
DigiCert ECC Extended Validation Server CA		 2020-06-11 -
2022-06-11		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-16 -
2022-07-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.dev.decode.buzz
Amazon		 2021-03-26 -
2022-04-24		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-29 -
2021-10-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-09-16 -
2022-03-16		 6 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.cookiebot.com
DigiCert SHA2 Secure Server CA		 2021-07-05 -
2022-07-13		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.de
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 11 frames:

Primary Page: http://decode.buzz/
Frame ID: E8AB5269853CCFDF316EA00C0C4FE517
Requests: 84 HTTP requests in this frame

Frame: https://www.youtube.com/embed/10Vk9wGgrxA?controls=0&autoplay=1&disablekb=0&mute=1&rel=0&modestbranding=1&loop=1&playlist=10Vk9wGgrxA
Frame ID: 2E6CE49E8A3C89ACCC96595227A4E689
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/zrt_lookup.html
Frame ID: 81B2EC1C2B2787D77C9B0F42F6BDD47B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331341308443280&output=html&adk=1812271804&adf=3025194257&lmt=1614364523&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fdecode.buzz%2F&ea=0&flash=0&pra=5&wgl=1&dt=1634584438905&bpp=3&bdt=574&idt=132&shv=r20211013&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=804987163991&frm=20&pv=2&ga_vid=182995107.1634584439&ga_sid=1634584439&ga_hid=365812537&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062580%2C21066432%2C31062526%2C31063140%2C44748553&oid=2&pvsid=3447507930055429&pem=846&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=151
Frame ID: 83A42475F4BEA206DDC5ADD6679DD4F8
Requests: 1 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Frame ID: 0BDFC497574B3947E5FCBE826D947E3D
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-3333a05ac05419926bfc064e06a742b1.html
Frame ID: 81DBF6774FD250F08568EDBD7097020B
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-3333a05ac05419926bfc064e06a742b1.html
Frame ID: 97A0F46AB8EB0B51F34BB4A403E7CB60
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: BA8413A0AD6E96510CCEA7DEA671937B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9DAC761670581F3D27589394087DA973
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 8C7D59A140240C865ED2325AC6F95972
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 91E6C3C1CFE3A9CFE98B371A652BBDB7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Decode | Data analytics driving business

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • <(?:iframe|img)[^>]+adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

107
Requests

85 %
HTTPS

55 %
IPv6

35
Domains

53
Subdomains

42
IPs

9
Countries

3187 kB
Transfer

7326 kB
Size

28
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://unpkg.com/aos@next/dist/aos.css HTTP 302
  • https://unpkg.com/aos@3.0.0-beta.6/dist/aos.css
Request Chain 22
  • http://snowplow-pixel.dev.decode.buzz/i?stm=1634584438854&e=pv&url=http%3A%2F%2Fdecode.buzz%2F&page=Decode%20%7C%20Data%20analytics%20driving%20business&tv=js-2.13.0&tna=sc&aid=decode&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=913f358e-644e-4579-a531-ba13deb28d5e&dtm=1634584438852&vp=1600x1200&ds=1600x4560&vid=1&sid=9bef1597-4148-48a6-a7eb-5e37769a56e2&duid=d61d6af6-443a-4a39-9405-2757e149e27a&uid=8727cb4e-bec3-4ad0-a54a-978b9a2e9594&co=%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fcontexts%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22iglu%3Acom.google.analytics%2Fcookies%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%7D%7D%2C%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fweb_page%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22id%22%3A%22ad950db7-085d-4e2b-9b66-ede22e2e6e30%22%7D%7D%2C%7B%22schema%22%3A%22iglu%3Aorg.w3%2FPerformanceTiming%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22navigationStart%22%3A1634584437696%2C%22unloadEventStart%22%3A0%2C%22unloadEventEnd%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A1634584437696%2C%22domainLookupStart%22%3A1634584437697%2C%22domainLookupEnd%22%3A1634584437707%2C%22connectStart%22%3A1634584437707%2C%22connectEnd%22%3A1634584437708%2C%22secureConnectionStart%22%3A0%2C%22requestStart%22%3A1634584437708%2C%22responseStart%22%3A1634584438330%2C%22responseEnd%22%3A1634584438331%2C%22domLoading%22%3A1634584438332%2C%22domInteractive%22%3A0%2C%22domContentLoadedEventStart%22%3A0%2C%22domContentLoadedEventEnd%22%3A0%2C%22domComplete%22%3A0%2C%22loadEventStart%22%3A0%2C%22loadEventEnd%22%3A0%7D%7D%5D%7D HTTP 301
  • https://snowplow-pixel.dev.decode.buzz/i?stm=1634584438854&e=pv&url=http%3A%2F%2Fdecode.buzz%2F&page=Decode%20%7C%20Data%20analytics%20driving%20business&tv=js-2.13.0&tna=sc&aid=decode&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=913f358e-644e-4579-a531-ba13deb28d5e&dtm=1634584438852&vp=1600x1200&ds=1600x4560&vid=1&sid=9bef1597-4148-48a6-a7eb-5e37769a56e2&duid=d61d6af6-443a-4a39-9405-2757e149e27a&uid=8727cb4e-bec3-4ad0-a54a-978b9a2e9594&co=%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fcontexts%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22iglu%3Acom.google.analytics%2Fcookies%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%7D%7D%2C%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fweb_page%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22id%22%3A%22ad950db7-085d-4e2b-9b66-ede22e2e6e30%22%7D%7D%2C%7B%22schema%22%3A%22iglu%3Aorg.w3%2FPerformanceTiming%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22navigationStart%22%3A1634584437696%2C%22unloadEventStart%22%3A0%2C%22unloadEventEnd%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A1634584437696%2C%22domainLookupStart%22%3A1634584437697%2C%22domainLookupEnd%22%3A1634584437707%2C%22connectStart%22%3A1634584437707%2C%22connectEnd%22%3A1634584437708%2C%22secureConnectionStart%22%3A0%2C%22requestStart%22%3A1634584437708%2C%22responseStart%22%3A1634584438330%2C%22responseEnd%22%3A1634584438331%2C%22domLoading%22%3A1634584438332%2C%22domInteractive%22%3A0%2C%22domContentLoadedEventStart%22%3A0%2C%22domContentLoadedEventEnd%22%3A0%2C%22domComplete%22%3A0%2C%22loadEventStart%22%3A0%2C%22loadEventEnd%22%3A0%7D%7D%5D%7D
Request Chain 42
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1226642&time=1634584439064&url=http%3A%2F%2Fdecode.buzz%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1226642%26time%3D1634584439064%26url%3Dhttp%253A%252F%252Fdecode.buzz%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1226642&time=1634584439064&url=http%3A%2F%2Fdecode.buzz%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1226642&time=1634584439064&url=http%3A%2F%2Fdecode.buzz%2F&liSync=true&e_ipv6=AQIiXhwYCp8XaAAAAXyU0yzRfk9cO9IAl0jE_eCYmvNmwJVjiivNELufSgHwh9tqL5zyoPtuO6g
Request Chain 65
  • http://snowplow-pixel.dev.decode.buzz/i?stm=1634584439501&e=tr&tv=js-2.13.0&tna=sc&aid=decode&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=6deb9f82-a841-42a9-a2fe-95a64765bced&dtm=1634584438855&vp=1600x1200&ds=1600x4560&vid=1&sid=9bef1597-4148-48a6-a7eb-5e37769a56e2&duid=d61d6af6-443a-4a39-9405-2757e149e27a&uid=8727cb4e-bec3-4ad0-a54a-978b9a2e9594&url=http%3A%2F%2Fdecode.buzz%2F&co=%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fcontexts%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22iglu%3Acom.google.analytics%2Fcookies%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%7D%7D%2C%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fweb_page%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22id%22%3A%22ad950db7-085d-4e2b-9b66-ede22e2e6e30%22%7D%7D%2C%7B%22schema%22%3A%22iglu%3Aorg.w3%2FPerformanceTiming%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22navigationStart%22%3A1634584437696%2C%22unloadEventStart%22%3A0%2C%22unloadEventEnd%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A1634584437696%2C%22domainLookupStart%22%3A1634584437697%2C%22domainLookupEnd%22%3A1634584437707%2C%22connectStart%22%3A1634584437707%2C%22connectEnd%22%3A1634584437708%2C%22secureConnectionStart%22%3A0%2C%22requestStart%22%3A1634584437708%2C%22responseStart%22%3A1634584438330%2C%22responseEnd%22%3A1634584438331%2C%22domLoading%22%3A1634584438332%2C%22domInteractive%22%3A0%2C%22domContentLoadedEventStart%22%3A0%2C%22domContentLoadedEventEnd%22%3A0%2C%22domComplete%22%3A0%2C%22loadEventStart%22%3A0%2C%22loadEventEnd%22%3A0%7D%7D%5D%7D HTTP 301
  • https://snowplow-pixel.dev.decode.buzz/i?stm=1634584439501&e=tr&tv=js-2.13.0&tna=sc&aid=decode&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=6deb9f82-a841-42a9-a2fe-95a64765bced&dtm=1634584438855&vp=1600x1200&ds=1600x4560&vid=1&sid=9bef1597-4148-48a6-a7eb-5e37769a56e2&duid=d61d6af6-443a-4a39-9405-2757e149e27a&uid=8727cb4e-bec3-4ad0-a54a-978b9a2e9594&url=http%3A%2F%2Fdecode.buzz%2F&co=%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fcontexts%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22iglu%3Acom.google.analytics%2Fcookies%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%7D%7D%2C%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fweb_page%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22id%22%3A%22ad950db7-085d-4e2b-9b66-ede22e2e6e30%22%7D%7D%2C%7B%22schema%22%3A%22iglu%3Aorg.w3%2FPerformanceTiming%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22navigationStart%22%3A1634584437696%2C%22unloadEventStart%22%3A0%2C%22unloadEventEnd%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A1634584437696%2C%22domainLookupStart%22%3A1634584437697%2C%22domainLookupEnd%22%3A1634584437707%2C%22connectStart%22%3A1634584437707%2C%22connectEnd%22%3A1634584437708%2C%22secureConnectionStart%22%3A0%2C%22requestStart%22%3A1634584437708%2C%22responseStart%22%3A1634584438330%2C%22responseEnd%22%3A1634584438331%2C%22domLoading%22%3A1634584438332%2C%22domInteractive%22%3A0%2C%22domContentLoadedEventStart%22%3A0%2C%22domContentLoadedEventEnd%22%3A0%2C%22domComplete%22%3A0%2C%22loadEventStart%22%3A0%2C%22loadEventEnd%22%3A0%7D%7D%5D%7D
Request Chain 67
  • http://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=66776265704 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm=&id=66776265704&id=66776265704 HTTP 302
  • https://sync2.navdmp.com/sync?prtid=2&id=66776265704&id=66776265704&google_gid=CAESEPj99b09Xrv2HsZSOv6rMpE&google_cver=1
Request Chain 68
  • http://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
  • https://sync.navdmp.com/sync?img=1&mdia=ad70616d-c777-4c00-b03a-23adcddf667a
Request Chain 84
  • http://ad.sxp.smartclip.net/sync?type=red&dsp=75 HTTP 302
  • http://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1
Request Chain 85
  • https://sync-tm.everesttech.net/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D&_test=YW3HeAAKH968pgA6 HTTP 302
  • https://sync.navdmp.com/sync?prtid=17&tubid=YW3HeAAKH968pgA6&_test=YW3HeAAKH968pgA6
Request Chain 88
  • http://tags.bluekai.com/site/31435?id=66776265704&redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D18%26blkid%3D%24_BK_UUID HTTP 301
  • https://tags.bluekai.com/site/31435?id=66776265704&redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D18%26blkid%3D%24_BK_UUID HTTP 302
  • https://sync.navdmp.com/sync?prtid=18&blkid=$_BK_UUID
Request Chain 91
  • http://dpm.demdex.net/ibs:dpid=822&dpuuid=66776265704&redir=https%3A//sync.navdmp.com/sync%3Fid%3D66776265704%26adID%3D%24%7BDD_UUID%7D%26img%3D1 HTTP 302
  • http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=822&dpuuid=66776265704&redir=https%3A//sync.navdmp.com/sync%3Fid%3D66776265704%26adID%3D%24%7BDD_UUID%7D%26img%3D1
Request Chain 92
  • https://secure.adnxs.com/getuid?https://sync.navdmp.com/sync?appNx=$UID&img=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync.navdmp.com%2Fsync%3FappNx%3D%24UID%26img%3D1 HTTP 302
  • https://sync.navdmp.com/sync?appNx=5521053498254226661&img=1
Request Chain 93
  • http://match.adsrvr.org/track/cmf/generic?ttd_pid=u7695wg&ttd_tpi=1 HTTP 301
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=u7695wg&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=u7695wg&ttd_tpi=1 HTTP 302
  • https://sync.navdmp.com/sync?img=1&prtid=31&ttdid=fbec07c7-f487-49da-b3d4-3e6cd34e39e4
Request Chain 94
  • http://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fsync.navdmp.com%2Fsync%3Fprtid%3D36%26uid%3D%5Bsas_uid%5D HTTP 302
  • http://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
Request Chain 96
  • http://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=66776265704 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm=&id=66776265704&id=66776265704 HTTP 302
  • https://sync2.navdmp.com/sync?prtid=2&id=66776265704&id=66776265704&google_gid=CAESEPj99b09Xrv2HsZSOv6rMpE&google_cver=1

