urlscan.io logo urlscan.io
SecurityTrails logo

tbcguias.com Open in urlscan Pro
66.225.201.222  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tbcguias.com/
Effective URL: https://tbcguias.com/
Submission: On November 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 14 domains to perform 104 HTTP transactions. The main IP is 66.225.201.222, located in Chicago, United States and belongs to SERVERCENTRAL, US. The main domain is tbcguias.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 1st 2023. Valid for: 3 months.
This is the only time tbcguias.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 29 66.225.201.222 23352 (SERVERCEN...)
1 185.177.92.30 39572 (ADVANCEDH...)
1 142.250.186.98 15169 (GOOGLE)
2 188.114.97.3 13335 (CLOUDFLAR...)
2 216.58.212.170 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
4 142.250.186.131 15169 (GOOGLE)
3 142.250.185.226 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2 35.181.207.186 16509 (AMAZON-02)
10 216.58.206.33 15169 (GOOGLE)
2 142.250.185.98 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 172.217.16.195 15169 (GOOGLE)
3 4 172.217.18.2 15169 (GOOGLE)
2 4 104.18.36.155 13335 (CLOUDFLAR...)
2 3 37.252.173.215 29990 (ASN-APPNEX)
1 142.250.184.198 15169 (GOOGLE)
1 1 142.250.185.100 15169 (GOOGLE)
2 142.250.186.162 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 23.50.131.85 20940 (AKAMAI-ASN1)
104 22
29    66.225.201.222 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: single-2020.banahosting.com
tbcguias.com
1    185.177.92.30 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-92-30.ah-server.com
dr0.biz
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
pagead2.googlesyndication.com
2    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
wowclassicdb.com
2    216.58.212.170 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f170.1e100.net
fonts.googleapis.com
15    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net
fonts.gstatic.com
3    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads.g.doubleclick.net
5    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    35.181.207.186 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-207-186.eu-west-3.compute.amazonaws.com
squareenix.commander1.com
10    216.58.206.33 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f1.1e100.net
tpc.googlesyndication.com
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
www.googletagservices.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net
www.gstatic.com
4    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
cm.g.doubleclick.net
4    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
s0.2mdn.net
1    142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net
www.google.com
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads4.g.doubleclick.net
13    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    23.50.131.85 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-85.deploy.static.akamaitechnologies.com
code.createjs.com
Apex Domain
Subdomains		 Transfer
29 tbcguias.com
tbcguias.com
1 MB
26 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
390 KB
14 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
138 KB
14 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
111 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
97 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
3 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
4 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
2 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
128 KB
2 commander1.com
squareenix.commander1.com
2 KB
2 wowclassicdb.com
wowclassicdb.com — Cisco Umbrella Rank: 789401
4 KB
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1549
63 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
256 B
1 dr0.biz
dr0.biz
19 KB
104 14
Domain Requested by
29 tbcguias.com 1 redirects tbcguias.com
16 pagead2.googlesyndication.com tbcguias.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.gstatic.com
14 s0.2mdn.net tbcguias.com
googleads.g.doubleclick.net
s0.2mdn.net
10 tpc.googlesyndication.com tbcguias.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
tbcguias.com
googleads.g.doubleclick.net
6 www.gstatic.com tbcguias.com
googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
4 fonts.googleapis.com tbcguias.com
wowclassicdb.com
googleads.g.doubleclick.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
2 googleads4.g.doubleclick.net tbcguias.com
2 www.googletagservices.com tbcguias.com
2 squareenix.commander1.com 1 redirects googleads.g.doubleclick.net
2 wowclassicdb.com tbcguias.com
1 code.createjs.com s0.2mdn.net
1 www.google.com 1 redirects
1 dr0.biz tbcguias.com
104 18

This site contains links to these domains. Also see Links.

Domain
addonswotlk.com
Subject Issuer Validity Valid
tbcguias.com
cPanel, Inc. Certification Authority		 2023-11-01 -
2024-01-30		 3 months crt.sh
0.mo11.biz
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
wowclassicdb.com
E1		 2023-10-15 -
2024-01-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tls.adobe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-08 -
2024-03-10		 a year crt.sh

This page contains 12 frames:

Primary Page: https://tbcguias.com/
Frame ID: 1A3163E18B32ECDCC8A8F583BF23FD31
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5467700828296629&output=html&adk=1812271804&adf=3025194257&lmt=1701306794&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Ftbcguias.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=1&asacwct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701306793889&bpp=28&bdt=807&idt=241&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1542767692662&frm=20&pv=2&ga_vid=1852670715.1701306794&ga_sid=1701306794&ga_hid=2046068497&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532600%2C44798934%2C44809005%2C44809317%2C31078297%2C44807764%2C44808149%2C44808284%2C44809072&oid=2&pvsid=228353675823167&tmod=831430728&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=253
Frame ID: E72E3B27DA97C2B4DC2C6263DCBA2354
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5467700828296629&output=html&h=280&adk=4180655298&adf=2329363288&pi=t.aa~a.853499222~rp.4&w=650&fwrn=1&fwrnh=100&lmt=1701306795&rafmt=1&to=qs&pwprc=9982688823&format=650x280&url=https%3A%2F%2Ftbcguias.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701306795172&bpp=2&bdt=2090&idt=2&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1542767692662&frm=20&pv=1&ga_vid=1852670715.1701306794&ga_sid=1701306794&ga_hid=2046068497&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532600%2C44798934%2C44809005%2C44809317%2C31078297%2C44807764%2C44808149%2C44808284%2C44809072&oid=2&pvsid=228353675823167&tmod=831430728&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=10
Frame ID: 3C0562B636D21B64DF8356B77254C626
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Frame ID: 37B5EBDC06ABCBBAC486B103D8CC006C
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Frame ID: 8E60C8C94E3CE1CC2545AFB886927258
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCjgScYusu71gEwAQ&v=APEucNXARgw00x2DK9TWy95kIH540guC-u05WCBTTRskNLZSoiFkAlDkWOhRYEBpHW_8gqPDk9YM_zgl6f5EcNhJCx_15VMmCyvAKpsy67BBWUoMmXVLyykVXx_x3rQbtvBct7x1-0E8sJZ4IjdOzu-nF9a4WN-TmCdMjdbiK9g-0ZQPIJtUh3Y
Frame ID: 5613BCE3CE35F6E30EE35A88BE3631A5
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 61E251076D4492BE57F23317D8E0E335
Requests: 18 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Frame ID: E48BD7FF77E0740CFF08F72F0DFAC270
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9805EDD887CE2238949B67B39EA687A9
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A705C64B53EFDF67FBE5869DC9BFD556
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/index.html?ev=01_250
Frame ID: 4CD2A2C27E6603B7163B9BA069EC7191
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js
Frame ID: F49A2010AD45A68C85A66481131932DE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

🕹️ TbcGuias todo sobre los juegos de Blizzard

Page URL History Show full URLs

  1. http://tbcguias.com/ HTTP 301
    https://tbcguias.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

104
Requests

94 %
HTTPS

18 %
IPv6

14
Domains

18
Subdomains

22
IPs

5
Countries

2264 kB
Transfer

4535 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tbcguias.com/ HTTP 301
    https://tbcguias.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://squareenix.commander1.com/v3/?tcs=4813&rand=$cachebuster$&chn=display&src=dv360&cmp=ffxiv_freetrial_nl-benl_jellyfish&med=cpa_promoted&e=&pub=&crtive=accolade_paladin&vson=&fmt=728x90&adgrp=ft_homepage&cty=&aff_id=&aff_name= HTTP 302
  • https://squareenix.commander1.com/v3/?firsttime=1&tcs=4813&rand=$cachebuster$&chn=display&src=dv360&cmp=ffxiv_freetrial_nl-benl_jellyfish&med=cpa_promoted&e=&pub=&crtive=accolade_paladin&vson=&fmt=728x90&adgrp=ft_homepage&cty=&aff_id=&aff_name=
Request Chain 68
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELPskKxurWE4mTt71LHKArA&google_cver=1
Request Chain 69
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWfhq8nrNQmkx9kidwCkpwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELPskKxurWE4mTt71LHKArA&google_cver=1
Request Chain 70
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEChGrekOer182aYHMxQNM_Y&google_cver=1
Request Chain 71
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc5MTU1Mzk4MjE5NTM4NTQyNg%3D%3D
Request Chain 82
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

104 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tbcguias.com/
Redirect Chain
  • http://tbcguias.com/
  • https://tbcguias.com/
60 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
6429909bf68ec41701554447500d22a148b84fbbda50bd3ba396e6ea349bc784

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 30 Nov 2023 01:13:11 GMT
link
<https://tbcguias.com/wp-json/>; rel="https://api.w.org/"
vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
707
content-type
text/html
date
Thu, 30 Nov 2023 01:13:10 GMT
location
https://tbcguias.com/
/
dr0.biz/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dr0.biz/?te=ha2tkmbvgy5ha3ddf44danzz
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.177.92.30 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-92-30.ah-server.com
Software
nginx /
Resource Hash
ac072dd27c304aed0dd56c0380fba8004e8d9322ef5d5fe184aae4bfea8b0b9c
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 30 Nov 2023 01:13:13 GMT
strict-transport-security
max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests
server
nginx
content-type
application/javascript; charset=UTF-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		154 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5467700828296629
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
cee4aeba4270819a7802448aea9f12147de41f34db51560320f1587f5137b731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tbcguias.com/
Origin
https://tbcguias.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53189
x-xss-protection
0
server
cafe
etag
2582756102174823332
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 01:13:13 GMT
tooltip.min.css
wowclassicdb.com/wotlk/ 		2 KB
1006 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wowclassicdb.com/wotlk/tooltip.min.css
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
465b778467f1f6b0c5dbbc4c6e426ad7f5a62d913e3ef2e660e52ca1cfea4b44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
198
x-powered-by
Express
x-litespeed-cache
hit
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 24 Oct 2023 10:36:14 GMT
server
cloudflare
etag
W/"654-18b6141a5ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tmo8Xa8xmvSaTUCuuUTBHJMJkCPRVJMFGHf1c7HgTt2eOq9J7Oe1RGwJ2Dmer1abs8FUWcaSs4avrTc3KwAeM6PIpnoTlbBQIRFEmmV1%2FEBCkxWDvb6iCkfnN55a28oEma1B"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=1800
x-turbo-charged-by
LiteSpeed
cf-ray
82df3a0388c73733-FRA
tooltip.js
wowclassicdb.com/wotlk/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wowclassicdb.com/wotlk/tooltip.js
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1953299cdc224a1e90b368abaf1b86165d1274646703ad77acbac30f9d084274

