quickref.me Open in urlscan Pro
172.67.164.245  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response quickref.me/	387 KB 101 KB	272ms 226ms	Document text/html	172.67.164.245 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://quickref.me/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.164.245 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ade11197cf7c5b7ff55f4479f56e9732e3829d0d011c657696e89f3e7ae2655e Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 88ed0da58ba83a73-FRA content-encoding br content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' content-type text/html date Wed, 05 Jun 2024 03:25:04 GMT last-modified Fri, 08 Sep 2023 13:16:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy no-referrer-when-downgrade report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UBUeQscTBhxNll%2FMP6%2BubAtLV39T3tKDA%2BERaiqmkTQitx1VmEl3%2BFExrppUe%2Fi0DxgnIr%2BjILjb97lXugxok%2FHYmDAvj4MHa%2BARjQOs2O%2FP2plQOoJnkrl1LVhYSg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H3	200	style.css quickref.me/css/	80 KB 19 KB	234ms 234ms	Stylesheet text/css	172.67.164.245 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://quickref.me/css/style.css?_v=1694179016929 Requested by Host: quickref.me URL: https://quickref.me/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.164.245 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 515f1784b508b907affe83991e0a87f34bbc2de965254f0a1b3aad632da6152e Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 03:25:04 GMT content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED content-encoding gzip alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 08 Sep 2023 13:16:52 GMT server cloudflare etag W/"64fb1ec4-13f33" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HOSR4eZowmFBd%2F8gtOoN8fEDb%2FB0DPX0co0C6FhCCEO%2BHoqAe9yf7Z7u0gzLmt%2BAKue382OWOKTy40geU0HTrmPT1%2FbKuNCQoPu6tiFmsPKlJVM97uAQYn280cgsVQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 cf-ray 88ed0da6fd053a73-FRA
GET H2	200	js Show response www.googletagmanager.com/gtag/	247 KB 88 KB	107ms 47ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-6FCTS6QCRB&_v=1694179016929 Requested by Host: quickref.me URL: https://quickref.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5e24848648411bbc8a02f5289020a6e9d770e23c27d0562aef7da58d7128f59b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 03:25:04 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 89567 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 05 Jun 2024 03:25:04 GMT
GET H2	200	ramp_config.js Show response cdn.intergient.com/1024914/74234/	36 KB 7 KB	109ms 22ms	Script application/javascript	2600:9000:2250:d200:12:4abd:d340:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/1024914/74234/ramp_config.js?_v=1694179016929 Requested by Host: quickref.me URL: https://quickref.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:d200:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 9a0680333a85fd54e489df59f40671914c26d7f37de0aa3a3efddf50be705789 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 07:19:04 GMT content-encoding br via 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA60-P2 age 72360 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=600, public, must-revalidate x-amz-cf-id 1tK2aFI_S6OoYILIGx-OULM6BIheKPn1qzOjLY2Afd2j2d6YMAN0iA==
GET H3	200	reference img.shields.io/github/stars/Fechin/	3 KB 2 KB	241ms 204ms	Image image/svg+xml	172.67.173.89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.shields.io/github/stars/Fechin/reference?style=social Requested by Host: quickref.me URL: https://quickref.me/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.173.89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd060e0e79ef0f48f576aeffe37d815fd9e6cd05a99c7eff0bf25f442de5fa08 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 03:25:04 GMT via 2 fly.io content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 fly-request-id 01HZK6VH4E5H5YTJ6AJVEY2SV8-fra last-modified Wed, 05 Jun 2024 02:22:14 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t82M%2FmASAcF%2B6S3vWyamEaIl2f%2B0jNJLiHqqR8tJlJEri7bqm2HdYoMCcAzt3o0DL%2FMNbzSlY8qUmsKcJjWjwoXTRE4pxaaPWW1IpiBxS8nZj3GynEGgla1P16tP39KTVw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml;charset=utf-8 access-control-allow-origin * cache-control max-age=900, s-maxage=900 cf-ray 88ed0da73ce35d4c-FRA expires Wed, 05 Jun 2024 03:40:04 GMT
GET H3	200	/ quickref.me/	0 0	0ms 0ms	Other text/html	172.67.164.245 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://quickref.me/ Requested by Host: quickref.me URL: https://quickref.me/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.164.245 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 03:25:04 GMT content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 08 Sep 2023 13:16:52 GMT server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/html report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UBUeQscTBhxNll%2FMP6%2BubAtLV39T3tKDA%2BERaiqmkTQitx1VmEl3%2BFExrppUe%2Fi0DxgnIr%2BjILjb97lXugxok%2FHYmDAvj4MHa%2BARjQOs2O%2FP2plQOoJnkrl1LVhYSg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 88ed0da58ba83a73-FRA
POST H2	204	collect region1.google-analytics.com/g/	0 251 B	84ms 28ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-6FCTS6QCRB&gtm=45je4630v9118129293za200&_p=1717557904704&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1379525925.1717557905&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717557904&sct=1&seg=0&dl=https%3A%2F%2Fquickref.me%2F&dt=QuickRef.ME%20-%20Quick%20Reference%20Cheat%20Sheet&en=ramp_js&_fv=1&_nsi=1&_ss=1&_ee=1&ep.pageview_id=1717557904704&tfd=576 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-6FCTS6QCRB&_v=1694179016929 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 05 Jun 2024 03:25:04 GMT server Golfe2 content-type text/plain access-control-allow-origin https://quickref.me cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	514 Show response a.ad.gt/api/v1/u/matches/	13 KB 4 KB	724ms 668ms	Script application/javascript	2606:4700:10::6816:545 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.ad.gt/api/v1/u/matches/514?url=https%3A%2F%2Fquickref.me%2F&ref= Requested by Host: quickref.me URL: https://quickref.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e08b264b621e397765612eb9bd975a8f9bf0eb6f9d5f469a8ddeacaff1149bd1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 03:25:05 GMT content-encoding gzip cf-cache-status STALE last-modified Wed, 05 Jun 2024 03:12:48 GMT server cloudflare vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cross-origin-resource-policy cross-origin cf-ray 88ed0da93e2c92a2-FRA