107 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
decode.buzz/ 		28 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://decode.buzz/
Protocol
HTTP/1.1
Server
170.82.173.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
f5cb21d5c4bbdc401fa3ac482048eb389557fd4396283daa55138f45644d8146

Request headers

Host
decode.buzz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Mon, 18 Oct 2021 19:13:58 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
x-amz-id-2
NKfiO3Oe5KzpIsErfOUBRbdgy9Jzfgxlvuqm+CZ3aYEy9VJ2C6Z4rd0cOG7MbIDuMyYwe8ufucc=
x-amz-request-id
VW5JE54094YYD5N1
Last-Modified
Fri, 26 Feb 2021 18:35:23 GMT
ETag
W/"34b44cc43914d6458cbca71b529737c6"
X-GoCache-CacheStatus
BYPASS
Server
gocache
Content-Encoding
gzip
vld5don.css
use.typekit.net/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/vld5don.css
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f2845b07545dfe1c39a8616689df33010a6c310ecb953b45f618ebf236b3a20d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Mon, 18 Oct 2021 19:13:58 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
910
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Mono:300&display=swap
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b6de84da750b4edc3e8072264f3bd30e13dbe8527d5c09cb10bca427d008f92e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 19:13:58 GMT
server
ESF
date
Mon, 18 Oct 2021 19:13:58 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Mon, 18 Oct 2021 19:13:58 GMT
aos.css
unpkg.com/aos@3.0.0-beta.6/dist/
Redirect Chain
  • https://unpkg.com/aos@next/dist/aos.css
  • https://unpkg.com/aos@3.0.0-beta.6/dist/aos.css
28 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/aos@3.0.0-beta.6/dist/aos.css
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8695f5fc64d65593f9763a5b28d14bc34e3cf802317e1ffad2125a7c8fedfafe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
18137812
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"705d-miajSdIaS4cfRd/RJKQ/raT5S5g"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
42d5ca0007273fba1ed8cf2a010bdd70
cache-control
public, max-age=31536000
cf-ray
6a0416443f2a68eb-FRA

Redirect headers

date
Mon, 18 Oct 2021 19:13:58 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01FJACYJ63WQQZFHW8NRMD9NDM
server
cloudflare
age
253
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/aos@3.0.0-beta.6/dist/aos.css
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6a041643fe6068eb-FRA
access-control-allow-origin
*
uc.js
consent.cookiebot.com/ 		90 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba79 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3269900957596b797ed22998c3ecebc6d76fc59144716c4c196f33307627b776

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:59 GMT
content-encoding
gzip
last-modified
Mon, 11 Oct 2021 11:17:38 GMT
server
Microsoft-IIS/10.0
etag
"217c5e9991bed71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=881
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
accept-ranges
bytes
content-length
27986
expires
Mon, 18 Oct 2021 19:28:40 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b75a8eac2a72d97179546447789c6dd98a7aa60dfb30b956ad43f6834582b8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50941
x-xss-protection
0
server
cafe
etag
8445029133009485984
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 18 Oct 2021 19:13:58 GMT
pixel.min.js
d2nn9xjflnubzs.cloudfront.net/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2nn9xjflnubzs.cloudfront.net/pixel.min.js
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ec00:c:a60c:ce00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b935a2ea40bbdd16039ac1325a9e937e148934f336b280ad87cb30ede9848993

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 22:55:12 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
last-modified
Mon, 03 Aug 2020 20:41:02 GMT
server
AmazonS3
age
73127
etag
"911ece9bdd2d10bc261d3ed8c79e88dd"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
2039
x-amz-cf-id
BOiipwmASP51dtVHPzuWvIU9O9sJ9GbIFcmaLa0XPA1eiLaUuyfBvw==
app.css
decode.buzz/ 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://decode.buzz/app.css?50a6bc1df97b520204e9
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
HTTP/1.1
Server
170.82.173.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
f9f6ab7ebe166945956fa7569bc93b5bd8cbfbf1b51688fc47fe81b5ec8673bc

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
decode.buzz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://decode.buzz/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 19:13:58 GMT
Content-Encoding
gzip
Last-Modified
Fri, 26 Feb 2021 18:35:21 GMT
Server
gocache
x-amz-request-id
JQ69K22D8GKP1CNR
ETag
W/"28e3bb59f8e9273716101e8286d88c47"
X-GoCache-CacheStatus
HIT
Content-Type
text/css
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
x-amz-id-2
/G2gMgFvIfd41wc+bilnUb+42a8BTkXQanDBevKj3MAqpatIeT1HpBc4QT2YdF5f1io0bC0CVfQ=
Expires
Mon, 25 Oct 2021 19:13:58 GMT
cd.js
consent.cookiebot.com/308e243a-ba91-4ceb-921b-83b1af7221c2/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/308e243a-ba91-4ceb-921b-83b1af7221c2/cd.js
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba79 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b67be26b180a6b82ebc2bee293d80ca7142a9c3216d9d6fd5ce55537af23fe68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 19:13:59 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
max-age=0, no-cache, no-store
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
content-length
3509
expires
Mon, 18 Oct 2021 19:13:59 GMT
app.js
decode.buzz/ 		292 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://decode.buzz/app.js?50a6bc1df97b520204e9
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
HTTP/1.1
Server
170.82.173.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
d1e480a19dca0d7828bb4beecfe33e8a13790fb87cdd03a53191733d4533cb8b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
decode.buzz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://decode.buzz/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 19:13:58 GMT
Content-Encoding
gzip
Last-Modified
Fri, 26 Feb 2021 18:35:21 GMT
Server
gocache
x-amz-request-id
JQ60NECGKF1XK4Q2
ETag
W/"807b6ac80daa026a8d661e9893d1e922"
X-GoCache-CacheStatus
HIT
Content-Type
application/javascript
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
x-amz-id-2
fZWfdJ3jjvtwEeqxJN2NPXnwwlYn40ypyfotUR7KOa58mSKMJ9IXC+HHR0wRUEpSHn6ibrK1vWA=
Expires
Mon, 25 Oct 2021 19:13:58 GMT
p.css
p.typekit.net/ 		5 B
162 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=vld5don&ht=tk&f=169.170.175.176.37457.37460.37461.37464&a=22770153&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/vld5don.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2ae::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:58 GMT
last-modified
Thu, 05 Nov 2020 13:49:42 GMT
server
nginx
etag
"5fa402f6-5"
content-type
text/css
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
sp.js
d2nn9xjflnubzs.cloudfront.net/ 		98 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d2nn9xjflnubzs.cloudfront.net/sp.js
Requested by
Host: d2nn9xjflnubzs.cloudfront.net
URL: https://d2nn9xjflnubzs.cloudfront.net/pixel.min.js
Protocol
HTTP/1.1
Server
2600:9000:2057:ec00:c:a60c:ce00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62ed3cf655f7ac3b27c276fecd4f5b748f15b6fb138e7223d80b7b4333f2e6a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 02:17:01 GMT
Via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
Last-Modified
Wed, 04 Mar 2020 18:07:56 GMT
Server
AmazonS3
Age
61018
ETag
"d34ad5a83bfc62211576c2bdcb347936"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Length
100335
X-Amz-Cf-Id
YUXlS9U_fB0yxAMeQ0N9RLTKpTTy-qG0W8o_6yOy4Irlby1pLVyrdw==
gtm.js
www.googletagmanager.com/ 		132 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TV8H2VF
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9b5e631253e0a7c6076cbcc9a1375ba970833ade63cea5a312ac418d04e836a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49257
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 18:23:51 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 18 Oct 2021 19:13:58 GMT
10Vk9wGgrxA
www.youtube.com/embed/ Frame 2E6C 		34 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/10Vk9wGgrxA?controls=0&autoplay=1&disablekb=0&mute=1&rel=0&modestbranding=1&loop=1&playlist=10Vk9wGgrxA
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b60a29a7f15427ab47933c5488fa002171c674f30cc3285271f5a953828e9ccd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/10Vk9wGgrxA?controls=0&autoplay=1&disablekb=0&mute=1&rel=0&modestbranding=1&loop=1&playlist=10Vk9wGgrxA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://decode.buzz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 18 Oct 2021 19:13:58 GMT
strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=gHlFutYgnrg; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=j_GShF97Jz8; Domain=.youtube.com; Expires=Sat, 16-Apr-2022 19:13:58 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+635; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ 		950 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
062ba326f323cc4b6a7d05d0cf0ca484a1ea6c94e84893486557d9ddbae5b155