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6890
x-powered-by
Express
x-litespeed-cache
hit
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 24 Oct 2023 10:36:14 GMT
server
cloudflare
etag
W/"1e94-18b6141a5ae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gr%2FIpG36CNl07qeilMZgbp8EEqiIjGcGdnC%2FkSsfoKIQQ%2BbYaaC8b1Q93H6aQYNyswZsPLcAcpNVQetKqd26xeIa7SEbpRMobws%2FN10CFBbG8NnbUkSj%2FiWCWYWRPAy%2FWBKW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
x-turbo-charged-by
LiteSpeed
cf-ray
82df3a0388c83733-FRA
cv.css
tbcguias.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/ 		84 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tbcguias.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=3.6.1
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
06fe93f1d30a411e76e08c41463baf1e396c7b1941ce2c338177b09ba9118c3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:11 GMT
content-encoding
br
last-modified
Thu, 09 Nov 2023 21:14:46 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11906
expires
Thu, 07 Dec 2023 01:13:11 GMT
style.min.css
tbcguias.com/wp-includes/css/dist/block-library/ 		107 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tbcguias.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:11 GMT
content-encoding
br
last-modified
Wed, 08 Nov 2023 12:54:37 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
13607
expires
Thu, 07 Dec 2023 01:13:11 GMT
styles.css
tbcguias.com/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
933 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tbcguias.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.2
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:11 GMT
content-encoding
br
last-modified
Thu, 26 Oct 2023 21:02:29 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
878
expires
Thu, 07 Dec 2023 01:13:11 GMT
screen.min.css
tbcguias.com/wp-content/plugins/table-of-contents-plus/ 		1 KB
433 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tbcguias.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2309
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:11 GMT
content-encoding
br
last-modified
Tue, 07 Nov 2023 10:04:14 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
378
expires
Thu, 07 Dec 2023 01:13:11 GMT
style.css
tbcguias.com/wp-content/themes/blogstream/ 		76 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tbcguias.com/wp-content/themes/blogstream/style.css?ver=6.4.1
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
e9c192213ba7bb4810e7deed54503893e20d44361bfbc81621a661107caaca03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:11 GMT
content-encoding
br
last-modified
Sat, 05 Aug 2023 13:14:48 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
13814
expires
Thu, 07 Dec 2023 01:13:11 GMT
responsive.css
tbcguias.com/wp-content/themes/blogstream/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tbcguias.com/wp-content/themes/blogstream/responsive.css?ver=6.4.1
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
53a1f093280aaec2586ed60c8bea1f5a25d7d0e7a3dd312c46d43a2625054a24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:11 GMT
content-encoding
br
last-modified
Sat, 05 Aug 2023 13:14:48 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1319
expires
Thu, 07 Dec 2023 01:13:11 GMT
all.min.css
tbcguias.com/wp-content/themes/blogstream/fonts/ 		100 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tbcguias.com/wp-content/themes/blogstream/fonts/all.min.css?ver=6.4.1
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
3dc0bc2b534e4bde8b4eba93fe618d4c13250708d8236979ea7a1aed051b4a35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:11 GMT
content-encoding
br
last-modified
Sat, 05 Aug 2023 13:14:47 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
21856
expires
Thu, 07 Dec 2023 01:13:11 GMT
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C300italic%2C300%2C400italic%2C700&subset=latin%2Clatin-ext&ver=6.4.1
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f170.1e100.net
Software
ESF /
Resource Hash
089253e7cbb4519bfd3fbd4362018b9b60cbbdad59eb458e080d913bd609b01f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Nov 2023 01:13:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 23:19:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Nov 2023 01:13:13 GMT
jquery.min.js
tbcguias.com/wp-includes/js/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tbcguias.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:11 GMT
content-encoding
br
last-modified
Wed, 08 Nov 2023 12:54:34 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
29744
expires
Thu, 07 Dec 2023 01:13:11 GMT
jquery-migrate.min.js
tbcguias.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tbcguias.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:11 GMT
content-encoding
br
last-modified
Wed, 09 Aug 2023 14:44:24 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4678
expires
Thu, 07 Dec 2023 01:13:11 GMT
slick.min.js
tbcguias.com/wp-content/themes/blogstream/js/ 		43 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tbcguias.com/wp-content/themes/blogstream/js/slick.min.js?ver=6.4.1
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
254d80a49d0c9fced2fd0c272e7b868ca726df8189dc9c5735c56a33e7853dfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:11 GMT
content-encoding
br
last-modified
Sat, 05 Aug 2023 13:14:48 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
10662
expires
Thu, 07 Dec 2023 01:13:11 GMT
cropped-cropped-1607295924-logo-deficiente.png
tbcguias.com/wp-content/uploads/wpforo/default_attachments/ 		353 KB
353 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tbcguias.com/wp-content/uploads/wpforo/default_attachments/cropped-cropped-1607295924-logo-deficiente.png
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
e517f42c40f6296b1fda2970d47c3bead2c9135c9fb77b7b1ea0b8206a9a4946

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
date
Thu, 30 Nov 2023 01:13:11 GMT
cache-control
public, max-age=604800
last-modified
Tue, 28 Mar 2023 14:14:26 GMT
accept-ranges
bytes
content-length
361166
expires
Thu, 07 Dec 2023 01:13:11 GMT
No-LFR-in-Cataclysm-Classic-1024x576-1-610x343.jpg
tbcguias.com/wp-content/uploads/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tbcguias.com/wp-content/uploads/No-LFR-in-Cataclysm-Classic-1024x576-1-610x343.jpg
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
136e4411b8b080f4732dc18481e765a3ba212a97da94941b52aaca83192471b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/jpeg
date
Thu, 30 Nov 2023 01:13:11 GMT
cache-control
public, max-age=604800
last-modified
Thu, 09 Nov 2023 21:31:42 GMT
accept-ranges
bytes
content-length
38322
expires
Thu, 07 Dec 2023 01:13:11 GMT
WoW_CataclysmClassic_BossSHots_Raid_BastionofTwilight_Sinestra_002-1024x576-1-610x343.png
tbcguias.com/wp-content/uploads/ 		288 KB
288 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tbcguias.com/wp-content/uploads/WoW_CataclysmClassic_BossSHots_Raid_BastionofTwilight_Sinestra_002-1024x576-1-610x343.png
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
e0536cc90d7811581269d7df684e906ab15d2eaa062fe0721168f9b2320278f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
date
Thu, 30 Nov 2023 01:13:11 GMT
cache-control
public, max-age=604800
last-modified
Thu, 09 Nov 2023 21:30:46 GMT
accept-ranges
bytes
content-length
294446
expires
Thu, 07 Dec 2023 01:13:11 GMT
Cataclysm-Classic-Deathwing-Art-1024x632-1-610x343.jpg
tbcguias.com/wp-content/uploads/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tbcguias.com/wp-content/uploads/Cataclysm-Classic-Deathwing-Art-1024x632-1-610x343.jpg
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
0f1d403b3b8eacfe9aef956c3b702ada7ea7c159df31fb61b4407918dde4e306

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/jpeg
date
Thu, 30 Nov 2023 01:13:12 GMT
cache-control
public, max-age=604800
last-modified
Thu, 09 Nov 2023 21:29:36 GMT
accept-ranges
bytes
content-length
26870
expires
Thu, 07 Dec 2023 01:13:12 GMT
index.js
tbcguias.com/wp-content/plugins/contact-form-7/includes/swv/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tbcguias.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.2
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:12 GMT
content-encoding
br
last-modified
Thu, 26 Oct 2023 21:02:29 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3061
expires
Thu, 07 Dec 2023 01:13:12 GMT
index.js
tbcguias.com/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tbcguias.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.2
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:12 GMT
content-encoding
br
last-modified
Thu, 26 Oct 2023 21:02:29 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3918
expires
Thu, 07 Dec 2023 01:13:12 GMT
cv.js
tbcguias.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tbcguias.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=3.6.1
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
6b11c97fa853df89bf95f02a0668d1c340482ac24cef8bffc25c8a25fa7d262b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:12 GMT
content-encoding
br
last-modified
Thu, 09 Nov 2023 21:14:46 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6468
expires
Thu, 07 Dec 2023 01:13:12 GMT
front.min.js
tbcguias.com/wp-content/plugins/table-of-contents-plus/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tbcguias.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2309
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
c18f5c0855f4b76c30dd796f7164f9d1bb23c2c85b070cfad938787a214a2639

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:12 GMT
content-encoding
br
last-modified
Tue, 07 Nov 2023 10:04:14 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2198
expires
Thu, 07 Dec 2023 01:13:12 GMT
jquery.fitvids.js
tbcguias.com/wp-content/themes/blogstream/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tbcguias.com/wp-content/themes/blogstream/js/jquery.fitvids.js?ver=6.4.1
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
9c29ff6cb8ebb7a83af704c02a235b37fd77ce8cc48d87aaef2bfd9727fbd166

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:12 GMT
content-encoding
br
last-modified
Sat, 05 Aug 2023 13:14:48 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1132
expires
Thu, 07 Dec 2023 01:13:12 GMT
jq-sticky-anything.min.js
tbcguias.com/wp-content/themes/blogstream/js/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tbcguias.com/wp-content/themes/blogstream/js/jq-sticky-anything.min.js?ver=6.4.1
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
f134232a9a19dd6ab40fd09f335cb368f4441e2573462dea23b6201274d0b70b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:12 GMT
content-encoding
br
last-modified
Sat, 05 Aug 2023 13:14:48 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1335
expires
Thu, 07 Dec 2023 01:13:12 GMT
scripts.js
tbcguias.com/wp-content/themes/blogstream/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tbcguias.com/wp-content/themes/blogstream/js/scripts.js?ver=6.4.1
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
138111372ed731e91cad7e74d480383a3b48effe1ef65d530a1b139b348deee1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:12 GMT
content-encoding
br
last-modified
Sat, 05 Aug 2023 13:14:48 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1628
expires
Thu, 07 Dec 2023 01:13:12 GMT
nav.js
tbcguias.com/wp-content/themes/blogstream/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tbcguias.com/wp-content/themes/blogstream/js/nav.js?ver=1691241288
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
bcd1fc77d1d8787ac24a9383e483152dc4c59dbe2367e6081029b5158e44a065

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:12 GMT
content-encoding
br
last-modified
Sat, 05 Aug 2023 13:14:48 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2213
expires
Thu, 07 Dec 2023 01:13:12 GMT
css
fonts.googleapis.com/ 		3 KB
738 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: wowclassicdb.com
URL: https://wowclassicdb.com/wotlk/tooltip.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f170.1e100.net
Software
ESF /
Resource Hash
4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wowclassicdb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Nov 2023 01:13:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 00:30:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Nov 2023 01:13:13 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 		397 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5467700828296629&plah=tbcguias.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5467700828296629
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
011ad521ff57a8b1fcfe247f472bedca23ab7714d16aaa9d81fbf339540017cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137286
x-xss-protection
0
server
cafe
etag
7097732944718459543
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 01:13:13 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300italic%2C300%2C400italic%2C700&subset=latin%2Clatin-ext&ver=6.4.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tbcguias.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:27:48 GMT
x-content-type-options
nosniff
age
521126
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 00:27:48 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300italic%2C300%2C400italic%2C700&subset=latin%2Clatin-ext&ver=6.4.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tbcguias.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 20:50:19 GMT
x-content-type-options
nosniff
age
447775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 20:50:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300italic%2C300%2C400italic%2C700&subset=latin%2Clatin-ext&ver=6.4.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tbcguias.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 21:25:42 GMT
x-content-type-options
nosniff
age
445652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 21:25:42 GMT
403ac697-42f7-49e7-8cd8-1c792b4c95f1
https://tbcguias.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tbcguias.com/403ac697-42f7-49e7-8cd8-1c792b4c95f1
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
pattern.png
tbcguias.com/wp-content/themes/blogstream/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tbcguias.com/wp-content/themes/blogstream/img/pattern.png
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/wp-content/themes/blogstream/style.css?ver=6.4.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
6cda7a46ef5ed00db88a86f459488c8bad65e7eae64177266fe83749826378da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/wp-content/themes/blogstream/style.css?ver=6.4.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
date
Thu, 30 Nov 2023 01:13:12 GMT
cache-control
public, max-age=604800
last-modified
Sat, 05 Aug 2023 13:14:48 GMT
accept-ranges
bytes
content-length
1059
expires
Thu, 07 Dec 2023 01:13:12 GMT
fa-solid-900.woff2
tbcguias.com/wp-content/themes/blogstream/fonts/ 		147 KB
147 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tbcguias.com/wp-content/themes/blogstream/fonts/fa-solid-900.woff2
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/wp-content/themes/blogstream/fonts/all.min.css?ver=6.4.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