GET H2	200	ramp_core.js Show response cdn.intergient.com/	2 KB 1 KB	54ms 35ms	Script application/javascript	2600:9000:2250:d200:12:4abd:d340:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/ramp_core.js?_v=1694179016929 Requested by Host: quickref.me URL: https://quickref.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:d200:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash a299996e06a9b1ff8a450001ec4e58d3c302704f7f8e484d64ea7a8458ef257e Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 03:25:04 GMT content-encoding br via 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA60-P2 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript x-lambda-function us-east-1.pageos_production:447 cache-control max-age=600, public, must-revalidate x-amz-cf-id qPe0HKEA5-K43v-zmQXvPfjGvGPF0ac4Tss8ZCy3AiwHzYRFejP7bA==
GET H3	200	main.js Show response quickref.me/js/	16 KB 7 KB	223ms 223ms	Script application/javascript	172.67.164.245 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://quickref.me/js/main.js?_v=1694179016929 Requested by Host: quickref.me URL: https://quickref.me/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.164.245 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 24e2e5711f3c8eb3f55c7b809d8fe6408c10de1a823d28fa586950691d0ca071 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 03:25:04 GMT content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED content-encoding gzip alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 08 Sep 2023 13:16:52 GMT server cloudflare etag W/"64fb1ec4-4165" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VwlEcUob29mSU6fp8iu97LLicy0exSNNAsO5o2RoFHNq5dB8%2FlELcQsUR2evPjbYQGiJaV6b3lYNFcLvXDSqyrR6KkKbTPZ4KXLJ8i0D0JwFzVVjFFtTZzKgxy7wgQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 cf-ray 88ed0da8d8253a73-FRA
GET H3	200	72654f14c1b7f69569ef61fb8.js Show response ballsbanana.com/scripts/bc7c8e949e0c4/	67 KB 24 KB	104ms 62ms	Script text/javascript	104.18.25.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ballsbanana.com/scripts/bc7c8e949e0c4/72654f14c1b7f69569ef61fb8.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/1024914/74234/ramp_config.js?_v=1694179016929 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3037aeb423026fb92f768fc7cb91439fd63a8b2774c94a4f11603f0ec01ccf0 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 03:25:04 GMT content-encoding zstd via 1.1 google strict-transport-security max-age=15724800; preload cf-cache-status MISS x-buildnumber 1299687404 alt-svc h3=":443"; ma=86400 server cloudflare x-datacenter gce-europe-west1 etag "ba4ec3a8e8b9585dded98e37d9d1bac40b6baf9d4b87f78805dfa2bda3dd108f" x-buildname hoothoot vary Accept-Encoding, Accept-Language x-hostname fen-hoothoot-europe-west1-xmqk content-type text/javascript; charset=utf-8 cache-control private, must-revalidate, max-age=21600 timing-allow-origin * cf-ray 88ed0da96bf535f3-FRA
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	96 KB 30 KB	78ms 35ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/1024914/74234/ramp_config.js?_v=1694179016929 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash f774583778907b1cdfe49c3941943f706129dcb2dae513af38788fb1c9da71a7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 03:25:04 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31047 x-xss-protection 0 server cafe etag 20 / 19879 / m202405300101 / config-hash: 12088212102230092860 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Wed, 05 Jun 2024 03:25:04 GMT
GET H2	200	prebid.js.br Show response cdn.intergi.com/prebid/	517 KB 132 KB	107ms 23ms	Script text/javascript	2600:9000:211e:8000:14:2602:6e80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.intergi.com/prebid/prebid.js.br Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/1024914/74234/ramp_config.js?_v=1694179016929 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211e:8000:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4694888192060d9c76853e91975d822483ea4e49a5f5862a04c2ec48cd939fa3 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id .bgLU0oToLnk_5KeTETGeIYdj8VcPjcE content-encoding br via 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront) date Tue, 04 Jun 2024 22:03:52 GMT last-modified Wed, 08 May 2024 13:47:23 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 19949 x-amz-server-side-encryption AES256 etag "a549219bf8fdd0fb8bf2fc47072ff907" x-cache Hit from cloudfront content-type text/javascript accept-ranges bytes content-length 134715 x-amz-cf-id WPZwwj5zcwepEKtt6M296i13rRkpGZXAxmdBbtETWh1ziQKiyXV5BQ==
GET H2	200	pageos.js Show response cdn.intergient.com/pageos/1.10.46/	399 B 780 B	20ms 19ms	Script text/javascript	2600:9000:2250:d200:12:4abd:d340:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/pageos/1.10.46/pageos.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/ramp_core.js?_v=1694179016929 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:d200:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7892fadadb8e7dc6005d9bc757b6a559ff7a4c75334d324e1320e87fa0da9145 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 07:16:37 GMT via 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront) last-modified Thu, 23 May 2024 19:45:03 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 age 72508 etag "b2fb502fba489442f2a20e5890c4b0ed" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes content-length 399 x-amz-cf-id zLI37YG3VCHVqYjSAJ_48dWTkX3sqSVnBj2oyXpQuYAAlzM9X6uQTQ==
GET H2	200	runtime.cb18e0142c15af1a3527.js Show response cdn.intergient.com/pageos/1.10.46/	3 KB 2 KB	20ms 19ms	Script text/javascript	2600:9000:2250:d200:12:4abd:d340:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/pageos/1.10.46/runtime.cb18e0142c15af1a3527.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.10.46/pageos.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:d200:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e5a9acca4fb5e305393ef6ce2b2e7dfd4abf6f1fb8edffd3ad96fe455526c32d Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 07:16:37 GMT content-encoding br via 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront) last-modified Thu, 23 May 2024 19:45:03 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 age 72508 etag W/"753c84dfe2645ae315009fc4dddbf4c2" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=31536000 x-amz-cf-id N2A6q4301CQTJiPf6PHFPzqlOzNVlA1P7AqzGfj7FsT5JzSYqhhKCA==