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
3176eac16eeb91c211832edf0c187abf.png
decode.buzz/ 		854 KB
854 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://decode.buzz/3176eac16eeb91c211832edf0c187abf.png
Requested by
Host: decode.buzz
URL: http://decode.buzz/app.css?50a6bc1df97b520204e9
Protocol
HTTP/1.1
Server
170.82.173.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
4886ac7df5ecb85f4b9907f4a6c617e0c8e0a6d156340eff64f56430fd095a87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
decode.buzz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://decode.buzz/app.css?50a6bc1df97b520204e9
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/app.css?50a6bc1df97b520204e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 19:13:58 GMT
Last-Modified
Fri, 26 Feb 2021 18:35:21 GMT
Server
gocache
x-amz-request-id
9NZ1XB5V9G74NV20
ETag
"3176eac16eeb91c211832edf0c187abf"
X-GoCache-CacheStatus
HIT
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
874366
x-amz-id-2
lCrN0/wzUDpKYQjqhhwlyCu4+775njx5kURV7zebXAvHhrh0pD2eM7hOnQxCkufcRwqKcVuTKN0=
Expires
Mon, 25 Oct 2021 19:13:58 GMT
c9fdd14170d04b02852c2f8806dafe8b.gif
decode.buzz/ 		220 KB
220 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://decode.buzz/c9fdd14170d04b02852c2f8806dafe8b.gif
Requested by
Host: decode.buzz
URL: http://decode.buzz/app.css?50a6bc1df97b520204e9
Protocol
HTTP/1.1
Server
170.82.173.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
3767800c671f68af816b211c0e03cccec1f250eff187c62751715ea609d5119b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
decode.buzz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://decode.buzz/app.css?50a6bc1df97b520204e9
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/app.css?50a6bc1df97b520204e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 19:13:59 GMT
Last-Modified
Fri, 26 Feb 2021 18:35:21 GMT
Server
gocache
x-amz-request-id
9NZDFK14FS67JPEE
ETag
"c9fdd14170d04b02852c2f8806dafe8b"
X-GoCache-CacheStatus
HIT
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
224819
x-amz-id-2
pVq0MFEs/y/Q9Ycxphf0nplfEejRmVtoK8IXutPwzlirMPwZtsvbcEv+mRSgDauknnbqwO+A+zA=
Expires
Mon, 25 Oct 2021 19:13:59 GMT
l
use.typekit.net/af/752019/00000000000000003b9b1336/27/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/752019/00000000000000003b9b1336/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/vld5don.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7a71e7a222f703e24afdf65191e38d7ab2753b510977b0d0f140c84e202cbcd7

Request headers

Referer
https://use.typekit.net/vld5don.css
Origin
http://decode.buzz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:58 GMT
server
nginx
etag
"5bfe475ef1d23d56aabb34e95a6a30a28541fe15"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
45436
l
use.typekit.net/af/d82519/00000000000000003b9b306a/27/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/d82519/00000000000000003b9b306a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/vld5don.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6ed3a3fa986545e83c16bd71a33aad6f88b9e4c47874878c80ad7c1d98fa749b

Request headers

Referer
https://use.typekit.net/vld5don.css
Origin
http://decode.buzz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:58 GMT
server
nginx
etag
"efcaeb7ec66a48cc4ec39a83b9de18cfc8949c9f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
34832
l
use.typekit.net/af/705e94/00000000000000003b9b3062/27/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/705e94/00000000000000003b9b3062/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/vld5don.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f37e21c653607facbf39ad55a0d09b23fbda4ee1be8202257bd4c218eb1544ee

Request headers

Referer
https://use.typekit.net/vld5don.css
Origin
http://decode.buzz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:58 GMT
server
nginx
etag
"79fea02668402fc378c129193093131a2db2577c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33568
l
use.typekit.net/af/1fb5d1/00000000000000003b9b1333/27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/1fb5d1/00000000000000003b9b1333/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n2&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/vld5don.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0a7669aaf10a63c59e7b77586e5e400f159f8be646cda10f55cb34e5185be4d2

Request headers

Referer
https://use.typekit.net/vld5don.css
Origin
http://decode.buzz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:58 GMT
server
nginx
etag
"e389aac878ed38c3a5a1dcbefbb605752d5b0f6d"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44604
l
use.typekit.net/af/da10e7/00000000000000003b9b1337/27/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/da10e7/00000000000000003b9b1337/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/vld5don.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6949dbd70d500bca119e31e32ea1d829536884636038b15c32411ab4a69e8240

Request headers

Referer
https://use.typekit.net/vld5don.css
Origin
http://decode.buzz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:58 GMT
server
nginx
etag
"81284a8fefb838febe765b3895655b91b6f06f3a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
48360
l
use.typekit.net/af/7f7551/00000000000000003b9b133b/27/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/7f7551/00000000000000003b9b133b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/vld5don.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
242992b71b33d19d5eda9462444f97d151f7a7b17bca41f6caa32fdad7eb891f

Request headers

Referer
https://use.typekit.net/vld5don.css
Origin
http://decode.buzz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:58 GMT
server
nginx
etag
"7f8bdd833f5992daa317747b6f32cde098b5ae99"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
45536
i
snowplow-pixel.dev.decode.buzz/
Redirect Chain
  • http://snowplow-pixel.dev.decode.buzz/i?stm=1634584438854&e=pv&url=http%3A%2F%2Fdecode.buzz%2F&page=Decode%20%7C%20Data%20analytics%20driving%20business&tv=js-2.13.0&tna=sc&aid=decode&p=web&tz=UTC&...
  • https://snowplow-pixel.dev.decode.buzz/i?stm=1634584438854&e=pv&url=http%3A%2F%2Fdecode.buzz%2F&page=Decode%20%7C%20Data%20analytics%20driving%20business&tv=js-2.13.0&tna=sc&aid=decode&p=web&tz=UTC...
43 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://snowplow-pixel.dev.decode.buzz/i?stm=1634584438854&e=pv&url=http%3A%2F%2Fdecode.buzz%2F&page=Decode%20%7C%20Data%20analytics%20driving%20business&tv=js-2.13.0&tna=sc&aid=decode&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=913f358e-644e-4579-a531-ba13deb28d5e&dtm=1634584438852&vp=1600x1200&ds=1600x4560&vid=1&sid=9bef1597-4148-48a6-a7eb-5e37769a56e2&duid=d61d6af6-443a-4a39-9405-2757e149e27a&uid=8727cb4e-bec3-4ad0-a54a-978b9a2e9594&co=%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fcontexts%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22iglu%3Acom.google.analytics%2Fcookies%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%7D%7D%2C%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fweb_page%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22id%22%3A%22ad950db7-085d-4e2b-9b66-ede22e2e6e30%22%7D%7D%2C%7B%22schema%22%3A%22iglu%3Aorg.w3%2FPerformanceTiming%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22navigationStart%22%3A1634584437696%2C%22unloadEventStart%22%3A0%2C%22unloadEventEnd%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A1634584437696%2C%22domainLookupStart%22%3A1634584437697%2C%22domainLookupEnd%22%3A1634584437707%2C%22connectStart%22%3A1634584437707%2C%22connectEnd%22%3A1634584437708%2C%22secureConnectionStart%22%3A0%2C%22requestStart%22%3A1634584437708%2C%22responseStart%22%3A1634584438330%2C%22responseEnd%22%3A1634584438331%2C%22domLoading%22%3A1634584438332%2C%22domInteractive%22%3A0%2C%22domContentLoadedEventStart%22%3A0%2C%22domContentLoadedEventEnd%22%3A0%2C%22domComplete%22%3A0%2C%22loadEventStart%22%3A0%2C%22loadEventEnd%22%3A0%7D%7D%5D%7D
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.236.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-236-255.compute-1.amazonaws.com
Software
nginx/1.17.10 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:59 GMT
server
nginx/1.17.10
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
43

Redirect headers

Location
https://snowplow-pixel.dev.decode.buzz:443/i?stm=1634584438854&e=pv&url=http%3A%2F%2Fdecode.buzz%2F&page=Decode%20%7C%20Data%20analytics%20driving%20business&tv=js-2.13.0&tna=sc&aid=decode&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=913f358e-644e-4579-a531-ba13deb28d5e&dtm=1634584438852&vp=1600x1200&ds=1600x4560&vid=1&sid=9bef1597-4148-48a6-a7eb-5e37769a56e2&duid=d61d6af6-443a-4a39-9405-2757e149e27a&uid=8727cb4e-bec3-4ad0-a54a-978b9a2e9594&co=%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fcontexts%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22iglu%3Acom.google.analytics%2Fcookies%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%7D%7D%2C%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fweb_page%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22id%22%3A%22ad950db7-085d-4e2b-9b66-ede22e2e6e30%22%7D%7D%2C%7B%22schema%22%3A%22iglu%3Aorg.w3%2FPerformanceTiming%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22navigationStart%22%3A1634584437696%2C%22unloadEventStart%22%3A0%2C%22unloadEventEnd%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A1634584437696%2C%22domainLookupStart%22%3A1634584437697%2C%22domainLookupEnd%22%3A1634584437707%2C%22connectStart%22%3A1634584437707%2C%22connectEnd%22%3A1634584437708%2C%22secureConnectionStart%22%3A0%2C%22requestStart%22%3A1634584437708%2C%22responseStart%22%3A1634584438330%2C%22responseEnd%22%3A1634584438331%2C%22domLoading%22%3A1634584438332%2C%22domInteractive%22%3A0%2C%22domContentLoadedEventStart%22%3A0%2C%22domContentLoadedEventEnd%22%3A0%2C%22domComplete%22%3A0%2C%22loadEventStart%22%3A0%2C%22loadEventEnd%22%3A0%7D%7D%5D%7D
Date
Mon, 18 Oct 2021 19:13:59 GMT
Server
awselb/2.0
Connection
keep-alive
Content-Length
134
Content-Type
text/html
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/ 		271 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1331341308443280&plah=decode.buzz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6fc03460ffda99c0b7c6b5d2dcd5ac4919b93bc795b3bf67160ec2734759bb71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99361
x-xss-protection
0
server
cafe
etag
1574554043133481994
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 18 Oct 2021 19:13:58 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/ Frame 81B2 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211013/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://decode.buzz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 17 Oct 2021 21:27:24 GMT
expires
Sun, 31 Oct 2021 21:27:24 GMT
content-type
text/html; charset=UTF-8
etag
9069739545958607985
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4691
x-xss-protection
0
age
78394
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV8H2VF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
1622
date
Mon, 18 Oct 2021 18:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 18 Oct 2021 20:46:57 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV8H2VF
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 19:13:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 19:17:49 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=68881
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
hotjar-1394349.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1394349.js?sv=6
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-81.fra56.r.cloudfront.net
Software
/
Resource Hash
34d01bb9321d5722044a83c5eae285826c782800a3453671cef373d9bce06606
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:59 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA56-C2
etag
W/aa5b717171c0573870bf87e479476374
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
content-length
1886
via
1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
x-amz-cf-id
34jyzPaXaEXCZxj9yEsK0SHoQVWT6NcCjuG0S0od1Ip4RyNJtxQfQg==
universal.min.js
tag.navdmp.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b98edac39ccf7e2b3ea35a1bc7def9189ec09455477d60336a5116427ab9889