Request headers

Referer
https://tbcguias.com/wp-content/themes/blogstream/fonts/all.min.css?ver=6.4.1
Origin
https://tbcguias.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
font/woff2
date
Thu, 30 Nov 2023 01:13:12 GMT
cache-control
public, max-age=604800
last-modified
Sat, 05 Aug 2023 13:14:47 GMT
accept-ranges
bytes
content-length
150020
expires
Thu, 07 Dec 2023 01:13:12 GMT
firefox_sVcM1zWgNz-610x343.png
tbcguias.com/wp-content/uploads/ 		269 KB
269 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tbcguias.com/wp-content/uploads/firefox_sVcM1zWgNz-610x343.png
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
bb3990c50b02c0b7372ba69fa708e6f17f87bb313c0cd938fa156002cb2a2aca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
date
Thu, 30 Nov 2023 01:13:12 GMT
cache-control
public, max-age=604800
last-modified
Thu, 09 Nov 2023 21:26:54 GMT
accept-ranges
bytes
content-length
274981
expires
Thu, 07 Dec 2023 01:13:12 GMT
Cataclysm-Firelands-Ragnaros-Worgen-Rogue-1024x576-1-610x343.jpg
tbcguias.com/wp-content/uploads/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tbcguias.com/wp-content/uploads/Cataclysm-Firelands-Ragnaros-Worgen-Rogue-1024x576-1-610x343.jpg
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
a13f7605dd4ebd59dcaee5cd6e7f155e617917efc0d10cf1fb8114b6c121aa2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/jpeg
date
Thu, 30 Nov 2023 01:13:12 GMT
cache-control
public, max-age=604800
last-modified
Thu, 09 Nov 2023 21:25:28 GMT
accept-ranges
bytes
content-length
41250
expires
Thu, 07 Dec 2023 01:13:12 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E72E 		249 KB
64 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5467700828296629&output=html&adk=1812271804&adf=3025194257&lmt=1701306794&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Ftbcguias.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=1&asacwct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701306793889&bpp=28&bdt=807&idt=241&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1542767692662&frm=20&pv=2&ga_vid=1852670715.1701306794&ga_sid=1701306794&ga_hid=2046068497&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532600%2C44798934%2C44809005%2C44809317%2C31078297%2C44807764%2C44808149%2C44808284%2C44809072&oid=2&pvsid=228353675823167&tmod=831430728&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=253
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5467700828296629&plah=tbcguias.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
12f4f7fb93722d457d7d05c39dbc49dbcf8810380f4e1af28ce4a7debdaadf83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tbcguias.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
64509
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 01:13:14 GMT
expires
Thu, 30 Nov 2023 01:13:14 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8545f789d157443e285020e59d3ede5a7725a9ab6d03ebaa996ef57914d1685c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
wp-emoji-release.min.js
tbcguias.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tbcguias.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
66.225.201.222 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
single-2020.banahosting.com
Software
/
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:13 GMT
content-encoding
br
last-modified
Thu, 30 Mar 2023 08:21:48 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4651
expires
Thu, 07 Dec 2023 01:13:13 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tbcguias.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 18:17:36 GMT
x-content-type-options
nosniff
age
543338
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18664
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:36:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 18:17:36 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5467700828296629&plah=tbcguias.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ab0ed127c025f5b645459a729bfc0cb9ec673ebb2bab1d82d2acd5352b5e8ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tbcguias.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55853
x-xss-protection
0
server
cafe
etag
583057368743895841
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 01:13:15 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3C05 		113 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5467700828296629&output=html&h=280&adk=4180655298&adf=2329363288&pi=t.aa~a.853499222~rp.4&w=650&fwrn=1&fwrnh=100&lmt=1701306795&rafmt=1&to=qs&pwprc=9982688823&format=650x280&url=https%3A%2F%2Ftbcguias.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701306795172&bpp=2&bdt=2090&idt=2&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1542767692662&frm=20&pv=1&ga_vid=1852670715.1701306794&ga_sid=1701306794&ga_hid=2046068497&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532600%2C44798934%2C44809005%2C44809317%2C31078297%2C44807764%2C44808149%2C44808284%2C44809072&oid=2&pvsid=228353675823167&tmod=831430728&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5467700828296629&plah=tbcguias.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tbcguias.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46865
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 01:13:15 GMT
expires
Thu, 30 Nov 2023 01:13:15 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/ Frame 37B5 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5467700828296629&plah=tbcguias.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
29ac11b866b20f17242bdff6076537a14e60f213ef8deb1c56794ff61da4b30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tbcguias.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
25862
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4104
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 18:02:13 GMT
etag
18311852268564407380
expires
Wed, 13 Dec 2023 18:02:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/ Frame 8E60 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5467700828296629&plah=tbcguias.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29ac11b866b20f17242bdff6076537a14e60f213ef8deb1c56794ff61da4b30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tbcguias.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
189
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4104
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 01:10:06 GMT
etag
18311852268564407380
expires
Thu, 14 Dec 2023 01:10:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5613 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCjgScYusu71gEwAQ&v=APEucNXARgw00x2DK9TWy95kIH540guC-u05WCBTTRskNLZSoiFkAlDkWOhRYEBpHW_8gqPDk9YM_zgl6f5EcNhJCx_15VMmCyvAKpsy67BBWUoMmXVLyykVXx_x3rQbtvBct7x1-0E8sJZ4IjdOzu-nF9a4WN-TmCdMjdbiK9g-0ZQPIJtUh3Y
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 01:13:15 GMT
expires
Thu, 30 Nov 2023 01:13:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 61E2 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31498
x-xss-protection
0
server
cafe
etag
4296746511219988724
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 01:13:15 GMT
/
squareenix.commander1.com/v3/ Frame 61E2
Redirect Chain
  • https://squareenix.commander1.com/v3/?tcs=4813&rand=$cachebuster$&chn=display&src=dv360&cmp=ffxiv_freetrial_nl-benl_jellyfish&med=cpa_promoted&e=&pub=&crtive=accolade_paladin&vson=&fmt=728x90&adgrp...
  • https://squareenix.commander1.com/v3/?firsttime=1&tcs=4813&rand=$cachebuster$&chn=display&src=dv360&cmp=ffxiv_freetrial_nl-benl_jellyfish&med=cpa_promoted&e=&pub=&crtive=accolade_paladin&vson=&fmt=...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://squareenix.commander1.com/v3/?firsttime=1&tcs=4813&rand=$cachebuster$&chn=display&src=dv360&cmp=ffxiv_freetrial_nl-benl_jellyfish&med=cpa_promoted&e=&pub=&crtive=accolade_paladin&vson=&fmt=728x90&adgrp=ft_homepage&cty=&aff_id=&aff_name=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
HTTP/1.1
Server
35.181.207.186 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-207-186.eu-west-3.compute.amazonaws.com
Software
web /
Resource Hash
546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
private
Date
Thu, 30 Nov 2023 01:13:15 GMT
Content-Encoding
gzip
Server
web
Transfer-Encoding
chunked
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=486000, pre-check=486000
Connection
keep-alive
Expires
Wed, 28 Feb 24 02:13:15 +0100