GET H2	200	main.a0700daea0a54d04e651.js Show response cdn.intergient.com/pageos/1.10.46/	193 KB 57 KB	23ms 23ms	Script text/javascript	2600:9000:2250:d200:12:4abd:d340:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/pageos/1.10.46/main.a0700daea0a54d04e651.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.10.46/pageos.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:d200:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fbca39f5590771458309fff1b15cf3303fc25b27706f45adcd3b1b28e0b0010d Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 07:16:37 GMT content-encoding br via 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront) last-modified Thu, 23 May 2024 19:45:03 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 age 72508 etag W/"c0ec7649d09188a34bede9014a388536" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=31536000 x-amz-cf-id b-bKl8bizhuT-fK8Rw4OoBaPFPVwnjrNqaWALsf0_OqFFvzMMQ20Qg==
GET H2	200	videoCard.5ed8eb34c11835040def.js Show response cdn.intergient.com/pageos/1.10.46/	559 B 938 B	20ms 20ms	Script text/javascript	2600:9000:2250:d200:12:4abd:d340:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/pageos/1.10.46/videoCard.5ed8eb34c11835040def.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.10.46/runtime.cb18e0142c15af1a3527.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:d200:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 795041923e6338abe450ff9524ef70fd40432f278f32c9c35cdbb08239574fb1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 07:16:44 GMT via 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront) last-modified Thu, 23 May 2024 19:45:03 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 age 72501 etag "6880c1609e3243c11c7b4f1285e14d89" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes content-length 559 x-amz-cf-id ZGmE4UH-hagebVvHI0OQ1CufybAdxDX_P6RmmxDSqHaU15fQ51ryrQ==
GET H2	200	iframe.html cdn.intergient.com/pageos/1.10.46/iframe/ Frame 7C80	0 0	77ms 21ms	Document text/html	2600:9000:2250:9a00:12:4abd:d340:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/pageos/1.10.46/iframe/iframe.html Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.10.46/main.a0700daea0a54d04e651.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:9a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://quickref.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes age 72508 cache-control public, max-age=31536000 content-length 498 content-type text/html date Tue, 04 Jun 2024 07:16:37 GMT etag "c0a9148e169edcf6fe662e4d2aa9c142" last-modified Thu, 23 May 2024 19:45:03 GMT server AmazonS3 via 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront) x-amz-cf-id _qO-aXVpyvELWXz9NdWEjcnrJWjSg5T6CMQ409iRU5SV8dWwh4ukuQ== x-amz-cf-pop FRA60-P2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront
GET H2	200	batchHandler.24515460e260d851db2e.js Show response cdn.intergient.com/pageos/1.10.46/	4 KB 2 KB	22ms 21ms	Script text/javascript	2600:9000:2250:d200:12:4abd:d340:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/pageos/1.10.46/batchHandler.24515460e260d851db2e.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.10.46/runtime.cb18e0142c15af1a3527.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:d200:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8ecc04237e7d70f3057450ad0ab2ef4c24fcb7705d3b61d924c42aa41485e1df Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 07:16:38 GMT content-encoding br via 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront) last-modified Thu, 23 May 2024 19:45:03 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 age 72507 etag W/"a357943e64a1e54d4fca88f11587fb25" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=31536000 x-amz-cf-id OpGDvyPMnpntHbg4eyIdHH0Lpuu0uMJt71B5KpSxWy5ke5alLMNZoQ==
GET H2	200	gdpr.67979b9dcc23304ee655.js Show response cdn.intergient.com/pageos/1.10.46/	5 KB 2 KB	23ms 22ms	Script text/javascript	2600:9000:2250:d200:12:4abd:d340:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/pageos/1.10.46/gdpr.67979b9dcc23304ee655.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.10.46/runtime.cb18e0142c15af1a3527.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:d200:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 089f12de226200daa189d5bf5b73422e1c286b169b990242569037337707aab9 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 07:16:44 GMT content-encoding br via 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront) last-modified Thu, 23 May 2024 19:45:03 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 age 72501 etag W/"f95a9c4b1bc61653121ead19347b6490" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=31536000 x-amz-cf-id gzEbWY7l1L-PolgfjmGKGPupsBxxdbMXK1pOoO8qWYL9N1X2Bb6MgQ==
GET H2	200	GDPR Show response impression-inferences-edge-prod.playwire.com/websites/74234/v1/Tue/23/desktop/Chrome/	591 B 926 B	108ms 44ms	XHR application/json	18.66.192.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://impression-inferences-edge-prod.playwire.com/websites/74234/v1/Tue/23/desktop/Chrome/GDPR Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.10.46/main.a0700daea0a54d04e651.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-106.muc50.r.cloudfront.net Software CloudFront / Resource Hash 072585d4f9ce7edd1cfeaf40bf45de0041576a82b0e800b58eb8104e5c47b58b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 03:23:41 GMT via 1.1 badff53d2116a4b3d32a2dd1eb918a48.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop MUC50-P1 age 84 x-cache Hit from cloudfront content-type application/json access-control-allow-origin * access-control-expose-headers * cache-control max-age=3600, public, must-revalidate content-length 591 x-amz-cf-id 1lxMbRWC3mE5r4i061_J7k1E_8MPeeJgTxKCtCJ2nSEuRF58bHypIw==
GET H2	200	tag Show response btloader.com/	104 KB 30 KB	88ms 31ms	Script application/javascript	2606:4700:10::6816:4ad8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://btloader.com/tag?o=5150306120761344&upapi=true Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.10.46/main.a0700daea0a54d04e651.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad7b42164f53bca3e06d297f5d8863b24a55db96fccad303a7ad7175f16c1d95 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 03:25:05 GMT content-encoding gzip via 1.1 google cf-cache-status HIT last-modified Wed, 05 Jun 2024 02:37:04 GMT server cloudflare age 2707 etag "a08dcbf031935f364768c6d886286f54" vary Origin, Accept-Encoding content-type application/javascript cache-control public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300 accept-ranges bytes cf-ray 88ed0daa5b1c39e0-FRA content-length 29989