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:59 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Oct 2021 14:59:50 GMT
server
cloudflare
age
3464
etag
W/"615f0b66-3235"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
6a041647fe48695e-FRA
content-type
application/javascript
expires
Mon, 18 Oct 2021 19:16:15 GMT
mtc.js
ec2-18-206-97-213.compute-1.amazonaws.com/mautic/index.php/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://ec2-18-206-97-213.compute-1.amazonaws.com/mautic/index.php/mtc.js
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
HTTP/1.1
Server
18.206.97.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-97-213.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25969
x-xss-protection
0
pragma
public
x-fb-debug
W3visnE6LLfwOn1ASItaLMNC1naJr6/DKeiylxRFkgC/u+gu7DLWOpARtbCJYmt3pY4kgBldMGjtLyxI6CoAEw==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 18 Oct 2021 19:13:59 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-782507193
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV8H2VF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec345b30adf8fccb0c5aa45729f7a22a2b4afc8c5f4bfc2fb10d234c1e145f3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39170
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 18:23:51 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 18 Oct 2021 19:13:59 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
178d266d1cd04b0a22f67fcbd236bbc6d5be2e4a0ec5ffbe90a41ac2b13195aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
HzQinLo5A7X8X+WwG5bSDw==
cross-origin-resource-policy
cross-origin
expires
Mon, 18 Oct 2021 19:26:40 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
aYP+bc5VNqTX4idS7f6Dima1yyemWf8idUoJR9yQbHxWyW+zcujB+FnDEl6xF6MmC6ibSYsLbhRia864k1bWUQ==
x-fb-trip-id
686109401
x-fb-content-md5
bbf4d52592751432efd79c2d032cb1e2
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 18 Oct 2021 19:13:59 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"4cd6d04a43c55a89557a06dc27093faa"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
www-player-webp.css
www.youtube.com/s/player/03869671/ Frame 2E6C 		335 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/03869671/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/10Vk9wGgrxA?controls=0&autoplay=1&disablekb=0&mute=1&rel=0&modestbranding=1&loop=1&playlist=10Vk9wGgrxA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35501bfd5f2a8d2d8fb04695bc80793b9aa7160ded872a9f89cc094b140f8702
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/10Vk9wGgrxA?controls=0&autoplay=1&disablekb=0&mute=1&rel=0&modestbranding=1&loop=1&playlist=10Vk9wGgrxA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 13:22:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
21117
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46953
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 00:20:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 18 Oct 2022 13:22:02 GMT
www-embed-player.js
www.youtube.com/s/player/03869671/www-embed-player.vflset/ Frame 2E6C 		209 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/03869671/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/10Vk9wGgrxA?controls=0&autoplay=1&disablekb=0&mute=1&rel=0&modestbranding=1&loop=1&playlist=10Vk9wGgrxA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44bd4220ae9afb42bdf6199a39b14bc6f4cc6ea44c1481dcde55e8359fc6f41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/10Vk9wGgrxA?controls=0&autoplay=1&disablekb=0&mute=1&rel=0&modestbranding=1&loop=1&playlist=10Vk9wGgrxA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 05:43:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
48617
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70136
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 00:20:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 18 Oct 2022 05:43:42 GMT
base.js
www.youtube.com/s/player/03869671/player_ias.vflset/de_DE/ Frame 2E6C 		2 MB
512 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/03869671/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/10Vk9wGgrxA?controls=0&autoplay=1&disablekb=0&mute=1&rel=0&modestbranding=1&loop=1&playlist=10Vk9wGgrxA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83e9eadcfefc66cf0bff70c9e3cdfde37f8a2071f82a0ed6bc464736e10463f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/10Vk9wGgrxA?controls=0&autoplay=1&disablekb=0&mute=1&rel=0&modestbranding=1&loop=1&playlist=10Vk9wGgrxA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 16:48:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
354321
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
523972
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 00:20:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 14 Oct 2022 16:48:38 GMT
fetch-polyfill.js
www.youtube.com/s/player/03869671/fetch-polyfill.vflset/ Frame 2E6C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/03869671/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/10Vk9wGgrxA?controls=0&autoplay=1&disablekb=0&mute=1&rel=0&modestbranding=1&loop=1&playlist=10Vk9wGgrxA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/10Vk9wGgrxA?controls=0&autoplay=1&disablekb=0&mute=1&rel=0&modestbranding=1&loop=1&playlist=10Vk9wGgrxA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 09:12:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
122468
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 00:20:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 17 Oct 2022 09:12:51 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2E6C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/10Vk9wGgrxA?controls=0&autoplay=1&disablekb=0&mute=1&rel=0&modestbranding=1&loop=1&playlist=10Vk9wGgrxA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 19:58:13 GMT
x-content-type-options
nosniff
age
602146
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Oct 2022 19:58:13 GMT
cookie.js
partner.googleadservices.com/gampad/ 		201 B
660 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=decode.buzz&callback=_gfp_s_&client=ca-pub-1331341308443280
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1331341308443280&plah=decode.buzz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
5f670342c6e23d240e79247ff9ad83c303b98731889fbd03c870fd7c0aedfdc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=decode.buzz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1331341308443280&plah=decode.buzz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 19:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=decode.buzz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1331341308443280&plah=decode.buzz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 19:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 83A4 		603 B
248 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1331341308443280&output=html&adk=1812271804&adf=3025194257&lmt=1614364523&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fdecode.buzz%2F&ea=0&flash=0&pra=5&wgl=1&dt=1634584438905&bpp=3&bdt=574&idt=132&shv=r20211013&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=804987163991&frm=20&pv=2&ga_vid=182995107.1634584439&ga_sid=1634584439&ga_hid=365812537&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062580%2C21066432%2C31062526%2C31063140%2C44748553&oid=2&pvsid=3447507930055429&pem=846&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=151
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1331341308443280&plah=decode.buzz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1331341308443280&output=html&adk=1812271804&adf=3025194257&lmt=1614364523&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fdecode.buzz%2F&ea=0&flash=0&pra=5&wgl=1&dt=1634584438905&bpp=3&bdt=574&idt=132&shv=r20211013&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=804987163991&frm=20&pv=2&ga_vid=182995107.1634584439&ga_sid=1634584439&ga_hid=365812537&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062580%2C21066432%2C31062526%2C31063140%2C44748553&oid=2&pvsid=3447507930055429&pem=846&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=151
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://decode.buzz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 18 Oct 2021 19:13:59 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 18-Oct-2021 19:28:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 18 Oct 2021 19:13:59 GMT
cache-control
private
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1226642&time=1634584439064&url=http%3A%2F%2Fdecode.buzz%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1226642%26time%3D1634584439064%26url%3Dhttp%253A%252F%252Fdecode.buzz%252F%26liSy...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1226642&time=1634584439064&url=http%3A%2F%2Fdecode.buzz%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1226642&time=1634584439064&url=http%3A%2F%2Fdecode.buzz%2F&liSync=true&e_ipv6=AQIiXhwYCp8XaAAAAXyU0yzRfk9cO9IAl0jE_eCYmvNmwJVjiivNELufSgHwh9tqL5z...
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1226642&time=1634584439064&url=http%3A%2F%2Fdecode.buzz%2F&liSync=true&e_ipv6=AQIiXhwYCp8XaAAAAXyU0yzRfk9cO9IAl0jE_eCYmvNmwJVjiivNELufSgHwh9tqL5zyoPtuO6g
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:14:00 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-edc2
content-type
application/javascript
content-length
0
x-li-uuid
KpQgXeM1rxZAwXAeGisAAA==

Redirect headers

date
Mon, 18 Oct 2021 19:14:00 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1226642&time=1634584439064&url=http%3A%2F%2Fdecode.buzz%2F&liSync=true&e_ipv6=AQIiXhwYCp8XaAAAAXyU0yzRfk9cO9IAl0jE_eCYmvNmwJVjiivNELufSgHwh9tqL5zyoPtuO6g
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
yQUJReM1rxYQV2SS5yoAAA==
56893
tag.navdmp.com/u/ 		511 B
512 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/u/56893
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
775f002bdf65e0787660eaa4aa948b7cd5353fa287cab0177bedd5862620146e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:59 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 07 Sep 2021 18:45:00 GMT
server
cloudflare
etag
W/"6137b32c-1ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
6a0416483f84695e-FRA
content-type
application/javascript
expires
Mon, 18 Oct 2021 20:13:59 GMT
collect
www.google-analytics.com/j/ 		2 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=365812537&t=pageview&_s=1&dl=http%3A%2F%2Fdecode.buzz%2F&ul=en-us&de=UTF-8&dt=Decode%20%7C%20Data%20analytics%20driving%20business&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=667599208&gjid=1318427150&cid=182995107.1634584439&tid=UA-141707848-1&_gid=1611022425.1634584439&_r=1&gtm=2wgad0TV8H2VF&z=1626960474
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://decode.buzz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 19:13:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://decode.buzz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-782507193
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
ea0ccf3eab05a27a83fdc3a0c60ede70d4d2f18bf8be6cbdcc221d43ad5686ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14430
x-xss-protection
0
server
cafe
etag
16924264664223707549
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 18 Oct 2021 19:13:59 GMT
bc-v3.min.html
consentcdn.cookiebot.com/sdk/ Frame 0BDF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:281::f09 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75

Request headers

:method
GET
:authority
consentcdn.cookiebot.com
:scheme
https
:path
/sdk/bc-v3.min.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://decode.buzz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"b10de1f5f615a79259ac9e34f470ce1d:1615283706.572935"
last-modified
Tue, 09 Mar 2021 09:55:06 GMT
server
AkamaiNetStorage
x-akamai-transformed
9 - 0 pmb=mRUM,1
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=336
expires
Mon, 18 Oct 2021 19:19:35 GMT
date
Mon, 18 Oct 2021 19:13:59 GMT
content-length
895
server-timing
cdn-cache; desc=HIT edge; dur=1
configuration.js
consentcdn.cookiebot.com/consentconfig/308e243a-ba91-4ceb-921b-83b1af7221c2/decode.buzz/ 		1 KB
710 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/consentconfig/308e243a-ba91-4ceb-921b-83b1af7221c2/decode.buzz/configuration.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:281::f09 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
18dca1578dd738cb39fa7c31d0f8e696d1bc448e71054dca04faf4ee80a42d8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:59 GMT
content-encoding
gzip
last-modified
Thu, 26 Aug 2021 22:17:47 GMT
server
AkamaiNetStorage
etag
"c3755165e22985c135e36e9c9d9d6234:1630016267.567457"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=60430
server-timing
cdn-cache; desc=HIT, edge; dur=16
accept-ranges
bytes
content-length
432
expires
Tue, 19 Oct 2021 12:01:09 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-141707848-1&cid=182995107.1634584439&jid=667599208&gjid=1318427150&_gid=1611022425.1634584439&_u=YAhAAEAAAAAAAC~&z=1995428926
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://decode.buzz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 18 Oct 2021 19:13:59 GMT
content-type
text/plain
access-control-allow-origin
http://decode.buzz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.a781ddf321f3456bdb6f.js
script.hotjar.com/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.a781ddf321f3456bdb6f.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1394349.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-128.fra56.r.cloudfront.net
Software
/
Resource Hash
ffcffad8689299e55e26c56cd30d145407515175be19d3bee0b21325e28973d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 09:07:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
295613
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59836
access-control-allow-origin
*
last-modified
Fri, 15 Oct 2021 09:07:04 GMT
etag
"67449d2fea2c8c43e209959c85a6770b"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 08b9c2fd11813ffdb8fa03129d0a465d.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
9yT5bXbDRXZYo1av_WmqmpkCzHhuxxawWgDSS_yuJFznBcCKqIAyyw==
id
googleads.g.doubleclick.net/pagead/ Frame 2E6C 		113 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/03869671/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76adb7dca964da9585b3b8b3655dd187467cf6231eb968c147fc1c65794b208d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 2E6C 		29 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/03869671/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:00 GMT
x-content-type-options
nosniff
age
59
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Oct 2021 19:28:00 GMT
2389237111334472
connect.facebook.net/signals/config/ 		490 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2389237111334472?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7055f4326f98d7db328069e5a140b3b3e14027a8dbdb1015c3ece154e085cc37
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
87GJ9AlmEuaz525kLrZfhLeL/HebcztsmF4KWsgSvbqwfcES2vcJ5kvx45kuTBK/7g1AyX0zhd+joK0BtxCeTQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 18 Oct 2021 19:13:59 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		271 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=047ebed99948ef6775f1d37240832dce
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c80d26cc88fc713e4c79f49ea556cec89af7df817c700b1a28135cf6311d5f79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://decode.buzz/
Origin
http://decode.buzz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
TeK6cGximsfT2GxBl+UbRg==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
77983
x-fb-rlafr
0
x-fb-debug
LGJVwVeKiWBJ3PKs/qGza0HDq48asaN3Ac9u29EVU1LNe76j6mFlUjc6qRmZIPZPxSqiKhTI3M2JFQA7ZbSrVw==
x-fb-trip-id
686109401
x-fb-content-md5
30e896d729f034e3560aad1843a25f67
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 18 Oct 2021 19:13:59 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"5b109bf63697ee1ba15f0df6948c045c"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 18 Oct 2022 19:06:40 GMT
box-3333a05ac05419926bfc064e06a742b1.html
vars.hotjar.com/ Frame 81DB 		0
0
qoe
www.youtube.com/api/stats/ Frame 2E6C 		0
200 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?event=streamingstats&cpn=4CLACgaU12ZMaqsx&el=embedded&docid=10Vk9wGgrxA&ns=yt&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24064555%2C24080738%2C24082662%2C24101841%2C24106092%2C24106548%2C24116772&cl=402943675&seq=1&cbr=Chrome&cbrver=93.0.4577.63&c=WEB_EMBEDDED_PLAYER&cver=1.20211013.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth:0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/03869671/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/10Vk9wGgrxA?controls=0&autoplay=1&disablekb=0&mute=1&rel=0&modestbranding=1&loop=1&playlist=10Vk9wGgrxA
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 19:13:59 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.js
www.youtube.com/s/player/03869671/player_ias.vflset/de_DE/ Frame 2E6C 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/03869671/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/03869671/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6b5da04fa44e9bd96ff49c1b07d0805d98c94b641b2b633e3185c07310f8033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/10Vk9wGgrxA?controls=0&autoplay=1&disablekb=0&mute=1&rel=0&modestbranding=1&loop=1&playlist=10Vk9wGgrxA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 16:48:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
354319
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7363
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 00:20:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 14 Oct 2022 16:48:40 GMT
cdreport.js
consent.cookiebot.com/308e243a-ba91-4ceb-921b-83b1af7221c2/ 		266 B
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/308e243a-ba91-4ceb-921b-83b1af7221c2/cdreport.js?referer=http%3A%2F%2Fdecode.buzz%2F
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/308e243a-ba91-4ceb-921b-83b1af7221c2/cd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba79 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
70b0be7392649332cf43d40da303e69c01622e0cfafa65805a35f76aefa49290