Redirect headers

Pragma
private
Date
Thu, 30 Nov 2023 01:13:15 GMT
Server
web
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Content-Type
text/html
location
https://squareenix.commander1.com/v3/?firsttime=1&tcs=4813&rand=$cachebuster$&chn=display&src=dv360&cmp=ffxiv_freetrial_nl-benl_jellyfish&med=cpa_promoted&e=&pub=&crtive=accolade_paladin&vson=&fmt=728x90&adgrp=ft_homepage&cty=&aff_id=&aff_name=
Cache-Control
private, max-age=486000, pre-check=486000
Access-Control-Allow-Origin
*
Connection
keep-alive
Expires
Wed, 28 Feb 24 02:13:15 +0100
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 61E2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/window_focus_fy2021.js
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:52:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
12075
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:52:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 61E2 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:51:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
12076
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:51:59 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 61E2 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Nov 2023 01:13:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 61E2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DEfATKor3_wHFTNaJZSlBbYYL7GaezNhQdRSgnMiFhb2OswznRBCsvcSPcW9hlFwHg57UV80DZjNxVs2I0AqsQt2ehVSbUyn-HaQRCUl_YhlE4cwQ
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 01:13:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 61E2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6276092089463945223&x=1&ct=119
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 01:13:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame 37B5 		4 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Nov 2023 01:13:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 00:30:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Nov 2023 01:13:15 GMT
38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js
www.gstatic.com/mysidia/ Frame E48B 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
sffe /
Resource Hash
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:40:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4046
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 07:40:27 GMT
1290528a0f60de16515866847082b13a.js
www.gstatic.com/mysidia/ Frame E48B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
sffe /
Resource Hash
bc683e932f79a2eec11f258cb15966aab5abd7269f7fed443bc8a0bca5fdb046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:40:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8379
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 07:40:27 GMT
css
fonts.googleapis.com/ Frame E48B 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Nov 2023 01:13:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 00:30:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Nov 2023 01:13:15 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame E48B 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:53:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
11996
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:53:19 GMT
55c07926d0961c7899d23978ffa28542.js
www.gstatic.com/mysidia/ Frame E48B 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/55c07926d0961c7899d23978ffa28542.js?tag=analytics_pingback_2019
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
sffe /
Resource Hash
e4adb0336f1dfe75eab5c87d264c95f99ad586ae3e4faf346b16c970eefcd090
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:40:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2242
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 07:40:27 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/ Frame E48B 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/abg_lite_fy2021.js
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:53:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
12014
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:53:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame E48B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/window_focus_fy2021.js
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:52:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
12075
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:52:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame E48B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:51:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
12076
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:51:59 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E48B 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Nov 2023 01:13:15 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame E48B 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149567
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 07:40:28 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/ Frame 37B5 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:55:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
11852
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6758
x-xss-protection
0
server
cafe
etag
13232977368472197749
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:55:43 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 37B5 		205 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:58:23 GMT
x-content-type-options
nosniff
age
112492
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 27 Nov 2024 17:58:23 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 37B5 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 16:48:04 GMT
x-content-type-options
nosniff
age
30311
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 28 Nov 2024 16:48:04 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/ Frame 37B5 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
cafe /
Resource Hash
c62cf063fdcf1a931187196cbbc50783ff4c9a5fbcf55ba058c77aaf28ca28b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:55:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
11852
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9188
x-xss-protection
0
server
cafe
etag
17726137969773036382
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:55:43 GMT
rum
dsum-sec.casalemedia.com/ Frame 5613
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELPskKxurWE4mTt71LHKArA&google_cver=1
43 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELPskKxurWE4mTt71LHKArA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCjgScYusu71gEwAQ&v=APEucNXARgw00x2DK9TWy95kIH540guC-u05WCBTTRskNLZSoiFkAlDkWOhRYEBpHW_8gqPDk9YM_zgl6f5EcNhJCx_15VMmCyvAKpsy67BBWUoMmXVLyykVXx_x3rQbtvBct7x1-0E8sJZ4IjdOzu-nF9a4WN-TmCdMjdbiK9g-0ZQPIJtUh3Y
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 01:13:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPuVeTIVEwqz6lSQu20V9n8taO6ujET4focnM0Yq%2FJdg7bh7nBY1JyMOgEzNgUNoqif%2Fh7U0WAD1%2Br0c00htsLlAdiHrhkmwDiJRIftgHGaqbHQ4Q%2BEi6qZwmBbg0FeNqOKx7kXEI2cz7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82df3a102953904e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 30 Nov 2023 01:13:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELPskKxurWE4mTt71LHKArA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5613
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWfhq8nrNQmkx9kidwCkpwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELPskKxurWE4mTt71LHKArA&google_cver=1
43 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELPskKxurWE4mTt71LHKArA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCjgScYusu71gEwAQ&v=APEucNXARgw00x2DK9TWy95kIH540guC-u05WCBTTRskNLZSoiFkAlDkWOhRYEBpHW_8gqPDk9YM_zgl6f5EcNhJCx_15VMmCyvAKpsy67BBWUoMmXVLyykVXx_x3rQbtvBct7x1-0E8sJZ4IjdOzu-nF9a4WN-TmCdMjdbiK9g-0ZQPIJtUh3Y
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 01:13:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZsdQsNrpt%2BdOo3Wk98Aw%2BzoPiHNDf7sI8fSmKc6%2BpOIm9F%2BF5gbu2l1mcKP1ozkJh7t8m4P4%2BXkJOV4YOoK3%2BYq7O%2BzXHjG3Yr%2F%2FYNX%2BZ6Zm4HzUImdSY9J5sVpsjRFavLee0AVgz5n%2BAA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82df3a10a978904e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 30 Nov 2023 01:13:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELPskKxurWE4mTt71LHKArA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5613
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEChGrekOer182aYHMxQNM_Y&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEChGrekOer182aYHMxQNM_Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCjgScYusu71gEwAQ&v=APEucNXARgw00x2DK9TWy95kIH540guC-u05WCBTTRskNLZSoiFkAlDkWOhRYEBpHW_8gqPDk9YM_zgl6f5EcNhJCx_15VMmCyvAKpsy67BBWUoMmXVLyykVXx_x3rQbtvBct7x1-0E8sJZ4IjdOzu-nF9a4WN-TmCdMjdbiK9g-0ZQPIJtUh3Y
Protocol
H2
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 01:13:15 GMT
an-x-request-uuid
a496e478-b7b8-4af9-897f-603c7d717b97
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
31.133.93.105; 31.133.93.105; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 30 Nov 2023 01:13:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEChGrekOer182aYHMxQNM_Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5613
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc5MTU1Mzk4MjE5NTM4NTQyNg%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc5MTU1Mzk4MjE5NTM4NTQyNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCjgScYusu71gEwAQ&v=APEucNXARgw00x2DK9TWy95kIH540guC-u05WCBTTRskNLZSoiFkAlDkWOhRYEBpHW_8gqPDk9YM_zgl6f5EcNhJCx_15VMmCyvAKpsy67BBWUoMmXVLyykVXx_x3rQbtvBct7x1-0E8sJZ4IjdOzu-nF9a4WN-TmCdMjdbiK9g-0ZQPIJtUh3Y
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 01:13:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 30 Nov 2023 01:13:15 GMT
an-x-request-uuid
d7493c64-daa6-49d0-8b91-5944e4b3506a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc5MTU1Mzk4MjE5NTM4NTQyNg%3D%3D
x-proxy-origin