GET H2	200	moatheader.js Show response z.moatads.com/playwireprebidheader597261727146/	114 KB 43 KB	100ms 27ms	Script application/x-javascript	184.30.17.133 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/playwireprebidheader597261727146/moatheader.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.10.46/main.a0700daea0a54d04e651.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-17-133.deploy.static.akamaitechnologies.com Software / Resource Hash 0b9385e02eb700e334675403ba0822637003fbeb50583f18a4a4a9121e4f7b60 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-content-type-options nosniff date Wed, 05 Jun 2024 03:25:05 GMT content-md5 cjVIG7ARlfXfN5VfA9ykBA== storage-tier Standard content-length 43167 opc-meta-btime 2024-04-22T05:23:36Z opc-meta-mtime 1713763416 last-modified Mon, 22 Apr 2024 21:18:38 GMT opc-request-id iad-1:FJ8IsGdkeWXnNP9EdwQuyJ-e9H23xQgZl6fqxSDpfxJL1lFaSB4pqPIl8UQ7rszL x-api-id native etag 8a97064e-7cbc-429e-85f5-49f78753ed29 vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type application/x-javascript version-id 404e9696-0589-4a6d-8258-efd500705153 access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options cache-control max-age=52879 access-control-allow-credentials true accept-ranges bytes
GET H2	200	pixel.gif px.moatads.com/	43 B 265 B	99ms 27ms	Image image/gif	184.30.17.133 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif Requested by Host: quickref.me URL: https://quickref.me/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-17-133.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers unused62 8096267 pragma no-cache date Wed, 05 Jun 2024 03:25:05 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Wed, 05 Jun 2024 03:25:05 GMT
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/	460 KB 144 KB	21ms 21ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash cb00a860660974b25947b756849035378feb8893f3699e16d391cabbf8374f2d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 19:31:04 GMT content-encoding br x-content-type-options nosniff age 28440 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 147019 x-xss-protection 0 server cafe etag 3255905288585425474 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Wed, 04 Jun 2025 19:31:04 GMT
GET H2	200	aws-sdk-kinesis.min.js.br Show response cdn.intergient.com/pageos/js/libs/	227 KB 57 KB	23ms 22ms	Script text/javascript	2600:9000:2250:d200:12:4abd:d340:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js.br Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.10.46/batchHandler.24515460e260d851db2e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:d200:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 07:16:39 GMT content-encoding br via 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront) last-modified Tue, 15 Feb 2022 19:02:54 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 age 72507 etag "575b9635960fa1d9b7ba4dafe1d2e7f5" x-cache Hit from cloudfront content-type text/javascript accept-ranges bytes content-length 57858 x-amz-cf-id Zuo-yd15HJJbIwarFtpsIpMQ3heJcRuWxHx8TC6ioVSt24Nowh7hQQ==
GET H2	200	skeleton.gif static.adsafeprotected.com/	43 B 482 B	102ms 24ms	Image image/gif	2600:9000:26da:d800:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.adsafeprotected.com/skeleton.gif?adspot_id=ehojo_728x90_ Requested by Host: quickref.me URL: https://quickref.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:d800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 01:29:51 GMT x-amz-version-id iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja via 1.1 455035b7b3ab5f564b775e2968249d3e.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P4 age 6915 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 43 last-modified Mon, 17 Aug 2020 23:55:15 GMT server AmazonS3 etag "45cf913e5d9d3c9b2058033056d3dd23" content-type image/gif cache-control max-age=315360000 accept-ranges bytes x-amz-cf-id LYBzVKrw5cuExf_Gi-W8G7uZRhcbxKicC2ZHFUeFTgQzqVnyhhiKyQ==
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	305 KB 76 KB	105ms 28ms	Script application/javascript	18.173.193.224 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: cdn.intergient.com URL: https://cdn.intergient.com/pageos/1.10.46/main.a0700daea0a54d04e651.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.193.224 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-193-224.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 38ddbe47a6c50552223935c9c5553c3cb17292cfc08b33d4d2c40c45baf2174c Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 03:15:34 GMT content-encoding gzip via 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront), 1.1 de8b46af7190cc021fd8b12be6996a2e.cloudfront.net (CloudFront) last-modified Tue, 28 May 2024 21:30:43 GMT server AmazonS3 x-amz-cf-pop FRA60-P1, MUC50-P4 age 572 x-amz-server-side-encryption AES256 etag W/"7e37c61c24c4f874b286570f1eebc0ea" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 x-amz-cf-id szHWDL0VP27EpYHxJNfVv3kOdVdrDjv7iiDy4WclsyJyfbURilSFaA==
GET H2	204	state Show response api.btloader.com/mw/	0 101 B	194ms 134ms	Fetch	130.211.23.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/mw/state?bt_env=prod Requested by Host: btloader.com URL: https://btloader.com/tag?o=5150306120761344&upapi=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Wed, 05 Jun 2024 03:25:05 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 vary Origin
GET H2	200	px.gif ad-delivery.net/	43 B 921 B	85ms 26ms	Image image/gif	2606:4700:20::681a:246 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=2 Requested by Host: quickref.me URL: https://quickref.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 03:25:05 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 105403 x-guploader-uploadid ABPtcPoL0XC8KArbJKu6QSTO5pu3I7XO1ez8eat0_1lzuzKPQaVq7bmvAaf7dM4JhcAllFEoxdxPFL7-Zw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 5 x-goog-stored-content-encoding identity content-length 43 last-modified Wed, 05 May 2021 19:25:32 GMT server cloudflare etag "ad4b0f606e0f8465bc4c4c170b37e1a3" vary Accept-Encoding x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== x-goog-generation 1620242732037093 content-type image/gif access-control-allow-origin * access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=In5vjofgghHD%2B6IF7zbCqz5ICE0zPVZQE0OAuMvZOzR5keBtAi5Ip6qaH%2F9pHCQ7dIHXCFBjxe8Yzzb3rKyBRp%2FVMrv1MzFgVsH%2BlilwWniZmtLmLWZu4P5opLtcmflvGFBLUQax2DrPThx6CQ%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 43 accept-ranges bytes cf-ray 88ed0daaf987bb32-FRA expires Mon, 03 Jun 2024 22:33:32 GMT