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 19:13:59 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
max-age=0, no-cache, no-store
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
content-length
292
expires
Mon, 18 Oct 2021 19:13:59 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/782507193/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782507193/?random=1634584439358&cv=9&fst=1634584439358&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaad0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fdecode.buzz%2F&tiba=Decode%20%7C%20Data%20analytics%20driving%20business&hn=www.googleadservices.com&us_privacy=1YNY&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a8baa16b706e13fc6b9c55e555d4aa720c1a25cd85d355e82ad9d433b178881
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 19:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1041
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usr
usr.navdmp.com/ 		358 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=9&acc=56893&u=1&new=1&wst=0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4c5a6551ad6ca2dd07c422e85bcce9e063be8c29ed73af9c2c2a1eeca7029f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Mon, 18 Oct 2021 19:13:59 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6a04164a2bbd695e-FRA
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
content-type
application/javascript
expires
Mon, 18 Oct 2021 20:13:59 GMT
box-3333a05ac05419926bfc064e06a742b1.html
vars.hotjar.com/ Frame 97A0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-3333a05ac05419926bfc064e06a742b1.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-26.fra53.r.cloudfront.net
Software
/
Resource Hash
815099f427b52d9ed44b6a8e5820e030f91edc83ff9036af91d244790da18520

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-3333a05ac05419926bfc064e06a742b1.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://decode.buzz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/

Response headers

content-type
text/html
content-length
1044
date
Fri, 15 Oct 2021 09:07:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"5714afe29acafadac58f3f7dcf18fd6b"
last-modified
Fri, 15 Oct 2021 09:07:04 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
M1AO0MAxCBQWH_zKhZjTZSxdTTHIvmotSKQKKtBXmkix_DjPRLNrzg==
age
295614
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=387752969416075&ev=fb_page_view&dl=http%3A%2F%2Fdecode.buzz%2F&rl=&if=false&ts=1634584439437&sw=1600&sh=1200&at=
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 18 Oct 2021 19:13:59 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2389237111334472&ev=PageView&dl=http%3A%2F%2Fdecode.buzz%2F&rl=&if=false&ts=1634584439470&sw=1600&sh=1200&v=2.9.47&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1634584439469.1987884442&it=1634584439259&coo=false&exp=p1&rqm=GET
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 18 Oct 2021 19:13:59 GMT
/
www.google.com/pagead/1p-user-list/782507193/ 		42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/782507193/?random=1634584439358&cv=9&fst=1634583600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaad0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fdecode.buzz%2F&tiba=Decode%20%7C%20Data%20analytics%20driving%20business&async=1&fmt=3&is_vtc=1&random=2435797296&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 19:13:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/782507193/ 		42 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/782507193/?random=1634584439358&cv=9&fst=1634583600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaad0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fdecode.buzz%2F&tiba=Decode%20%7C%20Data%20analytics%20driving%20business&async=1&fmt=3&is_vtc=1&random=2435797296&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 19:13:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
snowplow-pixel.dev.decode.buzz/
Redirect Chain
  • http://snowplow-pixel.dev.decode.buzz/i?stm=1634584439501&e=tr&tv=js-2.13.0&tna=sc&aid=decode&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_...
  • https://snowplow-pixel.dev.decode.buzz/i?stm=1634584439501&e=tr&tv=js-2.13.0&tna=sc&aid=decode&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f...
43 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://snowplow-pixel.dev.decode.buzz/i?stm=1634584439501&e=tr&tv=js-2.13.0&tna=sc&aid=decode&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=6deb9f82-a841-42a9-a2fe-95a64765bced&dtm=1634584438855&vp=1600x1200&ds=1600x4560&vid=1&sid=9bef1597-4148-48a6-a7eb-5e37769a56e2&duid=d61d6af6-443a-4a39-9405-2757e149e27a&uid=8727cb4e-bec3-4ad0-a54a-978b9a2e9594&url=http%3A%2F%2Fdecode.buzz%2F&co=%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fcontexts%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22iglu%3Acom.google.analytics%2Fcookies%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%7D%7D%2C%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fweb_page%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22id%22%3A%22ad950db7-085d-4e2b-9b66-ede22e2e6e30%22%7D%7D%2C%7B%22schema%22%3A%22iglu%3Aorg.w3%2FPerformanceTiming%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22navigationStart%22%3A1634584437696%2C%22unloadEventStart%22%3A0%2C%22unloadEventEnd%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A1634584437696%2C%22domainLookupStart%22%3A1634584437697%2C%22domainLookupEnd%22%3A1634584437707%2C%22connectStart%22%3A1634584437707%2C%22connectEnd%22%3A1634584437708%2C%22secureConnectionStart%22%3A0%2C%22requestStart%22%3A1634584437708%2C%22responseStart%22%3A1634584438330%2C%22responseEnd%22%3A1634584438331%2C%22domLoading%22%3A1634584438332%2C%22domInteractive%22%3A0%2C%22domContentLoadedEventStart%22%3A0%2C%22domContentLoadedEventEnd%22%3A0%2C%22domComplete%22%3A0%2C%22loadEventStart%22%3A0%2C%22loadEventEnd%22%3A0%7D%7D%5D%7D
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.236.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-236-255.compute-1.amazonaws.com
Software
nginx/1.17.10 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:59 GMT
server
nginx/1.17.10
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
43

Redirect headers

Location
https://snowplow-pixel.dev.decode.buzz:443/i?stm=1634584439501&e=tr&tv=js-2.13.0&tna=sc&aid=decode&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=6deb9f82-a841-42a9-a2fe-95a64765bced&dtm=1634584438855&vp=1600x1200&ds=1600x4560&vid=1&sid=9bef1597-4148-48a6-a7eb-5e37769a56e2&duid=d61d6af6-443a-4a39-9405-2757e149e27a&uid=8727cb4e-bec3-4ad0-a54a-978b9a2e9594&url=http%3A%2F%2Fdecode.buzz%2F&co=%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fcontexts%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22iglu%3Acom.google.analytics%2Fcookies%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%7D%7D%2C%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fweb_page%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22id%22%3A%22ad950db7-085d-4e2b-9b66-ede22e2e6e30%22%7D%7D%2C%7B%22schema%22%3A%22iglu%3Aorg.w3%2FPerformanceTiming%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22navigationStart%22%3A1634584437696%2C%22unloadEventStart%22%3A0%2C%22unloadEventEnd%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A1634584437696%2C%22domainLookupStart%22%3A1634584437697%2C%22domainLookupEnd%22%3A1634584437707%2C%22connectStart%22%3A1634584437707%2C%22connectEnd%22%3A1634584437708%2C%22secureConnectionStart%22%3A0%2C%22requestStart%22%3A1634584437708%2C%22responseStart%22%3A1634584438330%2C%22responseEnd%22%3A1634584438331%2C%22domLoading%22%3A1634584438332%2C%22domInteractive%22%3A0%2C%22domContentLoadedEventStart%22%3A0%2C%22domContentLoadedEventEnd%22%3A0%2C%22domComplete%22%3A0%2C%22loadEventStart%22%3A0%2C%22loadEventEnd%22%3A0%7D%7D%5D%7D
Date
Mon, 18 Oct 2021 19:13:59 GMT
Server
awselb/2.0
Connection
keep-alive
Content-Length
134
Content-Type
text/html
req
cdn.navdmp.com/ 		6 B
78 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=9&id=f8c2cf3e8c6281a4c5e02eb5509%7C0&acc=56893&tit=Decode%2520%257C%2520Data%2520analytics%2520driving%2520business&url=http%253A%2F%2Fdecode.buzz%2F&upd=1&new=1
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a04164b4eba695e-FRA
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/x-javascript
sync
sync2.navdmp.com/
Redirect Chain
  • http://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=66776265704
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm=&id=66776265704&id=66776265704
  • https://sync2.navdmp.com/sync?prtid=2&id=66776265704&id=66776265704&google_gid=CAESEPj99b09Xrv2HsZSOv6rMpE&google_cver=1
6 B
58 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync2.navdmp.com/sync?prtid=2&id=66776265704&id=66776265704&google_gid=CAESEPj99b09Xrv2HsZSOv6rMpE&google_cver=1
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a04164c28b1695e-FRA
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 19:13:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync2.navdmp.com/sync?prtid=2&id=66776265704&id=66776265704&google_gid=CAESEPj99b09Xrv2HsZSOv6rMpE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
333
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync.navdmp.com/
Redirect Chain
  • http://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
  • https://sync.navdmp.com/sync?img=1&mdia=ad70616d-c777-4c00-b03a-23adcddf667a
43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?img=1&mdia=ad70616d-c777-4c00-b03a-23adcddf667a
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:59 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cf-ray
6a04164c695f695e-FRA
content-length
43