31.133.93.105; 31.133.93.105; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 61E2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=586278898760&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 01:13:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 61E2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=586278898760&version=m202309260101&ct=119&x=1&cor=6276092089463945000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 01:13:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 61E2 		93 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CBw-2-yhI2xMuFduT0R9EDeOhoiyxR8EFS5CuxnTqq8OhakhtaXWtNIYAw_jvPqq26J4MFa86qxp9TEnHGHGONCZzo0u65IDQaLRW_Lu_RpCmOIOu_xjIo5NyEB1vOEnTqH35c2XiSnmB0h5LMRov2UQwgY0-_5NmW0zRur2ePdJlsWtWqPQNylTO51Wv2UozrT0Gh&cry=1&dbm_d=AKAmf-Buqg1TNGvzp-wFfkeP9CUm94ChwAK6MnZ7vF5BQZum84HaeX1SXz8Kr8cmd8NOyvHwsAU63lXcSKPhp1bkfUMFfD7dFHnxJpLMOsiZPZIv-qYdAjIqzrVTpSVLRaUEvoxHK0NWzZydSynXRSamr_IdTr_o6t--t2vRn4SVWKzuAxZBqr6Ui9Sct_RG-1C1OkpwIdmD8LK7V9IuHA0L7xnWT0_jLAnZ6oirwpzdNOGh1YoJ9D6XxJCWEpbZGr8BEHkELMBCzMYJNG_WcMpfceEahI1Fu6vPIV2F-3zKTyzWEx1ACe2S4FWx2-v5sEt2tUXX08UW1pSQKBouARNLaW_d9F8PYnHLHTfQKCr4wdR0tVj24_vvCjnVTy76AWZE7mV3Fi4WMTsoAtGjaimEMvRBDDUOrowi2r6vRo9sSP3sMuab_Cn3jOQidV-YLDB_7c9W7036Ts0ceEJsZK0aqbdaChoixXbekBanmrRyscUf6GsPCDYB3T3DIX5Ej38G6hsA-a1vBagzeV4iIVJw8hUfueMKTN1xZ6CZ8cOQKyl9DZ_kVLYp_K9bwG1EmFBxun_1kI9qMfD4C2QdrUZDDU8E90nrIHUpyleMMFmo14c-5-bCWip4HR2hTf7KReEsx95Ao3DTxAYMsuZVY7k-kF-TjMyGbT3_gSYmyrd97C2b3j_13jKo46CMoyN_7gXYbKs-yMl6LJr0WuCoxdKc2MQniOqSXs4863LpYbE2JhLKSSBmQGvySnJRN6razBLrWlW7jClWOPTEK9yrToopWPqzGAcARk_2V3zeCDiHoNCyL5sP4kT7JTXi9852Hg0VAYiY4V5GKI9U0B-mlkkdNuNMxiwwDpvLms46mPosIZAAZRsL9GwZIPGw1VxVPGn1MA9FIEEflZhBul5d4OEvB3pj8oq2igYd2M0xHR0vKcUqsG7oqUM3OO36IycUEoReZ83hWOR8QGu15wzzIBak6mUt44DpppcwNsNq9Tl-qyDvZqAZFTikI8aZHRm5Y40zKpCE1D87L3D45jlb9Pv7k8HtT8vN94Q-RSkA8BFpjov22FxWuQaQApT_UsQFdF0NqgBZQ8wPh_9nqvC2vAGyhHV0-dkHbQMoJVeTiFNmCVDiv5Sxb1Oc4zd4HF1mhgbKc8PEk4FJGEsxUWi7bBmClEr5UZbsI4Zq1sMVwAOTLYCl_xHHdJOPWWExUODByBsb0B660PpwdCvaf1PQwyvK-4h27P9CFtyuBRcINkLWgsZUR-q4Rh0rcDnZzbrxXV-Aj6sh2KYV0l2j5DZLqW5593McE4AIioQRakoSGZEC7SQe65Gr5NGKyqLtJVOSIxsFunHWWvPGSsUURi8kXlKhcyK-0hnZOSbCU5__HV-Gd5Qkv61KbROqU3GRZJr7dmTlyddHTL6ddFOuOCbhBkpEjOOw3ifiPhVZpSl-6n1YxFhHcp5ZR8MyRP7krSQKPXw2hr7f_tjBK7wdrlR9bP8-mhOIB2GtWZqv6ITxY2HPchLCSW_5_yueQx69JcBvzWbrq8dLyV0ppfKgvqLNN_epaDa9gh-LfHvEgi2E5XBZquaGeS-4t2xPdtknT8M9Symv5F3D4pT5nkSj1pFrS11avEC6YDFQOj3ZMLsqwWGC015GurJzegeSZolvL2ccM1fdvqCB5htwtwncw_LmrD9zhh6TBpB0_C4fbVXai5YgHSgcaxDe3vJfQih0eimsvQSAj28sqNa4lBaqlQpW8kk1GWh5-2lUajNwT9dSWkUfevApkczSlv96rC-jLWAK_rZigTOapEA60H-I-dUNTotFtIPrhiQc8X-UEXlQWkigEpHI2gYYF2euCw796-NYTYNaCSAMt3r9y76WVfvbcQU0AUZDB6EgCPrYHagQhCeHnqKHnhENhNUTx2X8G4vtA4wWZU5Zy1Ncjlt8iRMPpCnmwqRV1Y_4Qq4kj4ncE0oQuj3PYehFSSGHwGSXrfG7PBx651Cg7VYCs1OhJRIMcIrD1GRa4yqxv1R0JQ83ESAlU05eY2nLa_ZnAwpFR5SHm1UVOV_1YUurXPL74gQhNE3FoaeHF9kNGyTSxii5vSxDNzS2XW60rxSxvoWW5eflyyFKR8NX_vEcIZNa0z4P4aUZiEMyqWnq6evh5B-qQzsWS1LNBj8cy1TMFJKufZi4RVXj1KAhI2BBEYiCSHH5aQDEFNqGL1MLSLSsU_PB5JMWrZKmKYu1xZMPVjMzJF9ysfUDq5Eb_RZcYcaNoeRIK8EV_W7GSVQAHVI8b8Ys2gdQdAvv2OyYn7_CxlkrsQey1ANSdWkoAS7STxMP4J9Q2RHfsy6kMMvX-IYrDyMTJwGeUyq2GSVp7BEF6u95ga6ibV3Cd-Yfzcz40GHAxk8-_Ezj06Ew1DD7wvrfk7u6L8HuK2EyJKsEOJ6dM1kgYNxJmK_tw3vF6xmc8IPunCAAZlVN57yVIvn-gcH7aDI2julaA7xv6lOgiD3hkFtl_Z6yGBfqbuECVdST972iQskVZBaAYEcEapGHNzs77sTV3n8UibGAk4oV3NaCIc_M14voU8DkIjfHYdvBTpzB59Zt3KqBZEU3IcxlAhJKvdB1XmEcg8ED8_HpTLYh5Bbr_Npmkxahyf-C1_ePzbnW3up_ZYEhvYepgKYQ8K4Qj88zrxvGPCXvymxGmyrp-ZWVqpaUQSKk_SXkgj4l4Q-myvDbMKm9-1kz9EDy2pjqkEeXqDOynOk6TSDG1hf_Gwi8kgTvfvLXP0TNZB-k_YtbyiuikOrGtUlIe5dBqmFhmOrXMCk_U_mshM7C1IZhgogM6QBWZMn2e3NypD7q2oG0OjvHG4pKiZvu_3cJRWl1EBR2VoWFxmC8mQqz58MtA9CTz_YC0q2F2aTHQoLmPVzNi16hhrelBHuvPSXfERrSTWxwtpkHiWt3mz5vhMxcpTDN0ak4HUxROc2Jq_hRd4xM9Id-JU4esBuWGshW6FkTnSb_OQDJN5YHkkr42LrLh5OHZRA-XEJfvbvj3ahFPCV14T2X-yRWrn14v9LlyUXFnDfGFhPpiMA0BpUbdd_wnkzFi2fCUq8pAgJ-vHujiDWRAIGfR1diMPwN37Ug8aIuV9ksN5Dx_bKqRhP9lfVkvJaJBBMeliFiWVsiabfOgQirD0Vp92WMd2nZOf917fzoHsjLrimji-0ALc2c92OoIQfaKfbbcOn0lKx36jwf1PX5QfiYgMjUdROtGB_EBtl_blA7pZpdMsvGpvW4tHwlauqGFvw9JmEoA1sHPClOR6rfa3DabmitFRRfkc8LRK720jIBDC9PqKCn1tQ1MBTsTZIOiGsQPMwehz9J4T_LncqjnzyqvusF3b3Q5_uvoIA8tBOXHAMLnI652qurn4yC1Av3x1Crs_omquz6s0pweWC9MycuM7OYvmGbHTK7xpziMbSpSQ1VTis8bBoAhuxWnZZPZdqd26QHKvna4T6D_D1gAAmPY0MZ3DmXNp2WZkkmMtsQUaeCZotIjcjLCVe6M2ihPnJS7LRfRMVxy83yKTIRcbdllv3uNZ-0o_hkiHlrWUqrZyUYBmclWbrmpR6jap9Q9JBkK8F08tSBY-MVLELNaSw-73pZ2Q8-QzuSzrWMcMX9-3IV0yhZpdzNdBTrDQ-gri9E7V8ZpkU4MhlcIwb6O7JHgE2sGi9rFe5_V1GdVcZvQ-XWvCNkX9ZxQ093R1Ecw0eaHLAb7GS8beg2&cid=CAQSTwDICaaNG3vMA_QP7P8FB2FmUKrz1CDgzaaTnxyq7OduoBnseZOAWk8rDi3lByt08ABVpoVuBTP2awOMikWuz5x7rffmF_5kXqWvzJ4Bx2oYAQ&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftbcguias.com%2F&ds=l&xdt=1&iif=1&cor=6276092089463945000&adk=497053795&idt=36&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c16c19807a8341d46e55028bd0ca8502ef595fc5c9f2f780d71cbe11354633b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 01:13:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38735
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 61E2 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63167
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 Nov 2023 07:40:28 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/ Frame 61E2 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CBw-2-yhI2xMuFduT0R9EDeOhoiyxR8EFS5CuxnTqq8OhakhtaXWtNIYAw_jvPqq26J4MFa86qxp9TEnHGHGONCZzo0u65IDQaLRW_Lu_RpCmOIOu_xjIo5NyEB1vOEnTqH35c2XiSnmB0h5LMRov2UQwgY0-_5NmW0zRur2ePdJlsWtWqPQNylTO51Wv2UozrT0Gh&cry=1&dbm_d=AKAmf-Buqg1TNGvzp-wFfkeP9CUm94ChwAK6MnZ7vF5BQZum84HaeX1SXz8Kr8cmd8NOyvHwsAU63lXcSKPhp1bkfUMFfD7dFHnxJpLMOsiZPZIv-qYdAjIqzrVTpSVLRaUEvoxHK0NWzZydSynXRSamr_IdTr_o6t--t2vRn4SVWKzuAxZBqr6Ui9Sct_RG-1C1OkpwIdmD8LK7V9IuHA0L7xnWT0_jLAnZ6oirwpzdNOGh1YoJ9D6XxJCWEpbZGr8BEHkELMBCzMYJNG_WcMpfceEahI1Fu6vPIV2F-3zKTyzWEx1ACe2S4FWx2-v5sEt2tUXX08UW1pSQKBouARNLaW_d9F8PYnHLHTfQKCr4wdR0tVj24_vvCjnVTy76AWZE7mV3Fi4WMTsoAtGjaimEMvRBDDUOrowi2r6vRo9sSP3sMuab_Cn3jOQidV-YLDB_7c9W7036Ts0ceEJsZK0aqbdaChoixXbekBanmrRyscUf6GsPCDYB3T3DIX5Ej38G6hsA-a1vBagzeV4iIVJw8hUfueMKTN1xZ6CZ8cOQKyl9DZ_kVLYp_K9bwG1EmFBxun_1kI9qMfD4C2QdrUZDDU8E90nrIHUpyleMMFmo14c-5-bCWip4HR2hTf7KReEsx95Ao3DTxAYMsuZVY7k-kF-TjMyGbT3_gSYmyrd97C2b3j_13jKo46CMoyN_7gXYbKs-yMl6LJr0WuCoxdKc2MQniOqSXs4863LpYbE2JhLKSSBmQGvySnJRN6razBLrWlW7jClWOPTEK9yrToopWPqzGAcARk_2V3zeCDiHoNCyL5sP4kT7JTXi9852Hg0VAYiY4V5GKI9U0B-mlkkdNuNMxiwwDpvLms46mPosIZAAZRsL9GwZIPGw1VxVPGn1MA9FIEEflZhBul5d4OEvB3pj8oq2igYd2M0xHR0vKcUqsG7oqUM3OO36IycUEoReZ83hWOR8QGu15wzzIBak6mUt44DpppcwNsNq9Tl-qyDvZqAZFTikI8aZHRm5Y40zKpCE1D87L3D45jlb9Pv7k8HtT8vN94Q-RSkA8BFpjov22FxWuQaQApT_UsQFdF0NqgBZQ8wPh_9nqvC2vAGyhHV0-dkHbQMoJVeTiFNmCVDiv5Sxb1Oc4zd4HF1mhgbKc8PEk4FJGEsxUWi7bBmClEr5UZbsI4Zq1sMVwAOTLYCl_xHHdJOPWWExUODByBsb0B660PpwdCvaf1PQwyvK-4h27P9CFtyuBRcINkLWgsZUR-q4Rh0rcDnZzbrxXV-Aj6sh2KYV0l2j5DZLqW5593McE4AIioQRakoSGZEC7SQe65Gr5NGKyqLtJVOSIxsFunHWWvPGSsUURi8kXlKhcyK-0hnZOSbCU5__HV-Gd5Qkv61KbROqU3GRZJr7dmTlyddHTL6ddFOuOCbhBkpEjOOw3ifiPhVZpSl-6n1YxFhHcp5ZR8MyRP7krSQKPXw2hr7f_tjBK7wdrlR9bP8-mhOIB2GtWZqv6ITxY2HPchLCSW_5_yueQx69JcBvzWbrq8dLyV0ppfKgvqLNN_epaDa9gh-LfHvEgi2E5XBZquaGeS-4t2xPdtknT8M9Symv5F3D4pT5nkSj1pFrS11avEC6YDFQOj3ZMLsqwWGC015GurJzegeSZolvL2ccM1fdvqCB5htwtwncw_LmrD9zhh6TBpB0_C4fbVXai5YgHSgcaxDe3vJfQih0eimsvQSAj28sqNa4lBaqlQpW8kk1GWh5-2lUajNwT9dSWkUfevApkczSlv96rC-jLWAK_rZigTOapEA60H-I-dUNTotFtIPrhiQc8X-UEXlQWkigEpHI2gYYF2euCw796-NYTYNaCSAMt3r9y76WVfvbcQU0AUZDB6EgCPrYHagQhCeHnqKHnhENhNUTx2X8G4vtA4wWZU5Zy1Ncjlt8iRMPpCnmwqRV1Y_4Qq4kj4ncE0oQuj3PYehFSSGHwGSXrfG7PBx651Cg7VYCs1OhJRIMcIrD1GRa4yqxv1R0JQ83ESAlU05eY2nLa_ZnAwpFR5SHm1UVOV_1YUurXPL74gQhNE3FoaeHF9kNGyTSxii5vSxDNzS2XW60rxSxvoWW5eflyyFKR8NX_vEcIZNa0z4P4aUZiEMyqWnq6evh5B-qQzsWS1LNBj8cy1TMFJKufZi4RVXj1KAhI2BBEYiCSHH5aQDEFNqGL1MLSLSsU_PB5JMWrZKmKYu1xZMPVjMzJF9ysfUDq5Eb_RZcYcaNoeRIK8EV_W7GSVQAHVI8b8Ys2gdQdAvv2OyYn7_CxlkrsQey1ANSdWkoAS7STxMP4J9Q2RHfsy6kMMvX-IYrDyMTJwGeUyq2GSVp7BEF6u95ga6ibV3Cd-Yfzcz40GHAxk8-_Ezj06Ew1DD7wvrfk7u6L8HuK2EyJKsEOJ6dM1kgYNxJmK_tw3vF6xmc8IPunCAAZlVN57yVIvn-gcH7aDI2julaA7xv6lOgiD3hkFtl_Z6yGBfqbuECVdST972iQskVZBaAYEcEapGHNzs77sTV3n8UibGAk4oV3NaCIc_M14voU8DkIjfHYdvBTpzB59Zt3KqBZEU3IcxlAhJKvdB1XmEcg8ED8_HpTLYh5Bbr_Npmkxahyf-C1_ePzbnW3up_ZYEhvYepgKYQ8K4Qj88zrxvGPCXvymxGmyrp-ZWVqpaUQSKk_SXkgj4l4Q-myvDbMKm9-1kz9EDy2pjqkEeXqDOynOk6TSDG1hf_Gwi8kgTvfvLXP0TNZB-k_YtbyiuikOrGtUlIe5dBqmFhmOrXMCk_U_mshM7C1IZhgogM6QBWZMn2e3NypD7q2oG0OjvHG4pKiZvu_3cJRWl1EBR2VoWFxmC8mQqz58MtA9CTz_YC0q2F2aTHQoLmPVzNi16hhrelBHuvPSXfERrSTWxwtpkHiWt3mz5vhMxcpTDN0ak4HUxROc2Jq_hRd4xM9Id-JU4esBuWGshW6FkTnSb_OQDJN5YHkkr42LrLh5OHZRA-XEJfvbvj3ahFPCV14T2X-yRWrn14v9LlyUXFnDfGFhPpiMA0BpUbdd_wnkzFi2fCUq8pAgJ-vHujiDWRAIGfR1diMPwN37Ug8aIuV9ksN5Dx_bKqRhP9lfVkvJaJBBMeliFiWVsiabfOgQirD0Vp92WMd2nZOf917fzoHsjLrimji-0ALc2c92OoIQfaKfbbcOn0lKx36jwf1PX5QfiYgMjUdROtGB_EBtl_blA7pZpdMsvGpvW4tHwlauqGFvw9JmEoA1sHPClOR6rfa3DabmitFRRfkc8LRK720jIBDC9PqKCn1tQ1MBTsTZIOiGsQPMwehz9J4T_LncqjnzyqvusF3b3Q5_uvoIA8tBOXHAMLnI652qurn4yC1Av3x1Crs_omquz6s0pweWC9MycuM7OYvmGbHTK7xpziMbSpSQ1VTis8bBoAhuxWnZZPZdqd26QHKvna4T6D_D1gAAmPY0MZ3DmXNp2WZkkmMtsQUaeCZotIjcjLCVe6M2ihPnJS7LRfRMVxy83yKTIRcbdllv3uNZ-0o_hkiHlrWUqrZyUYBmclWbrmpR6jap9Q9JBkK8F08tSBY-MVLELNaSw-73pZ2Q8-QzuSzrWMcMX9-3IV0yhZpdzNdBTrDQ-gri9E7V8ZpkU4MhlcIwb6O7JHgE2sGi9rFe5_V1GdVcZvQ-XWvCNkX9ZxQ093R1Ecw0eaHLAb7GS8beg2&cid=CAQSTwDICaaNG3vMA_QP7P8FB2FmUKrz1CDgzaaTnxyq7OduoBnseZOAWk8rDi3lByt08ABVpoVuBTP2awOMikWuz5x7rffmF_5kXqWvzJ4Bx2oYAQ&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftbcguias.com%2F&ds=l&xdt=1&iif=1&cor=6276092089463945000&adk=497053795&idt=36&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:00:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
11582