GET H3	200	favicon.ico ad.doubleclick.net/	1 KB 130 B	80ms 23ms	Image image/x-icon	172.217.16.198 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 Requested by Host: quickref.me URL: https://quickref.me/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.198 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s08-in-f6.1e100.net Software sffe / Resource Hash d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 14:07:08 GMT content-encoding gzip x-content-type-options nosniff age 47877 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 104 x-xss-protection 0 last-modified Tue, 08 May 2012 13:08:06 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/x-icon access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 05 Jun 2024 14:07:08 GMT
GET H2	200	px.gif ad-delivery.net/	43 B 338 B	86ms 27ms	Image image/gif	2606:4700:20::681a:246 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=1&e=0.7777366144889997 Requested by Host: quickref.me URL: https://quickref.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 03:25:05 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 105403 x-guploader-uploadid ABPtcPoL0XC8KArbJKu6QSTO5pu3I7XO1ez8eat0_1lzuzKPQaVq7bmvAaf7dM4JhcAllFEoxdxPFL7-Zw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 5 x-goog-stored-content-encoding identity content-length 43 last-modified Wed, 05 May 2021 19:25:32 GMT server cloudflare etag "ad4b0f606e0f8465bc4c4c170b37e1a3" vary Accept-Encoding x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== x-goog-generation 1620242732037093 content-type image/gif access-control-allow-origin * access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hYhoEi%2FEf6Mtj0dnG5Hmv5Vr7pg12btMpEmNye0Un%2BM3xfcRR19I%2FOgZ4PNgtJOF4pMBfLAadLYZagsSXz4pIwiEyIoFy9e4K0DQ7XrtETCtchtBVc7ZT3a23rNE9NaV2rS7f8yDQ8%2BWOGjJkA%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 43 accept-ranges bytes cf-ray 88ed0daaf988bb32-FRA expires Mon, 03 Jun 2024 22:33:32 GMT
GET H2	200	154013155 Show response fundingchoicesmessages.google.com/i/	192 KB 64 KB	113ms 58ms	Script application/javascript	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/154013155?ers=3 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f0d827503121b99bf8e001e616c2605dfdc4001de8b1d567c0b2699321203c16 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-OFm7YGmITDuvDMmg_DuCaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 03:25:05 GMT content-security-policy script-src 'report-sample' 'nonce-OFm7YGmITDuvDMmg_DuCaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzj8tDikmLw1ZBiOO90h-k6EBtoPGeyAGKJry-ZtIDYKX0GawgQ-9TPYI0D4tab51inA3HSv_OsJUDc_vkC60wgFuLmmLj1_yY2gRMLvwQoaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRiYGRjrGRjHFxgAANnVMvA" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	v2 Show response mb.moatads.com/yi/	875 B 1 KB	225ms 69ms	Script text/html	130.162.160.243 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t7Ra.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2MIJ%2B%7BK%24%3D!%2509.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-%2Be3%2BgxJkDqqRb9TZjaOdT2EB%2BBOA3JNdQP%2Fi2v2zr%2Bdj46WSY9fIj4B2PAB1iav4pxs%3D&rs=1-kd5aRxmAS248Xw%3D%3D&sc=1&os=1-fA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=20&qd=20&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fquickref.me%2F&pcode=playwireprebidheader597261727146&rx=526859305031&callback=MoatNadoAllJsonpRequest_70416153 Requested by Host: z.moatads.com URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software istio-envoy / Resource Hash 21db5eecdd7fcbe6ac681c212331736b415069bf493485e53adb76118a4c7209 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 03:25:05 GMT server istio-envoy etag "4b60a2206cea18ed5f387fbade99d35757c8051e" content-type text/html; charset=UTF-8 cache-control max-age=900 x-envoy-upstream-service-time 29 timing-allow-origin * content-length 875
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	91ms 34ms	XHR application/javascript	18.173.193.224 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.193.224 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-193-224.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE content-encoding gzip via 1.1 0a93e5f50864322b5cd49038d9c83154.cloudfront.net (CloudFront) date Tue, 04 Jun 2024 04:00:17 GMT x-amz-cf-pop MUC50-P4 age 84289 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 29 Feb 2024 02:13:08 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id Q-AjBXj3kmJLA2NY0AQEYxA16bepp2Yo7vHh68ojf7sqYx_VMLNw9g==
GET H2	200	AGSKWxUljFTbfQH_pmCK1hXHFqg75PdXrykWgJPRrmYrUyKav-COgap3e4eKhORRNfACXsGg7yhsGinhOw3c8yXsXyqeHtU1EVLjpc_wR3eGnb1yz6ANJY4TOjIrei0TLkBEZVgTBaF3GA== Show response fundingchoicesmessages.google.com/f/	633 KB 84 KB	126ms 126ms	Script application/javascript	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxUljFTbfQH_pmCK1hXHFqg75PdXrykWgJPRrmYrUyKav-COgap3e4eKhORRNfACXsGg7yhsGinhOw3c8yXsXyqeHtU1EVLjpc_wR3eGnb1yz6ANJY4TOjIrei0TLkBEZVgTBaF3GA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE3NTU3OTA1LDI1NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9xdWlja3JlZi5tZS8iLG51bGwsW1s4LCJTWi1YUXVKbzNITSJdLFs5LCJkZSJdLFsyMCwiW251bGwsbnVsbCxbOTUzMjk4NDNdLG51bGwsNF0iXSxbMTksIjEiXSxbMTcsIlswXSJdXV0 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.SZ-XQuJo3HM.es5.O/am=AAM/d=1/rs=AJlcJMy_fmkVf_zXVyTZCAgL1nGwPU1ZMA/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0707d8fefc29052d816501d412139ad84e0b09ad55396b23578a8a5066596a84 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-IReBH-75B4-ToeG1J2fQnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 03:25:05 GMT content-security-policy script-src 'report-sample' 'nonce-IReBH-75B4-ToeG1J2fQnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj8tHikmJw15BiWMy_i-m80x2m60BsoPGcyQKIJb6-ZNICYqf0GawhQOxTP4M1Dohbb55jnQ7ESf_Os5YAcfvnC6wzgViIh2Pi1v-b2AQ6Gn6tYVTSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMTAzMNYzMI4vMAAAsag0Xw" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	country Show response api.btloader.com/	37 B 162 B	135ms 135ms	Fetch application/json	130.211.23.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/country?o=5150306120761344 Requested by Host: btloader.com URL: https://btloader.com/tag?o=5150306120761344&upapi=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash 04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 03:25:05 GMT via 1.1 google vary Origin content-type application/json access-control-allow-origin * cache-control private, max-age=300, stale-while-revalidate=600, stale-if-error=600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37
GET H2	204	pv Show response api.btloader.com/	0 66 B	134ms 134ms	XHR text/plain	130.211.23.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/pv?tid=LzedboDZ&w=5094723271786496&o=5150306120761344&cv=2.1.45-3-gc22fd9c&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fquickref.me%2F&sid=RAFAj98xH3&pm=true&upapi=true Requested by Host: btloader.com URL: https://btloader.com/tag?o=5150306120761344&upapi=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Wed, 05 Jun 2024 03:25:05 GMT cache-control no-cache, no-store, must-revalidate via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 vary Origin
POST H3	200	0fffb8bc31fa96d784516d0d774de64ce59b251004c3 Show response ballsbanana.com/send/e4893e726e/	303 B 715 B	80ms 54ms	Fetch application/json	104.18.25.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ballsbanana.com/send/e4893e726e/0fffb8bc31fa96d784516d0d774de64ce59b251004c3 Requested by Host: ballsbanana.com URL: https://ballsbanana.com/scripts/bc7c8e949e0c4/72654f14c1b7f69569ef61fb8.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb7d48bd5f63ad034058c25bc79942d2f4170816ba1162628325311de4d9c53a Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 05 Jun 2024 03:25:05 GMT strict-transport-security max-age=15724800; preload via 1.1 google cf-cache-status DYNAMIC content-encoding br x-buildnumber 1299687404 alt-svc h3=":443"; ma=86400 server cloudflare x-datacenter gce-europe-west1 x-buildname hoothoot vary Accept-Encoding, Origin access-control-allow-methods POST, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://quickref.me x-hostname fen-hoothoot-europe-west1-xmqk cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie cf-ray 88ed0dac781e65ab-FRA expires Wed, 05 Jun 2024 03:25:04 GMT
POST H3	200	839eb0f15c948d2321841c1dfc4e34714112d304c20df Show response ballsbanana.com/be2131f29/	3 B 452 B	227ms 227ms	Fetch application/json	104.18.25.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ballsbanana.com/be2131f29/839eb0f15c948d2321841c1dfc4e34714112d304c20df Requested by Host: ballsbanana.com URL: https://ballsbanana.com/scripts/bc7c8e949e0c4/72654f14c1b7f69569ef61fb8.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 05 Jun 2024 03:25:05 GMT strict-transport-security max-age=15724800; preload via 1.1 google cf-cache-status DYNAMIC x-buildnumber 1299687404 alt-svc h3=":443"; ma=86400 content-length 3 server cloudflare x-datacenter gce-europe-west1 x-buildname hoothoot vary Accept-Encoding, Origin access-control-allow-methods POST, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://quickref.me x-hostname fen-hoothoot-europe-west1-xmqk cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie cf-ray 88ed0dacd86965ab-FRA expires Wed, 05 Jun 2024 03:25:04 GMT
GET H2	200	css fonts.googleapis.com/	109 KB 6 KB	79ms 32ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.SZ-XQuJo3HM.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyDcv6lUwOaDM87LBSgpBhTbYfujw/m=web_iab_tcf_v2_wall_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 11904530b1336ffc595e931bec74bfae902a8bd03ebdd4633111ccb87c5602c5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Wed, 05 Jun 2024 03:25:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 05 Jun 2024 03:25:05 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 05 Jun 2024 03:25:05 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 48 KB	73ms 22ms	Font font/woff2	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: quickref.me URL: https://quickref.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Origin https://quickref.me Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 00:50:53 GMT x-content-type-options nosniff age 95652 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 04 Jun 2025 00:50:53 GMT
GET H2	200	flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 fonts.gstatic.com/s/materialicons/v142/	125 KB 126 KB	102ms 52ms	Font font/woff2	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 Requested by Host: quickref.me URL: https://quickref.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Origin https://quickref.me Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 14:10:34 GMT x-content-type-options nosniff age 47671 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 128352 x-xss-protection 0 last-modified Mon, 08 Apr 2024 19:04:47 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 04 Jun 2025 14:10:34 GMT
POST H3	204	AGSKWxUef4SCeupFSn2vD8m3Z8A6saeie5Xz7LqMwmJ-XOG9h614GbWRYRv4XIXgVGavQmixWtKCytjvyjpjlmJ6-PhGRvFOMioN2AJxWX7um3io-gPfVtMDS8Y7hfZ5vZKZc-hTeNTu8g== Show response fundingchoicesmessages.google.com/el/	0 29 B	95ms 44ms	XHR text/html	142.250.185.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUef4SCeupFSn2vD8m3Z8A6saeie5Xz7LqMwmJ-XOG9h614GbWRYRv4XIXgVGavQmixWtKCytjvyjpjlmJ6-PhGRvFOMioN2AJxWX7um3io-gPfVtMDS8Y7hfZ5vZKZc-hTeNTu8g== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.SZ-XQuJo3HM.es5.O/am=AAM/d=1/rs=AJlcJMy_fmkVf_zXVyTZCAgL1nGwPU1ZMA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-d3KP4U1i-CAzJ_oBjWCtXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain Response headers date Wed, 05 Jun 2024 03:25:05 GMT content-security-policy script-src 'report-sample' 'nonce-d3KP4U1i-CAzJ_oBjWCtXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0JBicEqfwRoCxEI8HBO3_t_EJnDh4c8-JiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBmYKxnYBJfYAAA4aAjGQ" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://quickref.me access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxUef4SCeupFSn2vD8m3Z8A6saeie5Xz7LqMwmJ-XOG9h614GbWRYRv4XIXgVGavQmixWtKCytjvyjpjlmJ6-PhGRvFOMioN2AJxWX7um3io-gPfVtMDS8Y7hfZ5vZKZc-hTeNTu8g== Show response fundingchoicesmessages.google.com/el/	0 29 B	86ms 35ms	XHR text/html	142.250.185.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUef4SCeupFSn2vD8m3Z8A6saeie5Xz7LqMwmJ-XOG9h614GbWRYRv4XIXgVGavQmixWtKCytjvyjpjlmJ6-PhGRvFOMioN2AJxWX7um3io-gPfVtMDS8Y7hfZ5vZKZc-hTeNTu8g== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.SZ-XQuJo3HM.es5.O/am=AAM/d=1/rs=AJlcJMy_fmkVf_zXVyTZCAgL1nGwPU1ZMA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-p7OkmVbBPsJwWdsf4XrhRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain Response headers date Wed, 05 Jun 2024 03:25:05 GMT content-security-policy script-src 'report-sample' 'nonce-p7OkmVbBPsJwWdsf4XrhRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0pBicEqfwRoCxEI8HBO3_t_EJnCg-14Xk5JLUn5hfHJ-XklqXoluYkqxLohdlJlUWpJfhMJOLQOpyMlPT8_MS483MjAyMTAzMNYzMIkvMAAAvAEilg" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://quickref.me content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	fuse_6.4.6.js Show response quickref.me/js/	22 KB 8 KB	37ms 36ms	Script application/javascript	172.67.164.245 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://quickref.me/js/fuse_6.4.6.js Requested by Host: quickref.me URL: https://quickref.me/js/main.js?_v=1694179016929 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.164.245 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 227dc237b65445027834bc62afbd220f4bdf89bc50cc452f2bf539114167854f Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 03:25:05 GMT content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT age 333557 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 08 Sep 2023 13:16:52 GMT server cloudflare etag W/"64fb1ec4-59fb" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EetuaTyolW%2BLNNxBA6EPYQceMMavZbz%2F7bQTtaTiGQdMXybaG2g2oPgeVL5lCvsvdsBQQti4OkmT69MPgcioAVcTQ9YWA7ZMumYiqWlR1K2KQK2gx%2Bws5lsieQVosA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=604800 cf-ray 88ed0dae5b903a73-FRA expires Sat, 08 Jun 2024 06:45:48 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	274 KB 94 KB	37ms 36ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-6SZEXN62V8&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-6FCTS6QCRB&_v=1694179016929 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7965aef0f5987489a161c1e66df8c4f89ddc9e81a06eea12f2acdfd7213ad725 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 03:25:05 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 96485 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 05 Jun 2024 03:25:05 GMT
GET H2	200	monetization.custom.js Show response m.servedby-buysellads.com/	21 KB 7 KB	113ms 26ms	Script application/javascript	2600:9000:26da:5400:12:352e:e540:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.servedby-buysellads.com/monetization.custom.js Requested by Host: quickref.me URL: https://quickref.me/js/main.js?_v=1694179016929 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:5400:12:352e:e540:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 576de5bf46026c9eb0fc8e07adae16ac8a912e3ddb4c535a255b89a8143a92e5 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 02:40:49 GMT content-encoding gzip via 1.1 c318f6c5edde4e7ab2b9ba2243b14b28.cloudfront.net (CloudFront) last-modified Wed, 08 May 2024 18:33:13 GMT server AmazonS3 x-amz-cf-pop MUC50-P4 age 5397 x-amz-server-side-encryption AES256 etag W/"83e9652e7ed8e17d20782e3f28406bfc" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id r8fCfC5c679gAG5y4blUD_S3pVhA2gu0ieTyj9gMu29oJ2g9s_BWqw==
GET H3	200	favicon.png quickref.me/images/	3 KB 4 KB	220ms 220ms	Other image/png	172.67.164.245 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://quickref.me/images/favicon.png?v=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.164.245 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4ac4bc517a02ac53013a6ca55af3ed62e473b311c0be25db399774f85da118e Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 03:25:05 GMT content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED alt-svc h3=":443"; ma=86400 content-length 3558 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 08 Sep 2023 13:16:52 GMT server cloudflare etag "64fb1ec4-de6" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N9H5MnLrg6v2BZdChhs35QDDCBbZtkgrF%2BFNr2gEKTC76oHqn3yNh%2BjMPd%2BYCHWkc4FoRVrJfLO0M2CaeH5uwfuFM%2BVsN5ItwxJgV0hkidseAduS8dScTkA2cMpzHA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png vary Accept-Encoding cache-control max-age=14400 accept-ranges bytes cf-ray 88ed0dae6ba23a73-FRA
GET H3	200	search.json Show response quickref.me/	535 KB 164 KB	124ms 124ms	Fetch application/json	172.67.164.245 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://quickref.me/search.json?v=1.0 Requested by Host: quickref.me URL: https://quickref.me/js/main.js?_v=1694179016929 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.164.245 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef0b302f8b068586af558e49554db3ad2f69994c2591a6e39232c11238f8cf05 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 03:25:05 GMT content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC content-encoding gzip alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 08 Sep 2023 13:16:51 GMT server cloudflare etag W/"64fb1ec3-85a81" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/json report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yvdMaSklJmOzYNj2fydoBnxkeWhm135VnVh9wjdvGUSg%2Bz812QlUn%2FK%2Fsd1BFPWG1BpB69Qw%2FLHPTJcKaOWGSwFdA4CW%2FPai9Db%2BrEeMSaOSgskg16y2IeQ0EjwdOg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 88ed0dae8bd93a73-FRA
POST H2	204	collect region1.google-analytics.com/g/	0 54 B	28ms 28ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-6SZEXN62V8&gtm=45je4630v894851165za200zb9118129293&_p=1717557904704&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&cid=1379525925.1717557905&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717557905&sct=1&seg=0&dl=https%3A%2F%2Fquickref.me%2F&dt=QuickRef.ME%20-%20Quick%20Reference%20Cheat%20Sheet&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1531 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-6SZEXN62V8&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 05 Jun 2024 03:25:05 GMT server Golfe2 content-type text/plain access-control-allow-origin https://quickref.me cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	CWYDKKQL.json Show response srv.buysellads.com/ads/	0 63 B	32ms 32ms	Fetch application/json	152.42.150.143 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://srv.buysellads.com/ads/CWYDKKQL.json?segment=placement:quickrefme&v=true Requested by Host: m.servedby-buysellads.com URL: https://m.servedby-buysellads.com/monetization.custom.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 152.42.150.143 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software srv-ams3-2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" x-origin https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Referer https://quickref.me/ x-client monetization.js/20231024 (target:%23bsa_custom;template:%3Ca%20href%3D%22%23%23link%23%23%22%20class%3D%22flex%20items-center%20z-30%22%20style%3D%22animation%3A%20scale-up-center%200.4s%20cubic-bezier(0.390%2C%200.575%2C%200.565%2C%201.000)%20both%3B%22%3E%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%3Cdiv%20class%3D%22p-2%20bg-white%20dark%3Abg-slate-800%20flex%20items-center%20space-x-3%20rounded-lg%20shadow%20dark%3Ashadow-3xl%20cursor-pointer%22%3E%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%3Cdiv%20class%3D%22flex%20items-center%20rounded-lg%20h-24%20w-32%20p-2%22%20style%3D%22background-color%3A%20%23%23backgroundColor%23%23%22%3E%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%3Cimg%20src%3D%22%23%23logo%23%23%22%20alt%3D%22ads%20via%20Carbon%22%2F%3E%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%3C%2Fdiv%3E%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%3Cdiv%20class%3D%22w-40%22%3E%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%3Cp%20class%3D%22text-gray-600%20dark%3Atext-slate-300%20text-xs%20font-light%22%3E%23%23description%23%23%3C%2Fp%3E%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%3Cp%20class%3D%22text-slate-400%20dark%3Atext-slate-600%20mt-2%20uppercase%22%20style%3D%22font-size%3A%208px%22%3ESponsored%20by%20%23%23company%23%23%3C%2Fp%3E%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%3C%2Fdiv%3E%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%3C%2Fdiv%3E%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%3C%2Fa%3E;script_id:_bsa_srv-CWYDKKQL_0;platforms:desktop%2Cmobile;viewable:true) sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Wed, 05 Jun 2024 03:25:06 GMT server srv-ams3-2 access-control-allow-headers * content-length 0 vary Accept-Encoding content-type application/json; charset=utf-8
OPTIONS H2	200	CWYDKKQL.json srv.buysellads.com/ads/ Frame	0 0	236ms 31ms	Preflight	152.42.150.143 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://srv.buysellads.com/ads/CWYDKKQL.json?segment=placement:quickrefme&v=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 152.42.150.143 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software srv-ams3-2 / Resource Hash Request headers Accept */* Access-Control-Request-Headers x-client,x-origin Access-Control-Request-Method GET Origin https://quickref.me Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers access-control-allow-headers * access-control-allow-origin * content-length 0 date Wed, 05 Jun 2024 03:25:05 GMT server srv-ams3-2 vary Accept-Encoding
GET H3	200	favicon.png quickref.me/images/	3 KB 0	0ms 0ms	Other image/png	172.67.164.245 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://quickref.me/images/favicon.png?v=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.164.245 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4ac4bc517a02ac53013a6ca55af3ed62e473b311c0be25db399774f85da118e Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 03:25:05 GMT content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 3558 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 08 Sep 2023 13:16:52 GMT server cloudflare etag "64fb1ec4-de6" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N9H5MnLrg6v2BZdChhs35QDDCBbZtkgrF%2BFNr2gEKTC76oHqn3yNh%2BjMPd%2BYCHWkc4FoRVrJfLO0M2CaeH5uwfuFM%2BVsN5ItwxJgV0hkidseAduS8dScTkA2cMpzHA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png vary Accept-Encoding cache-control max-age=14400 accept-ranges bytes cf-ray 88ed0dae6ba23a73-FRA
GET H2	200	carbon.js Show response cdn.carbonads.com/	37 KB 11 KB	118ms 34ms	Script application/javascript	2600:9000:225b:7400:1c:bccb:f100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.carbonads.com/carbon.js?serve=CWYDKKQJ&placement=quickrefme Requested by Host: quickref.me URL: https://quickref.me/js/main.js?_v=1694179016929 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:7400:1c:bccb:f100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7e5643cefc4f56e241ff1305f751d197c476bf2dae181c41ecbc1dce3e97641f Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 04:15:40 GMT content-encoding gzip via 1.1 355f72364b4c8f8829ae95f886a03f56.cloudfront.net (CloudFront) last-modified Wed, 08 May 2024 18:33:11 GMT server AmazonS3 x-amz-cf-pop MUC50-P1 age 83367 x-amz-server-side-encryption AES256 etag W/"2c3859cb7ecbeacca43f6b78e29083e6" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id NAbFgKhdv5r4tjaD1erfQrydluiTP7YdH_FbrpMZCVhZV7Jg2xzDQw==
OPTIONS H2	200	CWYDKKQJ.json srv.carbonads.net/ads/ Frame	0 0	121ms 31ms	Preflight	152.42.150.143 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://srv.carbonads.net/ads/CWYDKKQJ.json?segment=placement:quickrefme Protocol H2 Security TLS 1.3, , AES_128_GCM Server 152.42.150.143 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software srv-ams3-1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers x-client,x-origin Access-Control-Request-Method GET Origin https://quickref.me Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers access-control-allow-headers * access-control-allow-origin * content-length 0 date Wed, 05 Jun 2024 03:25:06 GMT server srv-ams3-1 vary Accept-Encoding
GET H2	200	CWYDKKQJ.json Show response srv.carbonads.net/ads/	0 40 B	32ms 32ms	Fetch application/json	152.42.150.143 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://srv.carbonads.net/ads/CWYDKKQJ.json?segment=placement:quickrefme Requested by Host: cdn.carbonads.com URL: https://cdn.carbonads.com/carbon.js?serve=CWYDKKQJ&placement=quickrefme Protocol H2 Security TLS 1.3, , AES_128_GCM Server 152.42.150.143 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software srv-ams3-1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" x-origin https://quickref.me/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Referer https://quickref.me/ x-client carbon.js/20231113 (serveUrl:CWYDKKQJ;serve:CWYDKKQJ) sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Wed, 05 Jun 2024 03:25:06 GMT server srv-ams3-1 access-control-allow-headers * content-length 0 vary Accept-Encoding content-type application/json; charset=utf-8