Redirect headers

Date
Mon, 18 Oct 2021 19:13:59 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x8 config:1.0.1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://sync.navdmp.com/sync?img=1&mdia=ad70616d-c777-4c00-b03a-23adcddf667a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Mon, 18 Oct 2021 19:13:58 GMT
cms
cms.analytics.yahoo.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cms.analytics.yahoo.com/cms?partner_id=NAVEG
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
HTTP/1.1
Server
212.82.100.182 , Switzerland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spcms.pbp.vip.ir2.yahoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
cc.js
consent.cookiebot.com/308e243a-ba91-4ceb-921b-83b1af7221c2/ 		367 B
794 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/308e243a-ba91-4ceb-921b-83b1af7221c2/cc.js?renew=false&referer=decode.buzz&dnt=false&forceshow=false&cbid=308e243a-ba91-4ceb-921b-83b1af7221c2&brandid=Cookiebot&framework=
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba79 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5b5305772f1664901add1dfb33bb600096c4b3de545eb5806db261b34994601a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:59 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
private, max-age=60
access-control-allow-headers
cache-control, expires, Access-Control-Allow-Headers, Origin, Pragma, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
353
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2389237111334472&ev=Microdata&dl=http%3A%2F%2Fdecode.buzz%2F&rl=&if=false&ts=1634584439973&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Decode%20%7C%20Data%20analytics%20driving%20business%22%2C%22meta%3Adescription%22%3A%22A%20Decode%20desenvolve%20solu%C3%A7%C3%B5es%20em%20data%20analytics%2C%20big%20data%20e%20data%20driven%20marketing%20com%20foco%20em%20gera%C3%A7%C3%A3o%20de%20leads%20qualificados%20e%20novas%20oportunidades%20de%20neg%C3%B3cio.%22%2C%22meta%3Akeywords%22%3A%22big%20data%2C%20data%20analytics%2C%20analytics%2C%20business%20intelligence%2C%20new%20business%2C%20data%20driven%2C%20data%20driven%20marketing%2C%20datalake%2C%20database%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Decode%20%7C%20Data%20analytics%20driving%20business%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fdecode.buzz%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fdecode.buzz%2Fsocial-share.png%22%2C%22og%3Adescription%22%3A%22A%20Decode%20desenvolve%20solu%C3%A7%C3%B5es%20em%20data%20analytics%2C%20big%20data%20e%20data%20driven%20marketing%20com%20foco%20em%20gera%C3%A7%C3%A3o%20de%20leads%20qualificados%20e%20novas%20oportunidades%20de%20neg%C3%B3cio.%22%2C%22og%3Asite_name%22%3A%22Decode%20%7C%20Data%20analytics%20driving%20business%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1634584439469.1987884442&it=1634584439259&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Requested by
Host: decode.buzz
URL: http://decode.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:13:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 18 Oct 2021 19:13:59 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211013&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1331341308443280&plah=decode.buzz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
133b06a7c54958802be419281ec8dddfd75b96c0d31bf963604f6f5fdd071dea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 19:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8583
x-xss-protection
0
modules.a781ddf321f3456bdb6f.js
script.hotjar.com/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.a781ddf321f3456bdb6f.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-128.fra56.r.cloudfront.net
Software
/
Resource Hash
ffcffad8689299e55e26c56cd30d145407515175be19d3bee0b21325e28973d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 09:07:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
295614
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59836
access-control-allow-origin
*
last-modified
Fri, 15 Oct 2021 09:07:04 GMT
etag
"67449d2fea2c8c43e209959c85a6770b"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 08b9c2fd11813ffdb8fa03129d0a465d.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
lFm9Le32n7nNVgprlAm1oMLgiOW32ZxaKiVYlpxIMU4nyUHQZqU6Bg==
2389237111334472
connect.facebook.net/signals/config/ 		490 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2389237111334472?v=2.9.47&r=stable
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7055f4326f98d7db328069e5a140b3b3e14027a8dbdb1015c3ece154e085cc37
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
146713
x-xss-protection
0
pragma
public
x-fb-debug
87GJ9AlmEuaz525kLrZfhLeL/HebcztsmF4KWsgSvbqwfcES2vcJ5kvx45kuTBK/7g1AyX0zhd+joK0BtxCeTQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 18 Oct 2021 19:14:00 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1331341308443280&plah=decode.buzz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 18 Oct 2021 19:14:00 GMT
sdk.js
connect.facebook.net/en_US/ 		271 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=047ebed99948ef6775f1d37240832dce
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c80d26cc88fc713e4c79f49ea556cec89af7df817c700b1a28135cf6311d5f79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://decode.buzz/
Origin
http://decode.buzz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
TeK6cGximsfT2GxBl+UbRg==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
77983
x-fb-rlafr
0
x-fb-debug
LGJVwVeKiWBJ3PKs/qGza0HDq48asaN3Ac9u29EVU1LNe76j6mFlUjc6qRmZIPZPxSqiKhTI3M2JFQA7ZbSrVw==
x-fb-trip-id
686109401
x-fb-content-md5
30e896d729f034e3560aad1843a25f67
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 18 Oct 2021 19:14:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"5b109bf63697ee1ba15f0df6948c045c"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 18 Oct 2022 19:06:40 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/782507193/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782507193/?random=1634584439358&cv=9&fst=1634584439358&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaad0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fdecode.buzz%2F&tiba=Decode%20%7C%20Data%20analytics%20driving%20business&hn=www.googleadservices.com&us_privacy=1YNY&async=1&rfmt=3&fmt=4
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
32bfa96b7375897f3dfa189ec6c5b5b8f6c38a28b2682e641c5a757945436d6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 19:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1039
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame BA84 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://decode.buzz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 18 Oct 2021 19:07:31 GMT
expires
Tue, 18 Oct 2022 19:07:31 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
389
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 9DAC 		783 B
980 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8c2107d6a0d1d6c8ae8f18bca1e77895128b4ae3ab108f7b5607497e007b5a5b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1az9l1kvip6XKYvF0vvK/Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://decode.buzz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 18 Oct 2021 19:14:00 GMT
date
Mon, 18 Oct 2021 19:14:00 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-1az9l1kvip6XKYvF0vvK/Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
www.google.com/pagead/1p-user-list/782507193/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/782507193/?random=1634584439358&cv=9&fst=1634583600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaad0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fdecode.buzz%2F&tiba=Decode%20%7C%20Data%20analytics%20driving%20business&async=1&fmt=3&is_vtc=1&random=3619308738&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 19:14:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/782507193/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/782507193/?random=1634584439358&cv=9&fst=1634583600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaad0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fdecode.buzz%2F&tiba=Decode%20%7C%20Data%20analytics%20driving%20business&async=1&fmt=3&is_vtc=1&random=3619308738&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 19:14:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usr
usr.navdmp.com/ 		1 KB
818 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=9&acc=56893&u=1&new=1&wst=0
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffdc4ef67815c82ae89a1b8886454a8b4f859d78e2ed1817186d4da2ac614074

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Mon, 18 Oct 2021 19:14:00 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6a0416520e4a695e-FRA
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
content-type
application/javascript
expires
Mon, 18 Oct 2021 20:14:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9DAC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211013&jk=3447507930055429&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
sync
ad.sxp.smartclip.net/
Redirect Chain
  • http://ad.sxp.smartclip.net/sync?type=red&dsp=75
  • http://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1
42 B
312 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1
Protocol
HTTP/1.1
Server
35.186.194.101 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.194.186.35.bc.googleusercontent.com
Software
nginx/1.17.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 19:14:00 GMT
Via
1.1 google
Access-Control-Allow-Credentials
true
Server
nginx/1.17.6
Content-Type
image/gif
Content-Length
42
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

Redirect headers

Location
http://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1
Date
Mon, 18 Oct 2021 19:14:00 GMT
Via
1.1 google
Access-Control-Allow-Credentials
true
Server
nginx/1.17.6
Content-Length
0
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
sync
sync.navdmp.com/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D&_test=YW3HeAAKH968pgA6
  • https://sync.navdmp.com/sync?prtid=17&tubid=YW3HeAAKH968pgA6&_test=YW3HeAAKH968pgA6
6 B
58 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.navdmp.com/sync?prtid=17&tubid=YW3HeAAKH968pgA6&_test=YW3HeAAKH968pgA6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:14:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a041653ead7695e-FRA
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 19:14:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1634584441.351443,VS0,VE0
x-served-by
cache-fra19133-FRA
x-cache
HIT
location
https://sync.navdmp.com/sync?prtid=17&tubid=YW3HeAAKH968pgA6&_test=YW3HeAAKH968pgA6
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
navegg.php
gu.dyntrk.com/dp/ 		0
215 B 		Script
General
Check archive.org
Download Go to
Full URL
http://gu.dyntrk.com/dp/navegg.php?pid=nav3gg&uid=66776265704
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
HTTP/1.1
Server
51.178.20.140 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31193670.ip-51-178-20.eu
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
tpid=66776265704
sync.crwdcntrl.net/map/c=15478/tp=NVEG/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://sync.crwdcntrl.net/map/c=15478/tp=NVEG/tpid=66776265704?https%3A//sync.navdmp.com/sync%3Fprtid%3D38%26lotid%3D%24%7Bprofile_id%7D
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
HTTP/1.1
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 19:14:00 GMT
Server
Jetty(9.4.38.v20210224)
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
10.45.16.47
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
Expires
0
sync
sync.navdmp.com/
Redirect Chain
  • http://tags.bluekai.com/site/31435?id=66776265704&redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D18%26blkid%3D%24_BK_UUID
  • https://tags.bluekai.com/site/31435?id=66776265704&redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D18%26blkid%3D%24_BK_UUID
  • https://sync.navdmp.com/sync?prtid=18&blkid=$_BK_UUID
6 B
58 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.navdmp.com/sync?prtid=18&blkid=$_BK_UUID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:14:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a0416542b65695e-FRA
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript

Redirect headers

Location
https://sync.navdmp.com/sync?prtid=18&blkid=$_BK_UUID
Date
Mon, 18 Oct 2021 19:14:00 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cm
trc.taboola.com/sg/navegg/1/ 		43 B
390 B 		Script
General
Check archive.org
Download Go to
Full URL
http://trc.taboola.com/sg/navegg/1/cm
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
HTTP/1.1
Server
2a04:4e42:400::300 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c37e5682407d07e7974304b5334721abfcaaf80533aa565ee3a2f66de1f6676f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-vcl-time-ms
9
Pragma
no-cache
Date
Mon, 18 Oct 2021 19:14:00 GMT
Via
1.1 varnish
Server
nginx
X-Timer
S1634584441.811912,VS0,VE9
X-Served-By
cache-fra19170-FRA
Transfer-Encoding
chunked
X-Cache
MISS
Cache-Control
no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
X-Cache-Hits
0
usermatch.gif
beacon.krxd.net/ 		0
481 B 		Script
General
Check archive.org
Download Go to
Full URL
http://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=f8c2cf3e8decadc290837074009
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
HTTP/1.1
Server
99.81.82.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-82-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 19:14:00 GMT
Cache-Control
private, no-cache, no-store
X-Request-Time
D=37 t=1634584440
Connection
keep-alive
P3P
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
X-Served-By
beacon-n021-dub-prod.krxd.net
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • http://dpm.demdex.net/ibs:dpid=822&dpuuid=66776265704&redir=https%3A//sync.navdmp.com/sync%3Fid%3D66776265704%26adID%3D%24%7BDD_UUID%7D%26img%3D1
  • http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=822&dpuuid=66776265704&redir=https%3A//sync.navdmp.com/sync%3Fid%3D66776265704%26adID%3D%24%7BDD_UUID%7D%26img%3D1
42 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=822&dpuuid=66776265704&redir=https%3A//sync.navdmp.com/sync%3Fid%3D66776265704%26adID%3D%24%7BDD_UUID%7D%26img%3D1
Protocol
HTTP/1.1
Server
52.49.107.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-107-116.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v019-0161463b5.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
xnJ12YLfSrk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v019-003e67e75.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
X-TID
cl3sVqhoTwU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=822&dpuuid=66776265704&redir=https%3A//sync.navdmp.com/sync%3Fid%3D66776265704%26adID%3D%24%7BDD_UUID%7D%26img%3D1
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.navdmp.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://sync.navdmp.com/sync?appNx=$UID&img=1
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync.navdmp.com%2Fsync%3FappNx%3D%24UID%26img%3D1
  • https://sync.navdmp.com/sync?appNx=5521053498254226661&img=1
43 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?appNx=5521053498254226661&img=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:14:01 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cf-ray
6a041653daa6695e-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 19:14:00 GMT
X-Proxy-Origin
136.243.39.146; 136.243.39.146; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9aaacf9d-5a5a-45c3-911d-38b24d179122
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.navdmp.com/sync?appNx=5521053498254226661&img=1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
sync.navdmp.com/
Redirect Chain
  • http://match.adsrvr.org/track/cmf/generic?ttd_pid=u7695wg&ttd_tpi=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=u7695wg&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=u7695wg&ttd_tpi=1
  • https://sync.navdmp.com/sync?img=1&prtid=31&ttdid=fbec07c7-f487-49da-b3d4-3e6cd34e39e4
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?img=1&prtid=31&ttdid=fbec07c7-f487-49da-b3d4-3e6cd34e39e4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:14:01 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cf-ray
6a0416546bfa695e-FRA
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 19:14:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.navdmp.com/sync?img=1&prtid=31&ttdid=fbec07c7-f487-49da-b3d4-3e6cd34e39e4
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
203
getuid
sync.smartadserver.com/
Redirect Chain
  • http://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fsync.navdmp.com%2Fsync%3Fprtid%3D36%26uid%3D%5Bsas_uid%5D
  • http://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
Protocol
HTTP/1.1
Server
185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:14:00 GMT
content-length
0