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 22:00:13 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/ Frame 61E2 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CBw-2-yhI2xMuFduT0R9EDeOhoiyxR8EFS5CuxnTqq8OhakhtaXWtNIYAw_jvPqq26J4MFa86qxp9TEnHGHGONCZzo0u65IDQaLRW_Lu_RpCmOIOu_xjIo5NyEB1vOEnTqH35c2XiSnmB0h5LMRov2UQwgY0-_5NmW0zRur2ePdJlsWtWqPQNylTO51Wv2UozrT0Gh&cry=1&dbm_d=AKAmf-Buqg1TNGvzp-wFfkeP9CUm94ChwAK6MnZ7vF5BQZum84HaeX1SXz8Kr8cmd8NOyvHwsAU63lXcSKPhp1bkfUMFfD7dFHnxJpLMOsiZPZIv-qYdAjIqzrVTpSVLRaUEvoxHK0NWzZydSynXRSamr_IdTr_o6t--t2vRn4SVWKzuAxZBqr6Ui9Sct_RG-1C1OkpwIdmD8LK7V9IuHA0L7xnWT0_jLAnZ6oirwpzdNOGh1YoJ9D6XxJCWEpbZGr8BEHkELMBCzMYJNG_WcMpfceEahI1Fu6vPIV2F-3zKTyzWEx1ACe2S4FWx2-v5sEt2tUXX08UW1pSQKBouARNLaW_d9F8PYnHLHTfQKCr4wdR0tVj24_vvCjnVTy76AWZE7mV3Fi4WMTsoAtGjaimEMvRBDDUOrowi2r6vRo9sSP3sMuab_Cn3jOQidV-YLDB_7c9W7036Ts0ceEJsZK0aqbdaChoixXbekBanmrRyscUf6GsPCDYB3T3DIX5Ej38G6hsA-a1vBagzeV4iIVJw8hUfueMKTN1xZ6CZ8cOQKyl9DZ_kVLYp_K9bwG1EmFBxun_1kI9qMfD4C2QdrUZDDU8E90nrIHUpyleMMFmo14c-5-bCWip4HR2hTf7KReEsx95Ao3DTxAYMsuZVY7k-kF-TjMyGbT3_gSYmyrd97C2b3j_13jKo46CMoyN_7gXYbKs-yMl6LJr0WuCoxdKc2MQniOqSXs4863LpYbE2JhLKSSBmQGvySnJRN6razBLrWlW7jClWOPTEK9yrToopWPqzGAcARk_2V3zeCDiHoNCyL5sP4kT7JTXi9852Hg0VAYiY4V5GKI9U0B-mlkkdNuNMxiwwDpvLms46mPosIZAAZRsL9GwZIPGw1VxVPGn1MA9FIEEflZhBul5d4OEvB3pj8oq2igYd2M0xHR0vKcUqsG7oqUM3OO36IycUEoReZ83hWOR8QGu15wzzIBak6mUt44DpppcwNsNq9Tl-qyDvZqAZFTikI8aZHRm5Y40zKpCE1D87L3D45jlb9Pv7k8HtT8vN94Q-RSkA8BFpjov22FxWuQaQApT_UsQFdF0NqgBZQ8wPh_9nqvC2vAGyhHV0-dkHbQMoJVeTiFNmCVDiv5Sxb1Oc4zd4HF1mhgbKc8PEk4FJGEsxUWi7bBmClEr5UZbsI4Zq1sMVwAOTLYCl_xHHdJOPWWExUODByBsb0B660PpwdCvaf1PQwyvK-4h27P9CFtyuBRcINkLWgsZUR-q4Rh0rcDnZzbrxXV-Aj6sh2KYV0l2j5DZLqW5593McE4AIioQRakoSGZEC7SQe65Gr5NGKyqLtJVOSIxsFunHWWvPGSsUURi8kXlKhcyK-0hnZOSbCU5__HV-Gd5Qkv61KbROqU3GRZJr7dmTlyddHTL6ddFOuOCbhBkpEjOOw3ifiPhVZpSl-6n1YxFhHcp5ZR8MyRP7krSQKPXw2hr7f_tjBK7wdrlR9bP8-mhOIB2GtWZqv6ITxY2HPchLCSW_5_yueQx69JcBvzWbrq8dLyV0ppfKgvqLNN_epaDa9gh-LfHvEgi2E5XBZquaGeS-4t2xPdtknT8M9Symv5F3D4pT5nkSj1pFrS11avEC6YDFQOj3ZMLsqwWGC015GurJzegeSZolvL2ccM1fdvqCB5htwtwncw_LmrD9zhh6TBpB0_C4fbVXai5YgHSgcaxDe3vJfQih0eimsvQSAj28sqNa4lBaqlQpW8kk1GWh5-2lUajNwT9dSWkUfevApkczSlv96rC-jLWAK_rZigTOapEA60H-I-dUNTotFtIPrhiQc8X-UEXlQWkigEpHI2gYYF2euCw796-NYTYNaCSAMt3r9y76WVfvbcQU0AUZDB6EgCPrYHagQhCeHnqKHnhENhNUTx2X8G4vtA4wWZU5Zy1Ncjlt8iRMPpCnmwqRV1Y_4Qq4kj4ncE0oQuj3PYehFSSGHwGSXrfG7PBx651Cg7VYCs1OhJRIMcIrD1GRa4yqxv1R0JQ83ESAlU05eY2nLa_ZnAwpFR5SHm1UVOV_1YUurXPL74gQhNE3FoaeHF9kNGyTSxii5vSxDNzS2XW60rxSxvoWW5eflyyFKR8NX_vEcIZNa0z4P4aUZiEMyqWnq6evh5B-qQzsWS1LNBj8cy1TMFJKufZi4RVXj1KAhI2BBEYiCSHH5aQDEFNqGL1MLSLSsU_PB5JMWrZKmKYu1xZMPVjMzJF9ysfUDq5Eb_RZcYcaNoeRIK8EV_W7GSVQAHVI8b8Ys2gdQdAvv2OyYn7_CxlkrsQey1ANSdWkoAS7STxMP4J9Q2RHfsy6kMMvX-IYrDyMTJwGeUyq2GSVp7BEF6u95ga6ibV3Cd-Yfzcz40GHAxk8-_Ezj06Ew1DD7wvrfk7u6L8HuK2EyJKsEOJ6dM1kgYNxJmK_tw3vF6xmc8IPunCAAZlVN57yVIvn-gcH7aDI2julaA7xv6lOgiD3hkFtl_Z6yGBfqbuECVdST972iQskVZBaAYEcEapGHNzs77sTV3n8UibGAk4oV3NaCIc_M14voU8DkIjfHYdvBTpzB59Zt3KqBZEU3IcxlAhJKvdB1XmEcg8ED8_HpTLYh5Bbr_Npmkxahyf-C1_ePzbnW3up_ZYEhvYepgKYQ8K4Qj88zrxvGPCXvymxGmyrp-ZWVqpaUQSKk_SXkgj4l4Q-myvDbMKm9-1kz9EDy2pjqkEeXqDOynOk6TSDG1hf_Gwi8kgTvfvLXP0TNZB-k_YtbyiuikOrGtUlIe5dBqmFhmOrXMCk_U_mshM7C1IZhgogM6QBWZMn2e3NypD7q2oG0OjvHG4pKiZvu_3cJRWl1EBR2VoWFxmC8mQqz58MtA9CTz_YC0q2F2aTHQoLmPVzNi16hhrelBHuvPSXfERrSTWxwtpkHiWt3mz5vhMxcpTDN0ak4HUxROc2Jq_hRd4xM9Id-JU4esBuWGshW6FkTnSb_OQDJN5YHkkr42LrLh5OHZRA-XEJfvbvj3ahFPCV14T2X-yRWrn14v9LlyUXFnDfGFhPpiMA0BpUbdd_wnkzFi2fCUq8pAgJ-vHujiDWRAIGfR1diMPwN37Ug8aIuV9ksN5Dx_bKqRhP9lfVkvJaJBBMeliFiWVsiabfOgQirD0Vp92WMd2nZOf917fzoHsjLrimji-0ALc2c92OoIQfaKfbbcOn0lKx36jwf1PX5QfiYgMjUdROtGB_EBtl_blA7pZpdMsvGpvW4tHwlauqGFvw9JmEoA1sHPClOR6rfa3DabmitFRRfkc8LRK720jIBDC9PqKCn1tQ1MBTsTZIOiGsQPMwehz9J4T_LncqjnzyqvusF3b3Q5_uvoIA8tBOXHAMLnI652qurn4yC1Av3x1Crs_omquz6s0pweWC9MycuM7OYvmGbHTK7xpziMbSpSQ1VTis8bBoAhuxWnZZPZdqd26QHKvna4T6D_D1gAAmPY0MZ3DmXNp2WZkkmMtsQUaeCZotIjcjLCVe6M2ihPnJS7LRfRMVxy83yKTIRcbdllv3uNZ-0o_hkiHlrWUqrZyUYBmclWbrmpR6jap9Q9JBkK8F08tSBY-MVLELNaSw-73pZ2Q8-QzuSzrWMcMX9-3IV0yhZpdzNdBTrDQ-gri9E7V8ZpkU4MhlcIwb6O7JHgE2sGi9rFe5_V1GdVcZvQ-XWvCNkX9ZxQ093R1Ecw0eaHLAb7GS8beg2&cid=CAQSTwDICaaNG3vMA_QP7P8FB2FmUKrz1CDgzaaTnxyq7OduoBnseZOAWk8rDi3lByt08ABVpoVuBTP2awOMikWuz5x7rffmF_5kXqWvzJ4Bx2oYAQ&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftbcguias.com%2F&ds=l&xdt=1&iif=1&cor=6276092089463945000&adk=497053795&idt=36&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:53:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
12013
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11894
x-xss-protection
0
server
cafe
etag
8278194740845609983
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:53:02 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 61E2 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
457687
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:05:08 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 9805 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
338075
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 26 Nov 2023 03:18:40 GMT
expires
Mon, 25 Nov 2024 03:18:40 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame A705 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3118
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 00:21:17 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js
pagead2.googlesyndication.com/bg/ Frame 9805 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 03:14:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
165505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15254
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 03:14:50 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A705
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 01:13:16 GMT
expires
Thu, 30 Nov 2023 01:13:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 01:13:16 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 61E2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsujEgVV0rhVJs_sqOIYR1f216FgcUi9_wnYIIUMfoiAtzxbGZ2lL4hkR7TtEKx8H6Hllokh0ubnhSoDVZnK_w4SMjvaiBwm5w7aYskpjHd_3kwZWpgMwYVARu-M4OKRjPGjSVGZ89f-6YwReVTJ0PN-KFSlZdtMVvW-_2_bQVjjpp8a4zUVfgSrW0dtknI4Y5SBBC8YgowQNZVa7m2EMdNpLyOBLK3JWpx77-Sd-frBYJ7zLVDQc2gva4C75qt7eryFHG4RwK0orrY6SJ9xeX5U5SGlVg-0uN_pJsofQFCXSODckhruERCCVWx5w7HGfLqI-OXu9Tc_an92R_y8ervuWrr7gkb8lS8dpaoMZtuiqrigrVPKmvRwdmdPm2_FbleQ57VPPEWrxGsQw6zOwa0G5LwWRfeQCzsDQGp4brOb6pp3rC8GEL-htEiYw54K179EyNeZVKhHPag_UBG9Qr1O4WV5bEuVMiS0RSfuutX7NXSkX0dowb67gwecTQbQFyVyNZ2ajlUwz_m088I_2LnnWYmaWFrdGAhdKOC-5sVoybMhOzzn_CQB8i8RhN1-sfpworRiS1_ZM_VCKvBU_2eCaN2ioSyV66CKmYlFtQnqHBqEHaiXA0p-KCnT0u3gmQryNrtdVlNK5hJeDClu5Yjudma7ObAwoQSdWLqEfsrVbRPHT-wqBGbvYLVm5_lvV9S-K_Rua-X41JXJjX_Dj_Mo3waTeJ_1L-xs5m5_lL4Wma4piS2bEQbLUJNM26cqpw24I_2fOEq_CY1VO9DsT8yL64zMOkduWKu3IeeRU349jdLGRxXWwwZKE74mnZO_-U2KPG33oXmpfCORORm9k7qB2jeAApfJMR-B9tcvnIs2E2JIV7oUmsFveUlDdL1l2-vt5wDGKyPtHjBZz0h9XeakDPSqdHzjGpPQ-8ewkxIppe3laVtm3pPMD_CG_MFEMeVwZyYcLGZdq2gbenFqtpZ0UByvdsmcpvCsny_e8QiByRDr9nv0xykA8NnzyWQgiLw-mUYahFIeUkPyuU7gBPA7pah_FENAtLKs9AOfxiO-4g5HwJk2MdZfsL7ppSuAu30iCQGP1dw7uJkQ6VwSrrIrc1EQBthBsY1szUfP9YcHFTGbigY_YZzehMZaDn9lt6k3If7x4hX8GyK1Rc9XSC-M5xE7BFURK2827-o5aJFO8Cv_a776MuDjnUWY8NVsX1ePN6mjIA9w5_9uWyrJKKGEHxwCJWZ8zcRvXto4I_pn0mgfHQqYCvMiVr_C48grMUQ&sai=AMfl-YRhuPyR5JOi4iaukGpKKtWlbQ6OPzkFaI0tcTlGxp8iICzNK45vD1QPbYTkHbGWmAqPsxWXCPkYK6ZngN1Nu8lS476uKZd0tFog5Wwnm9XHZp-ywJvAi97T5eI6UO1aM3KpSK3MkLjS8FvJ9yoewkNMr0GDqepe7MQiIua1ZYEeva4ZjTI1o78Y_t1k-FSv3QXcWOQGVIVPU7Qp9h6zHNkOInQ5YModnc7U3Prdih_7WvONGsj9fe1hW8KtKwnusNBrWBQrsMa0wf80bglTwMDOiTyjeRsU-pW9nsSbrA&sig=Cg0ArKJSzKK6J-7xxgfGEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=531&cbvp=1&cisv=r20231128.14145&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 30 Nov 2023 01:13:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
1537447134052382249
s0.2mdn.net/simgad/ Frame 61E2 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1537447134052382249
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2569e9f622ebb731ab40439c9fdb8f873667a2e05ab04e42a544709b4b54a054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:08:18 GMT
x-content-type-options
nosniff
age
29098
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22079
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 08:40:42 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Nov 2024 17:08:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E48B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoYCAQqFG15c2lkaWFfcmVsZWFzZV9wcm9kCg0QKyEAAAAAAAAcQDAECg0QAyEAANDMzCiCQDAECg0QDSEAAAAAmpm5PzAECgkQHioDMHgwMAQKCRAZKgMweDAwBAoNECshAAAAAAAAIkAwBAoNEBAhAAAAAAAAAAAwBAoNEBEhAAAAAPAa9UAwBAoNEBIhAAAAAAAAIEAwBAoNEBMhAAAAAAAACEAwBAoNEBchAAAAAAAEhkAwBBIaQ0lpZmt0bkY2b0lERlFTZV9RY2RrWFVKYXciGnRleHQvdmFuaWxsYV90ZXh0X2Nsb3NlX3YyKAM=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 01:13:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 61E2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsujEgVV0rhVJs_sqOIYR1f216FgcUi9_wnYIIUMfoiAtzxbGZ2lL4hkR7TtEKx8H6Hllokh0ubnhSoDVZnK_w4SMjvaiBwm5w7aYskpjHd_3kwZWpgMwYVARu-M4OKRjPGjSVGZ89f-6YwReVTJ0PN-KFSlZdtMVvW-_2_bQVjjpp8a4zUVfgSrW0dtknI4Y5SBBC8YgowQNZVa7m2EMdNpLyOBLK3JWpx77-Sd-frBYJ7zLVDQc2gva4C75qt7eryFHG4RwK0orrY6SJ9xeX5U5SGlVg-0uN_pJsofQFCXSODckhruERCCVWx5w7HGfLqI-OXu9Tc_an92R_y8ervuWrr7gkb8lS8dpaoMZtuiqrigrVPKmvRwdmdPm2_FbleQ57VPPEWrxGsQw6zOwa0G5LwWRfeQCzsDQGp4brOb6pp3rC8GEL-htEiYw54K179EyNeZVKhHPag_UBG9Qr1O4WV5bEuVMiS0RSfuutX7NXSkX0dowb67gwecTQbQFyVyNZ2ajlUwz_m088I_2LnnWYmaWFrdGAhdKOC-5sVoybMhOzzn_CQB8i8RhN1-sfpworRiS1_ZM_VCKvBU_2eCaN2ioSyV66CKmYlFtQnqHBqEHaiXA0p-KCnT0u3gmQryNrtdVlNK5hJeDClu5Yjudma7ObAwoQSdWLqEfsrVbRPHT-wqBGbvYLVm5_lvV9S-K_Rua-X41JXJjX_Dj_Mo3waTeJ_1L-xs5m5_lL4Wma4piS2bEQbLUJNM26cqpw24I_2fOEq_CY1VO9DsT8yL64zMOkduWKu3IeeRU349jdLGRxXWwwZKE74mnZO_-U2KPG33oXmpfCORORm9k7qB2jeAApfJMR-B9tcvnIs2E2JIV7oUmsFveUlDdL1l2-vt5wDGKyPtHjBZz0h9XeakDPSqdHzjGpPQ-8ewkxIppe3laVtm3pPMD_CG_MFEMeVwZyYcLGZdq2gbenFqtpZ0UByvdsmcpvCsny_e8QiByRDr9nv0xykA8NnzyWQgiLw-mUYahFIeUkPyuU7gBPA7pah_FENAtLKs9AOfxiO-4g5HwJk2MdZfsL7ppSuAu30iCQGP1dw7uJkQ6VwSrrIrc1EQBthBsY1szUfP9YcHFTGbigY_YZzehMZaDn9lt6k3If7x4hX8GyK1Rc9XSC-M5xE7BFURK2827-o5aJFO8Cv_a776MuDjnUWY8NVsX1ePN6mjIA9w5_9uWyrJKKGEHxwCJWZ8zcRvXto4I_pn0mgfHQqYCvMiVr_C48grMUQ&sai=AMfl-YRhuPyR5JOi4iaukGpKKtWlbQ6OPzkFaI0tcTlGxp8iICzNK45vD1QPbYTkHbGWmAqPsxWXCPkYK6ZngN1Nu8lS476uKZd0tFog5Wwnm9XHZp-ywJvAi97T5eI6UO1aM3KpSK3MkLjS8FvJ9yoewkNMr0GDqepe7MQiIua1ZYEeva4ZjTI1o78Y_t1k-FSv3QXcWOQGVIVPU7Qp9h6zHNkOInQ5YModnc7U3Prdih_7WvONGsj9fe1hW8KtKwnusNBrWBQrsMa0wf80bglTwMDOiTyjeRsU-pW9nsSbrA&sig=Cg0ArKJSzKK6J-7xxgfGEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=588&vt=11&dtpt=57&dett=3&cstd=585&cisv=r20231128.14145&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/ Frame 4CD2 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1d8a676e1b06a26849c1fb6873b8193c52b5d3e56b23c9c5788bc60f8e53940
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
354537
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2145
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 25 Nov 2023 22:44:19 GMT
expires
Sun, 24 Nov 2024 22:44:19 GMT
last-modified
Wed, 19 Oct 2022 08:40:39 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
createjs.min.js
code.createjs.com/1.0.0/ Frame 4CD2 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/index.html?ev=01_250
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.50.131.85 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-85.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 01:13:16 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Thu, 30 Nov 2023 01:28:16 GMT
ffxiv_paladin_playfree_polygon_728x90.js