Redirect headers

location
http://sync.smartadserver.com:80/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
pragma
no-cache
date
Mon, 18 Oct 2021 19:14:00 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
req
cdn.navdmp.com/ 		6 B
58 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=9&id=f8c2cf3e8c6281a4c5e02eb5509%7C0&acc=56893&tit=Decode%2520%257C%2520Data%2520analytics%2520driving%2520business&url=http%253A%2F%2Fdecode.buzz%2F&upd=1&new=1
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:14:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a0416533915695e-FRA
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/x-javascript
sync
sync2.navdmp.com/
Redirect Chain
  • http://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=66776265704
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm=&id=66776265704&id=66776265704
  • https://sync2.navdmp.com/sync?prtid=2&id=66776265704&id=66776265704&google_gid=CAESEPj99b09Xrv2HsZSOv6rMpE&google_cver=1
6 B
58 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync2.navdmp.com/sync?prtid=2&id=66776265704&id=66776265704&google_gid=CAESEPj99b09Xrv2HsZSOv6rMpE&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:14:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a0416544bb7695e-FRA
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 19:14:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync2.navdmp.com/sync?prtid=2&id=66776265704&id=66776265704&google_gid=CAESEPj99b09Xrv2HsZSOv6rMpE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
333
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 2E6C 		28 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/03869671/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/10Vk9wGgrxA?controls=0&autoplay=1&disablekb=0&mute=1&rel=0&modestbranding=1&loop=1&playlist=10Vk9wGgrxA
X-YouTube-Client-Version
1.20211013.1.0
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtqX0dTaEY5N0p6OCj2jreLBg%3D%3D
X-YouTube-Ad-Signals
dt=1634584439196&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1800&vis=1&wgl=true&ca_type=image&bid=ANyPxKogQJWkJkycCRXd7mghB59N4nFemt1WgceFm-Txcpa3VCmvKYaa_sl86Q79WrCqbEwYLXTlDlGGg48cIVGCgbq5bB7Mww

Response headers

date
Mon, 18 Oct 2021 19:14:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Mon, 18 Oct 2021 19:14:01 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211013&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1331341308443280&plah=decode.buzz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35688f0030b4f959768554b8ec5d5d520c916193a9a8247241b3c43fc90415b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 19:14:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8535
x-xss-protection
0
6ezQI-oG7_JBlIQWa0q_6kDxCwRKhGyZnEhX1xufIgc.js
pagead2.googlesyndication.com/bg/ Frame BA84 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6ezQI-oG7_JBlIQWa0q_6kDxCwRKhGyZnEhX1xufIgc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9ecd023ea06eff2419484166b4abfea40f10b044a846c999c4857d71b9f2207
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:22:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
6708
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13172
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 18 Oct 2022 17:22:14 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1331341308443280&plah=decode.buzz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:14:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 18 Oct 2021 19:14:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 8C7D 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://decode.buzz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 18 Oct 2021 19:07:31 GMT
expires
Tue, 18 Oct 2022 19:07:31 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
391
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 91E6 		783 B
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b9fcba1068b55cdb9d49080c3e77aa1f6592282f4d51fba576b6e31d7c90014e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XoQAhRJoohyPDt6kYxAGCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://decode.buzz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 18 Oct 2021 19:14:02 GMT
date
Mon, 18 Oct 2021 19:14:02 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-XoQAhRJoohyPDt6kYxAGCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211013&jk=3447507930055429&bg=!goGlgcXNAAao6lBpqOo7ACkAdvg8Wv_cZ_AguSi_HiBO9LOBy-lKTXVHGbrTPzBSTGpxp4gC8LC-SAIAAAB9UgAAAApoAQcKAM1s-gaFNiqQq75r7vfDXARsJB81HiyEuepdWfeUXBv0wwqKvzfdxsi9Vw_tUEgDBDyMJK7J41QXGlCVw40Nop0z4wyx94u3ZFy1-o5kLUiiUKZ7SHnfhI1S0MsYp6CPGgBCNcuKfLn-5IIu4i0KILtB42QBHOWdoNyV3gSen4SrlH86KrwGq1yWWKJN0e5Clt0uvsqqc-6HurncBcH4PGCRZaQFT_GxdQo-RWPaUqYgWsbNt-6xsMfsLIa_s_uzZvGqv5osyXQEgKi6_aAKmQKy0BtG8tNtmRiQx4wqHh7fMmAobG3MYoHXETOMxW4eY3xNdxZpwz9zcBH8dd4sXuDDXmBK0LLNJd4cABLFsdHG9gAt4qWdLJC7CbZtRHYau-CjlILE5A2sXi3-y6x49tkBlW7cOBtVGsT04oa2DE1IkhjhumQXiHgy_Dnv_WkkKJQkWfJmSlqweda0yNw7VF3yw1OCDDG83HNIWa7nHTzZT314gMxsP-2mD-BvW8IXX0nnchgm0k1SWSh6DEjN8E8NzSdk2zHZDCoENR4jlEEv-x7bYY7py8Ip5jS3EVaT_9vq23PfTUNgU7SxFCwdr_0QS55z9gmXWNRhznlBb7v2xxUlVtvlxK1RerNAkdG9fUSIGpEJOfT4Iq-8M6I_ahX5p5viJCcf-AfQOHn8SmrscZyJTgx8E20AkK4jEqTGnB2B6RQu5IdevktsrGXFz-vnXetPZikxIpyIpF5Lw3nEDezbWQOGAxMKmLdQSz-sKVZWOT00PmGKAsw2eG3QlijwPHnjnyLyhVKlq_wBwuyAF0HLw8IV8HcbpwXQxIfVbNkossq_s3g5-jM8m3HrvOmkpFmODDSescKF9awx00rM-fc-coOlcmAZ45IydxKhtGd8AHuMw9pvlwFgYv8AKW01thiYCnSw7k3vQm-MS4SwNUwDLrrdG8H9jrBvlVM9RSh4lZRDWmw3WwwxTvQhg8H0-R6-tKr03dTkakmxTOIfmIr2qqn6WszAHJzxeBdfjLqU4VGjSGsUsoRy9DPHcEI9LK0UFLtoYVz_dr12yYE1ThHtC_kdgXbWeG9wi--RbulgrwC0gaPX2hnfSV40-6rt_G62v5BJgs6JVifTncQjrMl05G8T4EDfdFPhVmCLvQvqGTJLbzq0yVE8xUTWHAfXdCjTUPQ8o2kUCj-MbqF2jpAI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 19:14:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6ezQI-oG7_JBlIQWa0q_6kDxCwRKhGyZnEhX1xufIgc.js
pagead2.googlesyndication.com/bg/ Frame 8C7D 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6ezQI-oG7_JBlIQWa0q_6kDxCwRKhGyZnEhX1xufIgc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9ecd023ea06eff2419484166b4abfea40f10b044a846c999c4857d71b9f2207
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:22:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
6708
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13172
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 18 Oct 2022 17:22:14 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 91E6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211013&jk=3447507930055429&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211013&jk=3447507930055429&bg=!tbaltvLNAAao6lBpqOo7ACkAdvg8WmZuBF6fbTkMzdOIaV4TwElQND4zkCRBxKXHuDiVjc1Xayp7fwIAAABwUgAAAA1oAQeZAsA4QuutLKCGq_G04Yljjgbq_0LMJuah5OGRLcNLV50PFg-QyIX83CJPNJqy5JtbBuv3cavBlu-gRUmE-We0Ge9h_SwSCUEZYNPbDPqnbvKh8kKCZctWNSHPIRiMwxlCWsKhWEo2cKSFZObMBTm6JgzsYU9lAGO_EKZfmdMzyuSLYXTQ6Lbo-WnlDwQUc5s5tTr5agvltuy20HN53rONxlJB4-juv-_MwYL7mR9GRQsvGEyEcujsFzgEOKTk9VYCEJNljGk6OUe4JVCCzCi1ArfPtydzSLnqCZ-I-XCMri1uwRqDWG7GFDuGzcSXAm6_w1lUhc5qCZjnErcX2pYwfjigWwiBzQwGHiy7dVeksvFISebGVjtcXPzwJkrUJEbWb3Mt5-icL-vq3__zGFGcoLEASEl1PNl4u_JETBObJWomq4jTmj4lyv0tSUWcypEUGZZnnNWtRDPbJy2aTQ_fjPrQoBbvRaUpzz5Nz088jWut3O3EG59KkuqPXbtDbpm4X2jULo5H13fFv7LGZDUB7o2mQPblxAfFk-PN8X1kklyZL8sfgiEev5JGpYKMcc6CVyTkRUH2KIXkntCIYM0I9XdUTGvnQHYtISGe5Dnw-kLwHPMg5i-U-SATpclPDg-uKZYtjnPthyLFcxQG21Ow2l_u-ExI72f5_xDr9B6JN-duEm80diHePMbEHLZi0zsOBChwSldRW-5kxlMDEl5r2PfQF-IdFZ45PnwL8FPMEoVmnBny1H5GDMZOOkhmTvqiQl7GzHYOMkjARc-bNpiLR8g7bmQNVj0Dgm8EJCkwxCxKfcjdGdBOH3PSK--IS7ses4izjewws1UZiR-tK5z_spxeLS_pVsNQJtM_DHT-uGvR3QEI956g6azExqwOgVq-puEntYEsux8ma3U-PTkTo194SSARXDgwBRx8AyXc1a6sVA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://decode.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 19:14:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vars.hotjar.com
URL
https://vars.hotjar.com/box-3333a05ac05419926bfc064e06a742b1.html

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect boolean| originAgentCluster function| getAppId object| sp function| generateUUID function| getUUIDF function| getSessionUUID object| GlobalSnowplowNamespace function| placeholder string| UserId object| dataLayer function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| hj object| _hjSettings string| o object| a object| b function| Navegg object| naveggReady object| nvg56893 string| MauticTrackingObject function| mt function| fbq function| _fbq function| fbAsyncInit function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| lintrk boolean| _already_called_lintrk object| gaplugins object| gaData function| gtag function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| CookieConsent object| CookieControl object| Cookiebot object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| FB string| cookiedeclarationserial string| cookiedeclarationjumpURL object| CookieDeclaration object| CookiePolicy object| CookiebotCookieDeclaration function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| regeneratorRuntime object| JSON3 string| cookiedomainwarning object| GoogleGcLKhOms number| CB_OnTagsExecuted_Processed object| google_image_requests function| addEventListenerBase

28 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: gHlFutYgnrg
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: j_GShF97Jz8
.decode.buzz/ Name: _ga
Value: GA1.2.182995107.1634584439
.decode.buzz/ Name: _gid
Value: GA1.2.1611022425.1634584439
.decode.buzz/ Name: _gat_UA-141707848-1
Value: 1
.decode.buzz/ Name: _gcl_au
Value: 1.1.929825415.1634584439
.navdmp.com/ Name: ac3
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmV6DjYqYBwSMcWz4W9MZLX9NRbESsMxlKYaizrZbP9aWzWTxkvAbzM5KNw
.decode.buzz/ Name: __gads
Value: ID=a3274acd3c25c396-22c0057bf7ca0024:T=1634584439:RT=1634584439:S=ALNI_MYqxXJ7YyOCAzBCOXDikW7I4koEhQ
.decode.buzz/ Name: _hjid
Value: 918522e6-6563-42d4-91c7-bb47f422b19b
.decode.buzz/ Name: _hjFirstSeen
Value: 1
.decode.buzz/ Name: _fbp
Value: fb.1.1634584439469.1987884442
snowplow-pixel.dev.decode.buzz/ Name: snowplow-track-cookie
Value: f6a47d12-40b4-4342-a260-b8f05f26e2df
.linkedin.com/ Name: UserMatchHistory
Value: AQI-rYxoCNLWyQAAAXyU0yr9GWhRDt5SgOPH0mo52IyQJWEButrkcLnJ4CEyq1N04IMGOcJVPHP0Qg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIa59G5QgtcxAAAAXyU0yr-SyxltgOrDbmj2sp9iATjiif5DVfUXoe3a0ir2XN4wnWUfZHRfKsNaaphbPdJdw
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&0f1f89e7-46b8-44ba-8347-e23ff1cda0d5"
.linkedin.com/ Name: lidc
Value: "b=OGST00:s=O:r=O:a=O:p=O:g=2556:u=1:x=1:i=1634584439:t=1634670839:v=2:sig=AQF__e4u5l9Ercpu4-gApI4ccxZ5hdFe"
.mathtag.com/ Name: uuid
Value: ad70616d-c777-4c00-b03a-23adcddf667a
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&20211018191359df9f8331-a83a-4a80-87f4-c9be6c4d5421AQFxDkiCKrsi7QVhmi5BYh7BrATfkjSt"
.linkedin.com/ Name: li_gc
Value: MTswOzE2MzQ1ODQ0Mzk7MjswMjF1KKsZN0pnVCaClrxI/3wnTvZt/NuNYhKHsmFkrmiYlQ==
.navdmp.com/ Name: nid
Value: f8c2cf3e849e670b5fd4dd3a709|2|318
.decode.buzz/ Name: nvg56893
Value: f8c2cf3e8c6281a4c5e02eb5509|2_292
.adnxs.com/ Name: uuid2
Value: 5521053498254226661
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YW3HeAAKH968pgA6
.adsrvr.org/ Name: TDID
Value: fbec07c7-f487-49da-b3d4-3e6cd34e39e4
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjci7PGxZ2JOhAFOAE.

3 Console Messages

Source Level URL
Text
network error URL: http://ec2-18-206-97-213.compute-1.amazonaws.com/mautic/index.php/mtc.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: http://decode.buzz/
Message:
Refused to execute script from 'http://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1' because its MIME type ('image/gif') is not executable.
network error URL: http://sync.crwdcntrl.net/map/c=15478/tp=NVEG/tpid=66776265704?https%3A//sync.navdmp.com/sync%3Fprtid%3D38%26lotid%3D%24%7Bprofile_id%7D
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.sxp.smartclip.net
adservice.google.com
adservice.google.de
beacon.krxd.net
cdn.navdmp.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
d2nn9xjflnubzs.cloudfront.net
decode.buzz
dpm.demdex.net
ec2-18-206-97-213.compute-1.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gu.dyntrk.com
match.adsrvr.org
p.typekit.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
px.ads.linkedin.com
px4.ads.linkedin.com
script.hotjar.com
secure.adnxs.com
snap.licdn.com
snowplow-pixel.dev.decode.buzz
static.doubleclick.net
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.navdmp.com
sync.smartadserver.com
sync2.navdmp.com
tag.navdmp.com
tags.bluekai.com
tpc.googlesyndication.com
trc.taboola.com
unpkg.com
use.typekit.net
usr.navdmp.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.youtube.com
vars.hotjar.com
104.111.215.191
108.174.10.14
13.248.242.197
13.32.29.128
13.32.29.81
142.250.184.194
142.250.186.162
142.250.74.194
143.204.215.26
151.101.194.49
170.82.173.10
18.206.97.213
185.33.221.89
185.86.138.144
2.18.233.201
212.82.100.182
2600:9000:2057:ec00:c:a60c:ce00:21
2606:4700::6810:7caf
2606:4700::6810:cf3
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:800::200e
2a00:1450:4001:802::2004
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2006
2a00:1450:4001:831::2003
2a00:1450:400c:c09::9a
2a02:26f0:6c00:281::f09
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00::210:ba0a
2a02:26f0:6c00::210:ba0b
2a02:26f0:6c00::210:ba79
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:400::300
34.201.236.255
35.186.194.101
51.178.20.140
52.208.103.128
52.49.107.116
99.81.82.31
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75
062ba326f323cc4b6a7d05d0cf0ca484a1ea6c94e84893486557d9ddbae5b155
0a7669aaf10a63c59e7b77586e5e400f159f8be646cda10f55cb34e5185be4d2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
133b06a7c54958802be419281ec8dddfd75b96c0d31bf963604f6f5fdd071dea
178d266d1cd04b0a22f67fcbd236bbc6d5be2e4a0ec5ffbe90a41ac2b13195aa
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18dca1578dd738cb39fa7c31d0f8e696d1bc448e71054dca04faf4ee80a42d8d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
242992b71b33d19d5eda9462444f97d151f7a7b17bca41f6caa32fdad7eb891f
2a8baa16b706e13fc6b9c55e555d4aa720c1a25cd85d355e82ad9d433b178881
3269900957596b797ed22998c3ecebc6d76fc59144716c4c196f33307627b776
32bfa96b7375897f3dfa189ec6c5b5b8f6c38a28b2682e641c5a757945436d6e
34d01bb9321d5722044a83c5eae285826c782800a3453671cef373d9bce06606
35501bfd5f2a8d2d8fb04695bc80793b9aa7160ded872a9f89cc094b140f8702
35688f0030b4f959768554b8ec5d5d520c916193a9a8247241b3c43fc90415b2
3767800c671f68af816b211c0e03cccec1f250eff187c62751715ea609d5119b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44bd4220ae9afb42bdf6199a39b14bc6f4cc6ea44c1481dcde55e8359fc6f41c
4886ac7df5ecb85f4b9907f4a6c617e0c8e0a6d156340eff64f56430fd095a87
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5b5305772f1664901add1dfb33bb600096c4b3de545eb5806db261b34994601a
5f670342c6e23d240e79247ff9ad83c303b98731889fbd03c870fd7c0aedfdc8
62ed3cf655f7ac3b27c276fecd4f5b748f15b6fb138e7223d80b7b4333f2e6a1
6949dbd70d500bca119e31e32ea1d829536884636038b15c32411ab4a69e8240
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b98edac39ccf7e2b3ea35a1bc7def9189ec09455477d60336a5116427ab9889
6ed3a3fa986545e83c16bd71a33aad6f88b9e4c47874878c80ad7c1d98fa749b
6fc03460ffda99c0b7c6b5d2dcd5ac4919b93bc795b3bf67160ec2734759bb71
7055f4326f98d7db328069e5a140b3b3e14027a8dbdb1015c3ece154e085cc37
70b0be7392649332cf43d40da303e69c01622e0cfafa65805a35f76aefa49290
76adb7dca964da9585b3b8b3655dd187467cf6231eb968c147fc1c65794b208d
775f002bdf65e0787660eaa4aa948b7cd5353fa287cab0177bedd5862620146e
7a71e7a222f703e24afdf65191e38d7ab2753b510977b0d0f140c84e202cbcd7
7b75a8eac2a72d97179546447789c6dd98a7aa60dfb30b956ad43f6834582b8b
815099f427b52d9ed44b6a8e5820e030f91edc83ff9036af91d244790da18520
83e9eadcfefc66cf0bff70c9e3cdfde37f8a2071f82a0ed6bc464736e10463f6
8695f5fc64d65593f9763a5b28d14bc34e3cf802317e1ffad2125a7c8fedfafe
8c2107d6a0d1d6c8ae8f18bca1e77895128b4ae3ab108f7b5607497e007b5a5b
8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d
9b5e631253e0a7c6076cbcc9a1375ba970833ade63cea5a312ac418d04e836a8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
b4c5a6551ad6ca2dd07c422e85bcce9e063be8c29ed73af9c2c2a1eeca7029f3
b60a29a7f15427ab47933c5488fa002171c674f30cc3285271f5a953828e9ccd
b67be26b180a6b82ebc2bee293d80ca7142a9c3216d9d6fd5ce55537af23fe68
b6de84da750b4edc3e8072264f3bd30e13dbe8527d5c09cb10bca427d008f92e
b935a2ea40bbdd16039ac1325a9e937e148934f336b280ad87cb30ede9848993
b9fcba1068b55cdb9d49080c3e77aa1f6592282f4d51fba576b6e31d7c90014e
c37e5682407d07e7974304b5334721abfcaaf80533aa565ee3a2f66de1f6676f
c80d26cc88fc713e4c79f49ea556cec89af7df817c700b1a28135cf6311d5f79
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1e480a19dca0d7828bb4beecfe33e8a13790fb87cdd03a53191733d4533cb8b
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e9ecd023ea06eff2419484166b4abfea40f10b044a846c999c4857d71b9f2207
ea0ccf3eab05a27a83fdc3a0c60ede70d4d2f18bf8be6cbdcc221d43ad5686ec
ec345b30adf8fccb0c5aa45729f7a22a2b4afc8c5f4bfc2fb10d234c1e145f3d
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2845b07545dfe1c39a8616689df33010a6c310ecb953b45f618ebf236b3a20d
f37e21c653607facbf39ad55a0d09b23fbda4ee1be8202257bd4c218eb1544ee
f5cb21d5c4bbdc401fa3ac482048eb389557fd4396283daa55138f45644d8146
f6b5da04fa44e9bd96ff49c1b07d0805d98c94b641b2b633e3185c07310f8033
f9f6ab7ebe166945956fa7569bc93b5bd8cbfbf1b51688fc47fe81b5ec8673bc
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ffcffad8689299e55e26c56cd30d145407515175be19d3bee0b21325e28973d5
ffdc4ef67815c82ae89a1b8886454a8b4f859d78e2ed1817186d4da2ac614074