s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/ Frame 4CD2 		78 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/ffxiv_paladin_playfree_polygon_728x90.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e1c83ee2e27235b9bd2142f2c02ccbb4da4e0235ee816315e20c5b73e5128ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:10:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28950
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8176
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 08:40:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Nov 2024 17:10:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9805 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BdWLTq-FnZa_MGoSrjuwP372K0AEAAAAAOAHgBAI&bg=!JySlJGvNAAaGYW-ApmE7ADQBe5WfOHqfiwZdQcizCAqtHBctOAyJFc1XDB0w0-_ixnZKHOaRMioB_6LYghVui_fcUPbwAgAAAKtSAAAAAWgBB5kDBwzdLYJN-fqFXre0KKx5_tZgjGdxu_6jZzJmT7J1RRXXho0B4Jo6hTDWrelpFCmHnAW8WaT7JZyF-3qAYnOqSArC8PzF3T72oBuP6iAJqJ7ZeZzZPGBH4XaWxHLZLtis5OLjHt3l0MK0osF0G_6-_YMR6LGMDxXwy7y00zlfCxJXRWF29oolqj1hNZsKe4BsmEnTiMGS-P159yAKao5Xf5zTR_ZoKFG2Wnxb4bF_CJgmuiEZ02mf44z19m6oem8R04VrQGngsVWJuE9ieen5ZBTxRi6QSfi9Gjx35-AU1E54LLZ7NKW9mL17YDCVnsP6HAhQ56haSdhgwRXvsf8tgcvdrKTZNXE5rrDdQEE0WopLAoIVMi9cXoG02GntcQ-hJEbHL1IVWa7rxSvaciz-jlrghobMgY4lwfq1TYTKTDUk2qQvsWaaN2p5N0Vn0Fyv2brfSXjrIwhTB4g5JV0Zl47urLNxkHEcw1chc1dhlEvUnF7jDOUhz4tP8fkmGuaXRL-eECB3OLU3b8DLOROeTdKQG2P4yvhhPH5RxWAEgZxE_zEu0_KJq-Gy_EpabnhT-bocqVz2Il3PMSRH4qR2OiXb1wgFRlfpGLtYXW3ovrRVnV5e_XszjXhmodc6hXsmB19u6_Jr8BqI5eCWJixW0ddeCuhmOVy1OlYorTJMiT65G_cPDu3r9ofD4XFZwhdd72ASPekonjHHHFpkmH9yd5VgKcsiQJ5U68yYStVWsNjHF5pySIBACj6csCCBaqn87fxw2oHB3bkqen8LxPEeQqIGfRQhh1-hZ3oKvvlrpChIK0gVi1wXBqPymwHytM4ldJZ2idWNatTl7gfARUSHDocejAlHcYcnBp0ou3XCGeJL1iFZ81X8vR9XsAKyPxnsXYfqtNMIOgJxzJgh0WwfPx8q3pXbGu_sqdiVLxhqK1ioklqOcNlEdYowzuCFBqE-5dgOOG_Lkt5FxBE2glaiGs3IrbDghhHZ8wLOy7A8tLkALcnC6JPu2Hq5vb-Gcd1KIWt-U0dYsAk
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 01:13:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js
pagead2.googlesyndication.com/bg/ Frame F49A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4eb4e63b89c3a63555afd424180e8f44f0d362dc5e8c5edacbab9c035706b363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 09:42:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
55862
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15224
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Nov 2024 09:42:14 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E48B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoYCAQqFG15c2lkaWFfcmVsZWFzZV9wcm9kCg0QFCEAAAAAgJT1QDAECg0QFSEAAAAAAAAmQDAECg0QFiEAAAAAAAAQQDAECg0QGCEAADQzMyGRQDAECg0QMiEAAAAAAAAAADAECg0QMyEAAAAAAAAAADAECg0QNCEAAAAAAAAAADAECg0QNSEAAAAAAAAAADAECg0QNiEAAAAAAAAAADAECg0QNyEAAAAAAAAAADAECg0QOCEAAAAAAAAAADAECg0QOSEAAAAAAAAAADAECg0QOiEAAABAMzPTPzAECg0QOyEAAABAMzPTPzAECg0QPCEAAABAMzPTPzAECg0QPSEAAADAmZnZPzAECg0QPiEAAADAmZnZPzAECg0QPyEAAADAmZnZPzAECg0QQCEAAADAmZnZPzAEEhpDSWlma3RuRjZvSURGUVNlX1FjZGtYVUphdyIadGV4dC92YW5pbGxhX3RleHRfY2xvc2VfdjIoAw==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 01:13:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
acc1.png
s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/images/ Frame 4CD2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/images/acc1.png?1650317226884
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46beb13171b1c199c6205ce7aead5aeaf8228e4402144f8a221083302cb4da9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:10:46 GMT
x-content-type-options
nosniff
age
28950
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3610
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 08:40:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Nov 2024 17:10:46 GMT
acc2.png
s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/images/ Frame 4CD2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/images/acc2.png?1650317226884
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bbf0ae73514ccb915d3f49411a05ca8c0d7c632274180fd96ff5a6155b3ec1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:10:46 GMT
x-content-type-options
nosniff
age
28950
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2706
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 08:40:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Nov 2024 17:10:46 GMT
bgStars.jpg
s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/images/ Frame 4CD2 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/images/bgStars.jpg?1650317226884
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
545ac5bb2778303ad5aee35e6cc675a92fe18534803d210c98fa4fc38ef3f06f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 19:25:23 GMT
x-content-type-options
nosniff
age
280073
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16813
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 08:40:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Nov 2024 19:25:23 GMT
ctaBox.png
s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/images/ Frame 4CD2 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/images/ctaBox.png?1650317226884
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd9fd0ac012be75c9aa70df91996db4bde0c525ee435a949fbabf8817246601b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:10:46 GMT
x-content-type-options
nosniff
age
28950
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6284
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 08:40:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Nov 2024 17:10:46 GMT
ctaOver.png
s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/images/ Frame 4CD2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/images/ctaOver.png?1650317226884
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1afe8070a5a7864b38c8d17dcd91e9c3f8f05ce67591cb28c5faab39eb5065db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 22:44:19 GMT
x-content-type-options
nosniff
age
354537
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2626
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 08:40:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Nov 2024 22:44:19 GMT
dude.png
s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/images/ Frame 4CD2 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/images/dude.png?1650317226884
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b94eee85d561f78827aaaaa54ca863744167358d0d72f107e5efaad43270365
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 22:44:19 GMT
x-content-type-options
nosniff
age
354537
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14356
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 08:40:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Nov 2024 22:44:19 GMT
legal.png
s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/images/ Frame 4CD2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/images/legal.png?1650317226884
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3db1fbdb6fa3e50de31ea6111a67436301920009efcf15de212ccd95548aa73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 22:44:19 GMT
x-content-type-options
nosniff
age
354537
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4190
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 08:40:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Nov 2024 22:44:19 GMT
logo.png
s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/images/ Frame 4CD2 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/images/logo.png?1650317226884
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3998fd7460c0b4d2e7628c33f62b60dcf6852ba1c4f55f389021660bf2912a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:10:47 GMT
x-content-type-options
nosniff
age
28949
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5114
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 08:40:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Nov 2024 17:10:47 GMT
txt1.png
s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/images/ Frame 4CD2 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/images/txt1.png?1650317226884
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a001c28825f1b00f9f5d130fbd3ad15ef518d70d55167266294d378ea881af07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:40:07 GMT
x-content-type-options
nosniff
age
9189
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4846
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 08:40:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Nov 2024 22:40:07 GMT
txt1_shine.png
s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/images/ Frame 4CD2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/images/txt1_shine.png?1650317226884
Requested by
Host: tbcguias.com
URL: https://tbcguias.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cd277482e0aa9ed87a6cbb6f6faa9f265c363e2a046ae46bedbb75e31be2809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12919139710813454893/728x90_FFXiV_Pal_PlayFree_ENG_PEGI_Accolade_HTML5/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 22:44:20 GMT
x-content-type-options
nosniff
age
354536
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7380
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 08:40:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Nov 2024 22:44:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 61E2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=586278898760&version=m202309260101&ct=119&x=1&cor=6276092089463945000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 01:13:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture object| tpGatewayBackground object| tpGatewayBackgroundBlackout object| tpGateway object| tpGatewayButton object| customText boolean| versionPixelFired function| __tp_init_gateway function| setInitCookie function| checkGwd function| __tp_show_gateway function| firepx function| scrollEventThrottle function| getCookie function| getPageLength object| gatewayURL boolean| tpGwjsonpg object| Sk object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint object| $dbTooltips object| _wpemojiSettings undefined| $ function| jQuery function| google_spfd number| google_unique_id object| google_sv_map function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| swv object| wpcf7 object| PT_CV_PUBLIC object| PT_CV_PAGINATION object| tocplus object| alxMediaMenu object| o object| orgAssignedStyles string| orgInlineStyles number| checkElement object| $listenerElement number| orgElementTop number| viewport object| twemoji object| wp object| google_llp object| googletag

15 Cookies

Domain/Path Name / Value
.dr0.biz/ Name: uuid
Value: 9f423739-98b8-4559-90a6-161a2766881e
.doubleclick.net/ Name: APC
Value: AfxxVi4A1J3Ai-v8e4kSBHNM-knS0BKmzaN_pTMX6kKZH2QrjK37kQ
.casalemedia.com/ Name: CMID
Value: ZWfhq8nrNQmkx9kidwCkpwAA
.casalemedia.com/ Name: CMPS
Value: 2200
.casalemedia.com/ Name: CMPRO
Value: 2200
.adnxs.com/ Name: uuid2
Value: 8791553982195385426
.squareenix.commander1.com/ Name: tc_cj_v2
Value: ~%24.%2B%27%7B4ZZZ~1MPJZZZKQJKMJPQSOJJJZZZpc_q
.squareenix.commander1.com/ Name: tc_cj_v2_cmp
Value: %21%213%241y%21-%20%20%2F-%24%7B%27y%29%27G%7C%20%29%27y%25%20%27%274%21%24.%23
.squareenix.commander1.com/ Name: tc_cj_v2_med
Value: %7D%2B%7By%2B-%2A%28%2A%2F%20~
.commander1.com/ Name: TCID
Value: 202311300213153240201408
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?'HBzM:!@wnfH8K6pQK`!5=E<*L5?%KBdsDLYlL[-ji+'4hidnS@i-J]:?MO4Zv8e3t*bpRz*qF1`*b_e`*+V$S
.tbcguias.com/ Name: __gads
Value: ID=a80ab75be557804b:T=1701306794:RT=1701306794:S=ALNI_Mbs87L418F2o4GN_YYSIRsaa0KEXQ
.tbcguias.com/ Name: __gpi
Value: UID=00000cfd48ba802b:T=1701306794:RT=1701306794:S=ALNI_MYADCKLZg-jyYKD8s4aQNj-SqLjXg
.doubleclick.net/ Name: IDE
Value: AHWqTUn9erN4qJJAomOmN0_IinLCr7M7KN7dnUcshqp0EBdU7KqhS32FMbzLCNc2s1I
.doubleclick.net/ Name: DSID
Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.g.doubleclick.net
code.createjs.com
dr0.biz
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
s0.2mdn.net
squareenix.commander1.com
tbcguias.com
tpc.googlesyndication.com
wowclassicdb.com
www.google.com
www.googletagservices.com
www.gstatic.com
104.18.36.155
142.250.184.198
142.250.185.100
142.250.185.226
142.250.185.98
142.250.186.131
142.250.186.162
142.250.186.98
172.217.16.195
172.217.18.2
185.177.92.30
188.114.97.3
216.58.206.33
216.58.212.170
23.50.131.85
2a00:1450:4001:81c::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
35.181.207.186
37.252.173.215
66.225.201.222
011ad521ff57a8b1fcfe247f472bedca23ab7714d16aaa9d81fbf339540017cd
017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7
06fe93f1d30a411e76e08c41463baf1e396c7b1941ce2c338177b09ba9118c3b
089253e7cbb4519bfd3fbd4362018b9b60cbbdad59eb458e080d913bd609b01f
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0cd277482e0aa9ed87a6cbb6f6faa9f265c363e2a046ae46bedbb75e31be2809
0f1d403b3b8eacfe9aef956c3b702ada7ea7c159df31fb61b4407918dde4e306
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
12f4f7fb93722d457d7d05c39dbc49dbcf8810380f4e1af28ce4a7debdaadf83
136e4411b8b080f4732dc18481e765a3ba212a97da94941b52aaca83192471b0
138111372ed731e91cad7e74d480383a3b48effe1ef65d530a1b139b348deee1
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1953299cdc224a1e90b368abaf1b86165d1274646703ad77acbac30f9d084274
1ab0ed127c025f5b645459a729bfc0cb9ec673ebb2bab1d82d2acd5352b5e8ec
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1afe8070a5a7864b38c8d17dcd91e9c3f8f05ce67591cb28c5faab39eb5065db
254d80a49d0c9fced2fd0c272e7b868ca726df8189dc9c5735c56a33e7853dfc
2569e9f622ebb731ab40439c9fdb8f873667a2e05ab04e42a544709b4b54a054
29ac11b866b20f17242bdff6076537a14e60f213ef8deb1c56794ff61da4b30a
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e1c83ee2e27235b9bd2142f2c02ccbb4da4e0235ee816315e20c5b73e5128ab
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3b94eee85d561f78827aaaaa54ca863744167358d0d72f107e5efaad43270365
3dc0bc2b534e4bde8b4eba93fe618d4c13250708d8236979ea7a1aed051b4a35
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
465b778467f1f6b0c5dbbc4c6e426ad7f5a62d913e3ef2e660e52ca1cfea4b44
46beb13171b1c199c6205ce7aead5aeaf8228e4402144f8a221083302cb4da9c
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bbf0ae73514ccb915d3f49411a05ca8c0d7c632274180fd96ff5a6155b3ec1d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f
4eb4e63b89c3a63555afd424180e8f44f0d362dc5e8c5edacbab9c035706b363
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53a1f093280aaec2586ed60c8bea1f5a25d7d0e7a3dd312c46d43a2625054a24
545ac5bb2778303ad5aee35e6cc675a92fe18534803d210c98fa4fc38ef3f06f
546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
6429909bf68ec41701554447500d22a148b84fbbda50bd3ba396e6ea349bc784
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6b11c97fa853df89bf95f02a0668d1c340482ac24cef8bffc25c8a25fa7d262b
6cda7a46ef5ed00db88a86f459488c8bad65e7eae64177266fe83749826378da
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
8545f789d157443e285020e59d3ede5a7725a9ab6d03ebaa996ef57914d1685c
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
9c29ff6cb8ebb7a83af704c02a235b37fd77ce8cc48d87aaef2bfd9727fbd166
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a001c28825f1b00f9f5d130fbd3ad15ef518d70d55167266294d378ea881af07
a13f7605dd4ebd59dcaee5cd6e7f155e617917efc0d10cf1fb8114b6c121aa2f
a3998fd7460c0b4d2e7628c33f62b60dcf6852ba1c4f55f389021660bf2912a2
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
ac072dd27c304aed0dd56c0380fba8004e8d9322ef5d5fe184aae4bfea8b0b9c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d8a676e1b06a26849c1fb6873b8193c52b5d3e56b23c9c5788bc60f8e53940
b3db1fbdb6fa3e50de31ea6111a67436301920009efcf15de212ccd95548aa73
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
bb3990c50b02c0b7372ba69fa708e6f17f87bb313c0cd938fa156002cb2a2aca
bc683e932f79a2eec11f258cb15966aab5abd7269f7fed443bc8a0bca5fdb046
bcd1fc77d1d8787ac24a9383e483152dc4c59dbe2367e6081029b5158e44a065
bd9fd0ac012be75c9aa70df91996db4bde0c525ee435a949fbabf8817246601b
c16c19807a8341d46e55028bd0ca8502ef595fc5c9f2f780d71cbe11354633b0
c18f5c0855f4b76c30dd796f7164f9d1bb23c2c85b070cfad938787a214a2639
c62cf063fdcf1a931187196cbbc50783ff4c9a5fbcf55ba058c77aaf28ca28b2
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cee4aeba4270819a7802448aea9f12147de41f34db51560320f1587f5137b731
cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4
e0536cc90d7811581269d7df684e906ab15d2eaa062fe0721168f9b2320278f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4adb0336f1dfe75eab5c87d264c95f99ad586ae3e4faf346b16c970eefcd090
e517f42c40f6296b1fda2970d47c3bead2c9135c9fb77b7b1ea0b8206a9a4946
e9c192213ba7bb4810e7deed54503893e20d44361bfbc81621a661107caaca03
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f134232a9a19dd6ab40fd09f335cb368f4441e2573462dea23b6201274d0b70b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef