urlscan.io logo urlscan.io
SecurityTrails logo

6.lands.ninja Open in urlscan Pro
52.3.131.13  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Effective URL: https://6.lands.ninja/?q=9b2c4lp2tx9a6fe817&s=direct-link&var=cf387211b67a75f696b4ac00f7b4e2ef&geo=DE
Submission: On September 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 5 countries across 29 domains to perform 67 HTTP transactions. The main IP is 52.3.131.13, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is 6.lands.ninja. The Cisco Umbrella rank of the primary domain is 754846.
TLS certificate: Issued by R3 on September 2nd 2023. Valid for: 3 months.
This is the only time 6.lands.ninja was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 46.105.199.75 16276 (OVH)
5 45.133.44.53 39572 (ADVANCEDH...)
6 2a06:98c1:312... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a02:b4a:1:7:... 39572 (ADVANCEDH...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1d26:877... 49544 (I3DNET)
1 1 34.192.29.125 14618 (AMAZON-AES)
5 52.3.131.13 14618 (AMAZON-AES)
1 2001:4860:480... 15169 (GOOGLE)
5 2606:4700:e6:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:e4:... 13335 (CLOUDFLAR...)
1 45.133.44.24 39572 (ADVANCEDH...)
2 157.90.84.242 24940 (HETZNER-AS)
2 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a01:4f8:c0:2... 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a01:9580:477... 49544 (I3DNET)
2 2a00:1630:771... 49544 (I3DNET)
67 27
2    2a00:1450:4001:831::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.madamtay.com
1    2606:4700:3030::ac43:d3b9 (United States)

ASN13335 (CLOUDFLARENET, US)
ajfnee.com
1    46.105.199.75 (France)

ASN16276 (OVH, FR)
richinfo.co
5    45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
js.wpadmngr.com
js.capndr.com
c83c29be12.2a17f5b615.com
6    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
asccdn.com
acscdn.com
7    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
4    2a00:1450:4001:810::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
2    2a02:b4a:1:7::9168:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
xngqoc.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1d26:8771::11 (Atlanta, United States)

ASN49544 (I3DNET, NL)
us.acedirect.net
1    34.192.29.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-29-125.compute-1.amazonaws.com
smartrnd.net
5    52.3.131.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-131-13.compute-1.amazonaws.com
6.lands.ninja
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
5    2606:4700:e6::ac40:c309 (United States)

ASN13335 (CLOUDFLARENET, US)
youradexchange.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2606:4700:e4::ac40:a213 (United States)

ASN13335 (CLOUDFLARENET, US)
a69i.com
1    45.133.44.24 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
na.nawpush.com
2    157.90.84.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de
fp.metricswpsh.com
3    2a00:1450:4001:831::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
3    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a01:4f8:c0:2306::1 (Stuttgart, Germany)

ASN24940 (HETZNER-AS, DE)
mcpuwpsh.com
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a01:9580:4771::12 (Settimo Milanese, Italy)

ASN49544 (I3DNET, NL)
eu.wenga.xyz
2    2a00:1630:771::11 (Rotterdam, Netherlands)

ASN49544 (I3DNET, NL)
eu.randomosity.xyz
Apex Domain
Subdomains		 Transfer
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
319 KB
5 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 35600
1 KB
5 lands.ninja
6.lands.ninja — Cisco Umbrella Rank: 754846
35 KB
4 google.com
accounts.google.com — Cisco Umbrella Rank: 34
www.google.com — Cisco Umbrella Rank: 2
3 KB
4 blogger.com
www.blogger.com — Cisco Umbrella Rank: 10243
175 KB
4 acscdn.com
acscdn.com — Cisco Umbrella Rank: 146031
187 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
117 KB
2 randomosity.xyz
eu.randomosity.xyz
254 B
2 wenga.xyz
eu.wenga.xyz
254 B
2 metricswpsh.com
fp.metricswpsh.com — Cisco Umbrella Rank: 38892
437 B
2 capndr.com
js.capndr.com — Cisco Umbrella Rank: 36715
22 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
5 KB
2 xngqoc.com
xngqoc.com — Cisco Umbrella Rank: 91065
2 asccdn.com
asccdn.com — Cisco Umbrella Rank: 376054
88 KB
2 wpadmngr.com
js.wpadmngr.com — Cisco Umbrella Rank: 17177
58 KB
2 madamtay.com
www.madamtay.com
44 KB
1 mcpuwpsh.com
mcpuwpsh.com — Cisco Umbrella Rank: 47069
3 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1104
606 B
1 2a17f5b615.com
c83c29be12.2a17f5b615.com
207 B
1 nawpush.com
na.nawpush.com — Cisco Umbrella Rank: 48956
1 KB
1 a69i.com
a69i.com — Cisco Umbrella Rank: 30682
1 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2547
255 B
1 smartrnd.net
smartrnd.net — Cisco Umbrella Rank: 694997
604 B
1 acedirect.net
us.acedirect.net — Cisco Umbrella Rank: 142197
222 B
1 gstatic.com
fonts.gstatic.com
35 KB
1 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 12701
104 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
87 KB
1 richinfo.co
richinfo.co — Cisco Umbrella Rank: 234797
25 KB
1 ajfnee.com
ajfnee.com — Cisco Umbrella Rank: 135822
5 KB
67 29
Domain Requested by
7 pagead2.googlesyndication.com www.madamtay.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 youradexchange.com asccdn.com
acscdn.com
5 6.lands.ninja www.madamtay.com
6.lands.ninja
4 www.blogger.com www.madamtay.com
4 acscdn.com www.madamtay.com
acscdn.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 accounts.google.com 2 redirects
3 cdnjs.cloudflare.com www.madamtay.com
2 eu.randomosity.xyz 6.lands.ninja
2 eu.wenga.xyz 6.lands.ninja
2 fp.metricswpsh.com js.wpadmngr.com
2 js.capndr.com js.wpadmngr.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 xngqoc.com ajfnee.com
2 asccdn.com www.madamtay.com
asccdn.com
2 js.wpadmngr.com www.madamtay.com
js.wpadmngr.com
2 www.madamtay.com www.madamtay.com
1 www.google.com tpc.googlesyndication.com
1 mcpuwpsh.com js.capndr.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 c83c29be12.2a17f5b615.com js.wpadmngr.com
1 na.nawpush.com js.wpadmngr.com
1 a69i.com js.wpadmngr.com
1 region1.google-analytics.com www.googletagmanager.com
1 smartrnd.net 1 redirects
1 us.acedirect.net 1 redirects
1 fonts.gstatic.com www.madamtay.com
1 blogger.googleusercontent.com www.madamtay.com
1 www.googletagmanager.com www.madamtay.com
1 richinfo.co www.madamtay.com
1 ajfnee.com www.madamtay.com
67 31

This site contains no links.

Subject Issuer Validity Valid
www.madamtay.com
GTS CA 1D4		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.ajfnee.com
GTS CA 1P5		 2023-09-04 -
2023-12-03		 3 months crt.sh
cdn.adx1.net
R3		 2023-07-27 -
2023-10-25		 3 months crt.sh
js.wpadmngr.com
R3		 2023-07-15 -
2023-10-13		 3 months crt.sh
asccdn.com
GTS CA 1P5		 2023-08-27 -
2023-11-25		 3 months crt.sh
acscdn.com
GTS CA 1P5		 2023-09-04 -
2023-12-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
xngqoc.com
R3		 2023-06-30 -
2023-09-28		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
1.lands.ninja
R3		 2023-09-02 -
2023-12-01		 3 months crt.sh
youradexchange.com
GTS CA 1P5		 2023-08-19 -
2023-11-17		 3 months crt.sh
a69i.com
E1		 2023-08-02 -
2023-10-31		 3 months crt.sh
na.nawpush.com
R3		 2023-08-02 -
2023-10-31		 3 months crt.sh
js.capndr.com
R3		 2023-08-23 -
2023-11-21		 3 months crt.sh
c83c29be12.2a17f5b615.com
R3		 2023-09-02 -
2023-12-01		 3 months crt.sh
notification.tubecup.net
R3		 2023-07-14 -
2023-10-12		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
puwpush.com
R3		 2023-09-02 -
2023-12-01		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.wenga.xyz
R3		 2023-07-28 -
2023-10-26		 3 months crt.sh
*.randomosity.xyz
R3		 2023-07-27 -
2023-10-25		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://6.lands.ninja/?q=9b2c4lp2tx9a6fe817&s=direct-link&var=cf387211b67a75f696b4ac00f7b4e2ef&geo=DE
Frame ID: 6D57B74C3B2E36171271A6665FBB7DB0
Requests: 58 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/zrt_lookup.html
Frame ID: C6EE4CDD1C5345BEA771F041B83BFB19
Requests: 1 HTTP requests in this frame

Frame: https://a69i.com/log/count.html
Frame ID: FA7DFB181F0E8A975E43BF11F7241406
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6684517789387911&output=html&adk=1812271804&adf=3025194257&lmt=1693899791&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_r&format=0x0&url=https%3A%2F%2Fwww.madamtay.com%2F2023%2F05%2Fdiscovering-nutritional-and-medicinal.html&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693915088636&bpp=3&bdt=287&idt=239&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7139850602248&frm=20&pv=2&ga_vid=624701441.1693915089&ga_sid=1693915089&ga_hid=500610304&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077370%2C31077560%2C42531705%2C31076994%2C31077549%2C21065724&oid=2&pvsid=4480411064828398&tmod=298554857&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=254
Frame ID: 26F565BA5A7CA07600F27A1EF7155F1A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D8E1B2FC17845310A7E2F6B447AA45F6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F3D86AB41E82098B381B60D2A17681D6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bot check

Page URL History Show full URLs

  1. https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html Page URL
  2. https://us.acedirect.net/rp-direct-link?link-type=1&pubid=871660 HTTP 302
    https://smartrnd.net/click.php?key=eoyg8aoozyxoyutr0wg2&click_id=v2-1693915088857-4-9590-1134395-... HTTP 302
    https://6.lands.ninja/?q=9b2c4lp2tx9a6fe817&s=direct-link&var=cf387211b67a75f696b4ac00f7b4e2ef&geo=DE Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

67
Requests

91 %
HTTPS

79 %
IPv6

29
Domains

31
Subdomains

27
IPs

5
Countries

1316 kB
Transfer

3201 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html Page URL
  2. https://us.acedirect.net/rp-direct-link?link-type=1&pubid=871660 HTTP 302
    https://smartrnd.net/click.php?key=eoyg8aoozyxoyutr0wg2&click_id=v2-1693915088857-4-9590-1134395-fe142112-12f3-ea05-fb5d-c2b5ed91f8f2&pub_id=871660&source_id=direct-link&pub_id_hash=cf387211b67a75f696b4ac00f7b4e2ef HTTP 302
    https://6.lands.ninja/?q=9b2c4lp2tx9a6fe817&s=direct-link&var=cf387211b67a75f696b4ac00f7b4e2ef&geo=DE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AXo7B7Uj4p3qRHhUjgRBt5Bf8x2uv02SpYaxJdo2z6Lg-plOJx_QoLCK5i1YbBirk6v-Wi6NeN7SAA HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7W3tr389X46p0p752brVav6HhHShJsgPykh5IJ1OpOwcwXbBt3TV07u0lcFp79hwMdu-WvOxw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-888360308%3A1693915088929714&theme=glif

67 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
discovering-nutritional-and-medicinal.html
www.madamtay.com/2023/05/ 		245 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
561974763cc5e1b80e874b4c84118be1c11bbe7c86a202eb7300e8d7fac5be81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
42150
content-type
text/html; charset=UTF-8
date
Tue, 05 Sep 2023 11:58:08 GMT
etag
W/"812d7f74f1cd4f313757d917f0c55072ca8fa8bc1c6e1b14cce979a795528d6a"
expires
Tue, 05 Sep 2023 11:58:08 GMT
last-modified
Tue, 05 Sep 2023 09:43:11 GMT
server
GSE
x-content-type-options
nosniff
x-robots-tag
all
x-xss-protection
1; mode=block
waWQiOjExNTA1MzAsInNpZCI6MTI2MzcyMywid2lkIjo0NzkwMTQsInNyYyI6Mn0=eyJ.js
ajfnee.com/p/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajfnee.com/p/waWQiOjExNTA1MzAsInNpZCI6MTI2MzcyMywid2lkIjo0NzkwMTQsInNyYyI6Mn0=eyJ.js
Requested by
Host: www.madamtay.com
URL: https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d3b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a0c231aed418e856089f03ff75c2cc8a2e1eaf11aa7ae02738a262aed16e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Sep 2023 11:44:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag
c87147de54828b5bd1f263f4635a992b
age
827
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTXFORrN1rtCRY20K9T09DQYHRhV3vsUpztf512gP%2FFR5to8%2Fz2ZTbMqG8eGemZ%2FHZ3Wcr008g9wynyBnn6fvVl7EDGM8IqJ91wI1lfxske9Vov9NAL2kWTn2VC41NsqrL05%2FIQlPKIa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www.madamtay.com
cache-control
max-age=14400
cf-ray
801e4c765b6d3a9c-FRA
alt-svc
h3=":443"; ma=86400
rp-cl-ob.js
richinfo.co/richpartners/push/js/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://richinfo.co/richpartners/push/js/rp-cl-ob.js?pubid=871660&siteid=334272&niche=33
Requested by
Host: www.madamtay.com
URL: https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.199.75 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
95bfb0165ee20b9404f599edcb7f7fee4bfedc1df340dfdce225ad35f3506ff7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:44:10 GMT
content-encoding
br
last-modified
Fri, 01 Sep 2023 08:50:35 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
etag
W/"64f1a5db-1141e"
content-type
application/javascript
cache-control
max-age=1209600
x-cdn-pop
sbg
accept-ranges
bytes
content-length
24860
x-request-id
782074141
expires
Tue, 19 Sep 2023 11:44:10 GMT
adManager.js
js.wpadmngr.com/static/ 		1 KB
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpadmngr.com/static/adManager.js
Requested by
Host: www.madamtay.com
URL: https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Tue, 05 Sep 2023 12:03:08 GMT
date
Tue, 05 Sep 2023 11:58:08 GMT
content-encoding
gzip
last-modified
Mon, 05 Dec 2022 13:37:26 GMT
server
nginx/1.18.0
etag
W/"638df416-4dd"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
suv4.js
asccdn.com/script/ 		195 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asccdn.com/script/suv4.js
Requested by
Host: www.madamtay.com
URL: https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d25b42a2c8843537008d84fc5c997d1c4302edde5590ada788a2f0a277ed99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1439
x-guploader-uploadid
ADPycdse0bl_WlfzqCpa5UuJmxlI7_vgamhJgzn-aEmDLtH7XHVahMoe0s4SBrXQ3K1lbJJ-SaczpRISRil6jp0YQpcjLTW2w12o
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 05 Sep 2023 10:07:26 GMT
server
cloudflare
etag
W/"c8b96a161cc36b64b6fc2577d3abed80"
vary
Accept-Encoding
x-goog-hash
crc32c=A3RrnQ==, md5=yLlqFhzDa2S2/CV306vtgA==
x-goog-generation
1693908446534493
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FgsIaFcDHqIuicGiUK%2B5%2Bk5ndXWpYtyDmAW8masIjLQkboQXWPs%2BberpB4tkXJ%2FE3loPlJ%2Fk26RY14R2bXklVixxQC0U9eZBVZk%2Bk%2FERwDQwRfjzx5lc%2FIitMz%2F7t1SuZktHVyKEd2co"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
199259
cf-ray
801e4c766ef09a18-FRA
expires
Tue, 05 Sep 2023 12:28:35 GMT
atg.js
acscdn.com/script/ 		191 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acscdn.com/script/atg.js
Requested by
Host: www.madamtay.com
URL: https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a869c736225c4b3e488d61ac95627690688846c98c1b4f29d7410efbb46f3c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3008
x-guploader-uploadid
ADPycdugu_TdAReUYLetsYh2c6RtJOhhHXX8z01u0uunDo7rfp0RIU8Dfs4LyF4fpezGT61q5gPdOaT_0W2Y3SbgkCVfSg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 05 Sep 2023 09:58:47 GMT
server
cloudflare
etag
W/"bd9774851852469e5feacab99d9d063d"
vary
Accept-Encoding
x-goog-hash
crc32c=HWFu2A==, md5=vZd0hRhSRp5f6sq5nZ0GPQ==
x-goog-generation
1693907927708769
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LoLRuv%2FWy8FgRWyEOQDzPctGAwMKH6qPtSANEojeKPrXarHtDsbih1Eic9q7FvdUsuOnmzK9rk%2FVG2r5Y5HHbolHuHe2yhOePIhOk4GMauP4xSclEcg736tZUn74c1VubNVV266bgmn"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
195772
cf-ray
801e4c766dd72c6e-FRA
expires
Tue, 05 Sep 2023 11:43:34 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6684517789387911
Requested by
Host: www.madamtay.com
URL: https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.madamtay.com/
Origin
https://www.madamtay.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50968
x-xss-protection
0
server
cafe
etag
1995981000500612927
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 11:58:08 GMT
js
www.googletagmanager.com/gtag/ 		261 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YRECZQ2V73
Requested by
Host: www.madamtay.com
URL: https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89154
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Sep 2023 11:58:08 GMT
fontawesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ 		57 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/fontawesome.min.css
Requested by
Host: www.madamtay.com
URL: https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1935992
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10265
last-modified
Thu, 22 Jun 2023 11:02:19 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942a3b-2819"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLVjvLbrLgqNs7OJjefTf3E3D7AcA6AyysbKYGAHSdqPFpkkaGxB6tPsTGhkioui67KgRdJRrgtCZl3Z7loYU3iiKA81dN5lEYmfmhV4r5GvsLNBenjBVu89GE2TzBrmf3cE3u9QT4e4t%2FCFfOouXLM4"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
801e4c764ba1695b-FRA
expires
Sun, 25 Aug 2024 11:58:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.madamtay.com
URL: https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50928
x-xss-protection
0
server
cafe
etag
224149620909317699
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 11:58:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6684517789387911&host=ca-host-pub-1556223355139109
Requested by
Host: www.madamtay.com
URL: https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.madamtay.com/
Origin
https://www.madamtay.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50970
x-xss-protection
0
server
cafe
etag
5867555651036787272
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 11:58:08 GMT
%D9%84%D9%82%D8%B7%D8%A9%20%D8%A7%D9%84%D8%B4%D8%A7%D8%B4%D8%A9%202023-05-13%20010224.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEibi3s64tMhtwoUKUz81KHIP4ynH3rsj13B-k86FMnO3bKn_Ro-4PdVC-mMQ0YwmJFGjAVvEzNi-HjmO8w8PBFu_nmhS1LnGoJmuFSQ3cB0aBcSPGvMAhB8-UTCItlFRbjbBqVAvSaGZcKCNKyS... 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEibi3s64tMhtwoUKUz81KHIP4ynH3rsj13B-k86FMnO3bKn_Ro-4PdVC-mMQ0YwmJFGjAVvEzNi-HjmO8w8PBFu_nmhS1LnGoJmuFSQ3cB0aBcSPGvMAhB8-UTCItlFRbjbBqVAvSaGZcKCNKyST2kOtZflPqjwd4VXIpRlu-gf0tf8hVeztIJpdgfp/w270-h320/%D9%84%D9%82%D8%B7%D8%A9%20%D8%A7%D9%84%D8%B4%D8%A7%D8%B4%D8%A9%202023-05-13%20010224.png
Requested by
Host: www.madamtay.com
URL: https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:08 GMT
x-content-type-options
nosniff
server
fife
etag
"v84"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="____ ______ 2023-05-13 010224.png";filename*=UTF-8''%D9%84%D9%82%D8%B7%D8%A9%20%D8%A7%D9%84%D8%B4%D8%A7%D8%B4%D8%A9%202023-05-13%20010224.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106416
x-xss-protection
0
expires
Wed, 06 Sep 2023 11:58:08 GMT
4235886812-comment_from_post_iframe.js
www.blogger.com/static/v1/jsbin/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/jsbin/4235886812-comment_from_post_iframe.js
Requested by
Host: www.madamtay.com
URL: https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:11:10 GMT
x-content-type-options
nosniff
age
121618
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17850
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 01:52:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 03 Sep 2024 02:11:10 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.madamtay.com
URL: https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
971580
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
28007
last-modified
Thu, 22 Jun 2023 11:06:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942b1e-6d67"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8d8ahFMZFHEqB2NAekblZvr57BidlVKqmLYWCiPuvWWCAH9dCftiXZiXeBrH33El2gNUdUlrWtRlZceObyx11VHIY7Cvs%2BpweXf49bfVsMHylULMIaTD53CY33bn9XfIJZahcT%2FzKqtV%2BTmsD4r4adw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
801e4c76cc31695b-FRA
expires
Sun, 25 Aug 2024 11:58:08 GMT
cookienotice.js
www.madamtay.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.madamtay.com/js/cookienotice.js
Requested by
Host: www.madamtay.com
URL: https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 08:50:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 12 Sep 2023 11:58:08 GMT
940443484-widgets.js
www.blogger.com/static/v1/widgets/ 		157 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/940443484-widgets.js
Requested by
Host: www.madamtay.com
URL: https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:10:48 GMT
x-content-type-options
nosniff
age
121640
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
160425
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 01:52:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 03 Sep 2024 02:10:48 GMT
er
xngqoc.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://xngqoc.com/er?a=1
Requested by
Host: ajfnee.com
URL: https://ajfnee.com/p/waWQiOjExNTA1MzAsInNpZCI6MTI2MzcyMywid2lkIjo0NzkwMTQsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:b4a:1:7::9168:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 05 Sep 2023 11:58:08 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
content-length
0
7cbdd419-5e10-47ee-92ab-b856e70ff518
https://www.madamtay.com/ 		91 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.madamtay.com/7cbdd419-5e10-47ee-92ab-b856e70ff518
Requested by
Host: www.madamtay.com
URL: https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length
91
Content-Type
application/javascript
cuload
xngqoc.com/ 		0
0
authorization.css
www.blogger.com/dyn-css/ 		1 B
688 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=748817983997877249&zx=38e7617d-b0c0-4f91-9315-882d814cb0eb
Requested by
Host: www.madamtay.com
URL: https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Tue, 05 Sep 2023 11:58:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 11:58:09 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v11/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v11/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: www.madamtay.com
URL: https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.madamtay.com/
Origin
https://www.madamtay.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 06:47:04 GMT
x-content-type-options
nosniff
age
364264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35752
x-xss-protection
0
last-modified
Mon, 28 Sep 2020 22:16:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Aug 2024 06:47:04 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2
Requested by
Host: www.madamtay.com
URL: https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.madamtay.com/
Origin
https://www.madamtay.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:08 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7108050
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
80300
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-139ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clkc9OtcjdskLmQPvlDvGQSDYkfKrWxa2kgVJoqCCpt9DREFMXYTYL%2FFIr%2F3h3gpRRRvOBSu41F4dVgDpKdSOGiB%2Bp6lTGf6ocEHi3mLJxSoYvixH96MXFIcNksM7l%2Fi4aSyu%2FEwF8F4RNeDiLZICMhI"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
801e4c7719163838-FRA
expires
Sun, 25 Aug 2024 11:58:08 GMT
Primary Request /
6.lands.ninja/
Redirect Chain
  • https://us.acedirect.net/rp-direct-link?link-type=1&pubid=871660
  • https://smartrnd.net/click.php?key=eoyg8aoozyxoyutr0wg2&click_id=v2-1693915088857-4-9590-1134395-fe142112-12f3-ea05-fb5d-c2b5ed91f8f2&pub_id=871660&source_id=direct-link&pub_id_hash=cf387211b67a75f...
  • https://6.lands.ninja/?q=9b2c4lp2tx9a6fe817&s=direct-link&var=cf387211b67a75f696b4ac00f7b4e2ef&geo=DE
13 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6.lands.ninja/?q=9b2c4lp2tx9a6fe817&s=direct-link&var=cf387211b67a75f696b4ac00f7b4e2ef&geo=DE
Requested by
Host: www.madamtay.com
URL: https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.131.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-131-13.compute-1.amazonaws.com
Software
Apache /
Resource Hash
878f02475c307854cc5ffd7e212b09f67f26e22c4446bb1e556f712f96de6ba1

Request headers

Referer
https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
7042
content-type
text/html
date
Tue, 05 Sep 2023 11:58:09 GMT
etag
"34b3-5f525c3cadbc0-gzip"
last-modified
Mon, 20 Feb 2023 18:23:51 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 05 Sep 2023 11:58:09 GMT
Location
https://6.lands.ninja?q=9b2c4lp2tx9a6fe817&s=direct-link&var=cf387211b67a75f696b4ac00f7b4e2ef&geo=DE
Server
nginx/1.20.2
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
trt
xngqoc.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://xngqoc.com/trt?a=1&t=71
Requested by
Host: ajfnee.com
URL: https://ajfnee.com/p/waWQiOjExNTA1MzAsInNpZCI6MTI2MzcyMywid2lkIjo0NzkwMTQsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:b4a:1:7::9168:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 05 Sep 2023 11:58:08 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
content-length
0
adManager.m.js
js.wpadmngr.com/static/ 		169 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpadmngr.com/static/adManager.m.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Tue, 05 Sep 2023 12:03:08 GMT
date
Tue, 05 Sep 2023 11:58:08 GMT
content-encoding
gzip
last-modified
Mon, 04 Sep 2023 15:56:24 GMT
server
nginx/1.18.0
etag
W/"64f5fe28-2a2d3"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
ut.js
asccdn.com/script/ 		80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asccdn.com/script/ut.js?cb=1693915088441
Requested by
Host: asccdn.com
URL: https://asccdn.com/script/suv4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3527
x-guploader-uploadid
ADPycdvhpE5sFDsLmJ7vosXL-r1m7Qd4mgIdxFHuDT_tlA3SSKffvuzsZdyF-084VTKl-Lwd-vkVK0ZGxlMlipGndACj22UHqRS1
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 16 Aug 2023 08:24:25 GMT
server
cloudflare
etag
W/"7b345ac84f43dce247e4d14b7fc85dd1"
vary
Accept-Encoding
x-goog-hash
crc32c=O4hKMg==, md5=ezRayE9D3OJH5NFLf8hd0Q==
x-goog-generation
1692174265266008
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkrpKJ0aglqcTCAFWXBbpb9jharFddb37cMA%2BtH0qcypQokB1nY6gDPWKuglQrSStU4zkngG8PES2bD0j5%2BYgSd0iizmt45rAzXD29c0hXVplHzGWRvFQyx42cjlIn6djP4mYTHKUkVl"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
82296
cf-ray
801e4c7768069a18-FRA
expires
Tue, 05 Sep 2023 11:02:11 GMT
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YRECZQ2V73&gtm=45je38u0&_p=500610304&cid=624701441.1693915089&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693915088&sct=1&seg=0&dl=https%3A%2F%2Fwww.madamtay.com%2F2023%2F05%2Fdiscovering-nutritional-and-medicinal.html&dt=Discovering%20the%20Nutritional%20and%20Medicinal%20Benefits%20of%20Earth%20Chestnuts&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YRECZQ2V73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 11:58:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.madamtay.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ut.js
acscdn.com/script/ 		80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acscdn.com/script/ut.js?cb=1693915088463
Requested by
Host: acscdn.com
URL: https://acscdn.com/script/atg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2992
x-guploader-uploadid
ADPycdvhpE5sFDsLmJ7vosXL-r1m7Qd4mgIdxFHuDT_tlA3SSKffvuzsZdyF-084VTKl-Lwd-vkVK0ZGxlMlipGndACj22UHqRS1
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 16 Aug 2023 08:24:25 GMT
server
cloudflare
etag
W/"7b345ac84f43dce247e4d14b7fc85dd1"
vary
Accept-Encoding
x-goog-hash
crc32c=O4hKMg==, md5=ezRayE9D3OJH5NFLf8hd0Q==
x-goog-generation
1692174265266008
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjWYicrGi8zrbMp4RVn2XnH6Cs3U%2BGZ%2Fmjr5uLuFuFaDif1axl7ACxZf4t0%2FfYCdLOcrGYNPhXJt%2Bk%2FzryxT01PpxDcdjG97tEPZZFCJOBVyMRVMEKcwNNgSmIZdn%2BovSpnTYN8qFeCR"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
82296
cf-ray
801e4c77bfe32c6e-FRA
expires
Tue, 05 Sep 2023 12:02:11 GMT
suurl4.php
youradexchange.com/script/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=7259574&chmob=%3F0&cbur=0.6469559465983059&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=Discovering%20the%20Nutritional%20and%20Medicinal%20Benefits%20of%20Earth%20Chestnuts&cbpage=https%3A%2F%2Fwww.madamtay.com%2F2023%2F05%2Fdiscovering-nutritional-and-medicinal.html&cbref=&cbdescription=%20%20%20%20%20%20%20%20%20%20Treatment%20of%20thyroid%20problems%20with%20earth%20chestnut%20Asian%20cuisine%20frequently%20uses%20earth%20chestnuts%2C%20also%20referred%20to%20as%20Chinese%20water...&cbkeywords=&cbcdn=asccdn.com&aggr=0&ts=1693915088618&atv=35.1&srs=1b22746afa072f42659ba0c600123c98
Requested by
Host: asccdn.com
URL: https://asccdn.com/script/suv4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:08 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tw%2FT%2FD7TtM2d5clxAmTWiEGY2WMlhLJ465s0gGbhDJT%2FTjaNk%2BodpfG3es4X57X%2BOZey4vn%2B4eYA%2FNW9kYrJZ2S5vkv69al3i7rR81SFCaAiqDJtAHw5CIm4GU0vVDepuoh2h8q0JGvz0VnJdRQmSrU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
801e4c780c2937de-FRA
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
czcf.php
youradexchange.com/ad/ 		203 B
442 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/ad/czcf.php?cz=mqvronn38&chmob=%3F0
Requested by
Host: acscdn.com
URL: https://acscdn.com/script/atg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:08 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BO%2FrTi7druYp8E06rXkWnsd6pofqNBHW7Un8E%2FSF9i7J7v2dwCoy6YpTAXjVaxS%2BXfrixAh1zAEk6CwWlcN0nZ6FBpNWiFfg%2B5JYftYEeBdRcAvRRvsnlh97qS3ig1VSX44xPUw1o7Pys4n51BQGOtI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
text/html; charset=utf-8
cf-ray
801e4c780c2a37de-FRA
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/ 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6684517789387911&plah=www.madamtay.com&bust=31077549
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6684517789387911&host=ca-host-pub-1556223355139109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133329
x-xss-protection
0
server
cafe
etag
1261435381616057352
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 11:58:08 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/ Frame C6EE 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6684517789387911&host=ca-host-pub-1556223355139109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.madamtay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
68849
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 16:50:39 GMT
etag
9878862242593084568
expires
Mon, 18 Sep 2023 16:50:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
count.html
a69i.com/log/ Frame FA7D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a69i.com/log/count.html
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.madamtay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
801e4c786d3837fb-FRA
content-encoding
br
content-type
text/html
date
Tue, 05 Sep 2023 11:58:08 GMT
last-modified
Wed, 09 Aug 2023 05:46:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oazGCa9%2BDKrc3qse9oIdSkiTzSG2mvVQH808XarDmsUdlwZYZNCCycPSr9Kk8Mr3NkhEysZLG%2FBHymPue7ZwR1SvNkESQgfUjJYEJPCk%2FnsH8RptYLa9P5%2B7vT69qz92jPCrI7Tbww%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-request-id
c61d17f721de9913a6715bc2b719d3e3
104995
na.nawpush.com/tags/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://na.nawpush.com/tags/104995?version_name=d
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 05 Sep 2023 11:58:08 GMT
cache-control
max-age=300, public
content-type
application/json
server
nginx/1.18.0
content-length
1057
x-proxy-cache
HIT
advertising.js
js.capndr.com/ 		0
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.capndr.com/advertising.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Tue, 05 Sep 2023 12:03:08 GMT
date
Tue, 05 Sep 2023 11:58:08 GMT
last-modified
Fri, 14 Jul 2023 08:23:25 GMT
server
nginx/1.18.0
etag
"64b105fd-0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
0
x-proxy-cache
HIT
hb.php
youradexchange.com/ut/ 		0
421 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/ut/hb.php?cb=0.23347213617005536
Requested by
Host: asccdn.com
URL: https://asccdn.com/script/ut.js?cb=1693915088441
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.madamtay.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Tue, 05 Sep 2023 11:58:08 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krMvG7nZHAQonHqW877Y53w%2B%2BUTrJk3IBCgXvNWYyWo9ED3oJgQ5dcJz%2FN8khUxVmx1mK0Hwde%2BrrHeyuxJKFFxqmOlzPfXwf9RCFN46t%2BpGhLuncDv%2BDw0hMp1HxOC12iiCPHjtDjgBv%2BtUaXUZCrY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
801e4c787d409b1b-FRA
alt-svc
h3=":443"; ma=86400
track
c83c29be12.2a17f5b615.com/in/ 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c83c29be12.2a17f5b615.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI4MzY5MzU1NjcxNDE0MjUyMDAiLCJ0aW1lem9uZSI6MiwidmVyIjoiMy43NS4wIiwidGFnX2lkIjoxMDQ5OTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTYwMHgxMjAwIiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJFdXJvcGUvQmVybGluIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuMTMsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MCwidXNlcl9rZXl3b3JkcyI6IkRpc2NvdmVyaW5nJTJDdGhlJTJDTnV0cml0aW9uYWwlMkNhbmQlMkNNZWRpY2luYWwlMkNCZW5lZml0cyUyQ29mJTJDRWFydGglMkNDaGVzdG51dHMlMkMlMkMlMkMlMkMlMkMlMkNUcmVhdG1lbnQlMkNvZiUyQ3RoeXJvaWQlMkNwcm9ibGVtcyUyQ3dpdGglMkNlYXJ0aCUyQ2NoZXN0bnV0JTJDQXNpYW4lMkNjdWlzaW5lJTJDZnJlcXVlbnRseSUyQ3VzZXMlMkNlYXJ0aCUyQ2NoZXN0bnV0cyUyQ2Fsc28lMkNyZWZlcnJlZCUyQ3RvJTJDYXMlMkNDaGluZXNlJTJDd2F0ZXIuLi4ifQ==
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 11:58:08 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
build.m.js
js.capndr.com/popunder-admanager/ 		74 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.capndr.com/popunder-admanager/build.m.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Tue, 05 Sep 2023 12:03:08 GMT
date
Tue, 05 Sep 2023 11:58:08 GMT
content-encoding
gzip
last-modified
Tue, 05 Sep 2023 10:46:15 GMT
server
nginx/1.18.0
etag
W/"64f706f7-127e5"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
display.php
youradexchange.com/n/ 		0
333 B 		Script
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/n/display.php?r=7259346&atag=1&czid=mqvronn38&aggr=2&ppv=1&srs=1b22746afa072f42659ba0c600123c98
Requested by
Host: acscdn.com
URL: https://acscdn.com/script/atg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:08 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lfmX5V1h%2BT9uVLbLiqNqdKNLbaW4zMcidQTqC0nZWYkdtEB%2BZSxziic2DdrHn9ddJxgo1CoFsXTuR51il3AstwhW6Zz6MGdToNfhaZpjVZN2uLzEjNttULE1q3XUWknjr1N3QR4IDGROYKLuOSTdqCk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
801e4c791df69b1b-FRA
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
ippg.js
acscdn.com/script/ 		121 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acscdn.com/script/ippg.js
Requested by
Host: acscdn.com
URL: https://acscdn.com/script/atg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1426
x-guploader-uploadid
ADPycdub9Pth6SpWk3XN72ZVf72kFcld3WpAUeux0EVgnE0QgbZGCrdjAw-27Fs6JjbMI-5qbMTuvMLTHKVcSYavo-zT4g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 05 Sep 2023 10:03:00 GMT
server
cloudflare
etag
W/"4d2dd5a0aa038c3ee99ad1f8d8527b01"
vary
Accept-Encoding
x-goog-hash
crc32c=jmi0bA==, md5=TS3VoKoDjD7pmtH42FJ7AQ==
x-goog-generation
1693908180078015
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1iTn%2FGwQOqbkEY6cFbPYuy5BPruMFJu%2BQBL4sYf2G82GbHMg6OVCQ3jOPA2rNYTQVmEeKumX%2FHeInRq0CEBwRVHjVGpnDblGcRCTS24nuag8bKRBcgBGZzBgO1VtdHSOXsTSwTiucoJv"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
123778
cf-ray
801e4c791c9e9205-FRA
expires
Tue, 05 Sep 2023 12:14:31 GMT
suv4.js
acscdn.com/script/ 		195 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acscdn.com/script/suv4.js
Requested by
Host: acscdn.com
URL: https://acscdn.com/script/atg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3528
x-guploader-uploadid
ADPycdvusMcldbIkcxGnvbuocpvqkqrMYF5eoTvbHIeHzH5BQZE_8uEB6jZAktE11yof1eb7AoOdTzQx4kNwO3Wc-ZjMHQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 05 Sep 2023 10:07:26 GMT
server
cloudflare
etag
W/"c8b96a161cc36b64b6fc2577d3abed80"
vary
Accept-Encoding
x-goog-hash
crc32c=A3RrnQ==, md5=yLlqFhzDa2S2/CV306vtgA==
x-goog-generation
1693908446534493
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRNmIqiRzFwjWSNRf7IyhcNU8M0ei4rR4zm%2F2Dt4mj5xgoOBjPcSYstf57vKE1%2B7C4wEvZl7%2FY3qiJWjqBJDfQO6BIkbkBWZPRzXFXjBwUUNz9gv%2B4BOfWFmUjpd1Wl4dxPNahGTQibu"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
199259
cf-ray
801e4c791c9f9205-FRA
expires
Tue, 05 Sep 2023 11:58:20 GMT
fp
fp.metricswpsh.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fp.metricswpsh.com/fp?tag_id=104995
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.madamtay.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://www.madamtay.com
Connection
keep-alive
Date
Tue, 05 Sep 2023 11:58:08 GMT
Server
nginx/1.20.1
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
fp
fp.metricswpsh.com/ 		60 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fp.metricswpsh.com/fp?tag_id=104995
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash

Request headers

Referer
https://www.madamtay.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Tue, 05 Sep 2023 11:58:09 GMT
Server
nginx/1.20.1
Vary
Origin
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.madamtay.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
60
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AXo7B7Uj4p3qRHhUjgRBt5Bf8x2uv02SpYaxJdo2z6Lg-plOJx_QoLCK5i1Yb...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7W3tr389X46p0p752brVav6HhHShJsgPykh5IJ1OpOwcwXbBt3TV07u0lcFp79hwMdu-WvOxw&passive...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7W3tr389X46p0p752brVav6HhHShJsgPykh5IJ1OpOwcwXbBt3TV07u0lcFp79hwMdu-WvOxw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-888360308%3A1693915088929714&theme=glif
Protocol
H3
Server
2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

date
Tue, 05 Sep 2023 11:58:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_J-WIbRug3bBwLN2q60Xqg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
402
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7W3tr389X46p0p752brVav6HhHShJsgPykh5IJ1OpOwcwXbBt3TV07u0lcFp79hwMdu-WvOxw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-888360308%3A1693915088929714&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		391 B
606 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.madamtay.com&callback=_gfp_s_&client=ca-pub-6684517789387911
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6684517789387911&plah=www.madamtay.com&bust=31077549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
254
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 26F5 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6684517789387911&output=html&adk=1812271804&adf=3025194257&lmt=1693899791&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_r&format=0x0&url=https%3A%2F%2Fwww.madamtay.com%2F2023%2F05%2Fdiscovering-nutritional-and-medicinal.html&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693915088636&bpp=3&bdt=287&idt=239&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7139850602248&frm=20&pv=2&ga_vid=624701441.1693915089&ga_sid=1693915089&ga_hid=500610304&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077370%2C31077560%2C42531705%2C31076994%2C31077549%2C21065724&oid=2&pvsid=4480411064828398&tmod=298554857&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=254
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6684517789387911&plah=www.madamtay.com&bust=31077549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.madamtay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 11:58:09 GMT
expires
Tue, 05 Sep 2023 11:58:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230830&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6684517789387911&plah=www.madamtay.com&bust=31077549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11717
x-xss-protection
0
push.php
youradexchange.com/script/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/push.php?r=7259350&ipp=1&mads=1&position=top&czid=mqvronn38&aggr=2&atag=1&atv=35.1&cbpage=https%3A%2F%2Fwww.madamtay.com%2F2023%2F05%2Fdiscovering-nutritional-and-medicinal.html&cbref=&srs=1b22746afa072f42659ba0c600123c98&chmob=%3F0
Requested by
Host: acscdn.com
URL: https://acscdn.com/script/ippg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:09 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INg9R1b31QAtdKZJI1kIN3T8CON7FuQCaEV1pSzwuEbl3%2BpL7gmlSLsGzj0vENOHdm9uzoq7x%2F6kOWxVb0Lt35kNGik3%2FmHDbBiXQYKGSP8%2B%2BUK%2FBBsE4CA8antf9VCgHD8JhJnbRVpi9jiqk%2Bliiv8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
801e4c799e5037de-FRA
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6684517789387911&plah=www.madamtay.com&bust=31077549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Sep 2023 11:58:08 GMT
/
mcpuwpsh.com/get/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcpuwpsh.com/get/
Requested by
Host: js.capndr.com
URL: https://js.capndr.com/popunder-admanager/build.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:c0:2306::1 Stuttgart, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash

Request headers

Referer
https://www.madamtay.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 11:58:09 GMT
server
nginx/1.16.0
vary
Origin
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
2795
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D8E1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.madamtay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1716
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 11:29:33 GMT
expires
Wed, 04 Sep 2024 11:29:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F3D8 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NqUKRYEEOJW0PbjKKJBOFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.madamtay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
539
content-security-policy
script-src 'report-sample' 'nonce-NqUKRYEEOJW0PbjKKJBOFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 11:58:09 GMT
expires
Tue, 05 Sep 2023 11:58:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sDErsqHGZKHkf3fdTSK9cGXygIIzfAKaeJHbg3h_I88.js
pagead2.googlesyndication.com/bg/ Frame D8E1 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sDErsqHGZKHkf3fdTSK9cGXygIIzfAKaeJHbg3h_I88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:29:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
1707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14930
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Sep 2024 11:29:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F3D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230830&jk=4480411064828398&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame D8E1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?lJe2SA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
authorization.css
www.blogger.com/dyn-css/ 		1 B
88 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=748817983997877249&zx=38e7617d-b0c0-4f91-9315-882d814cb0eb
Requested by
Host: www.madamtay.com
URL: https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.madamtay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Tue, 05 Sep 2023 11:58:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 11:58:09 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
collect
region1.google-analytics.com/g/ 		0
0
collect
region1.google-analytics.com/g/ 		0
0
rp-cl-rd-ob.js
6.lands.ninja/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://6.lands.ninja/rp-cl-rd-ob.js?pubid=775186&siteid=312014&niche=33
Requested by
Host: 6.lands.ninja
URL: https://6.lands.ninja/?q=9b2c4lp2tx9a6fe817&s=direct-link&var=cf387211b67a75f696b4ac00f7b4e2ef&geo=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.131.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-131-13.compute-1.amazonaws.com
Software
Apache /
Resource Hash
a5d43d7214a29ae16f5bbefc716c73d76760cdd93d30e8170fc842bdf3be2734

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6.lands.ninja/?q=9b2c4lp2tx9a6fe817&s=direct-link&var=cf387211b67a75f696b4ac00f7b4e2ef&geo=DE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:09 GMT
content-encoding
gzip
last-modified
Mon, 27 Feb 2023 13:57:14 GMT
server
Apache
etag
"386a-5f5aedb2fa280-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
5108
man.png
6.lands.ninja/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6.lands.ninja/img/man.png
Requested by
Host: 6.lands.ninja
URL: https://6.lands.ninja/?q=9b2c4lp2tx9a6fe817&s=direct-link&var=cf387211b67a75f696b4ac00f7b4e2ef&geo=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.131.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-131-13.compute-1.amazonaws.com
Software
Apache /
Resource Hash
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6.lands.ninja/?q=9b2c4lp2tx9a6fe817&s=direct-link&var=cf387211b67a75f696b4ac00f7b4e2ef&geo=DE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:09 GMT
last-modified
Fri, 19 Aug 2022 17:54:25 GMT
server
Apache
accept-ranges
bytes
etag
"295f-5e69bc9e37640"
content-length
10591
content-type
image/png
logo.png
6.lands.ninja/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6.lands.ninja/img/logo.png
Requested by
Host: 6.lands.ninja
URL: https://6.lands.ninja/?q=9b2c4lp2tx9a6fe817&s=direct-link&var=cf387211b67a75f696b4ac00f7b4e2ef&geo=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.131.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-131-13.compute-1.amazonaws.com
Software
Apache /
Resource Hash
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6.lands.ninja/?q=9b2c4lp2tx9a6fe817&s=direct-link&var=cf387211b67a75f696b4ac00f7b4e2ef&geo=DE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:09 GMT
last-modified
Fri, 19 Aug 2022 17:54:24 GMT
server
Apache
accept-ranges
bytes
etag
"425-5e69bc9d43400"
content-length
1061
content-type
image/png
st
eu.wenga.xyz/pb/ 		34 B
182 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://eu.wenga.xyz/pb/st
Requested by
Host: 6.lands.ninja
URL: https://6.lands.ninja/rp-cl-rd-ob.js?pubid=775186&siteid=312014&niche=33
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:9580:4771::12 Settimo Milanese, Italy, ASN49544 (I3DNET, NL),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
6f9d4356870080ec8ace58f54cc9b6d006577cf9d192f5075d715db16a3f767a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6.lands.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
https://6.lands.ninja
date
Tue, 05 Sep 2023 11:58:09 GMT
access-control-allow-credentials
true
server
openresty/1.21.4.1
content-length
34
content-type
text/html;charset=UTF-8
bot.png
6.lands.ninja/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6.lands.ninja/img/bot.png
Requested by
Host: 6.lands.ninja
URL: https://6.lands.ninja/?q=9b2c4lp2tx9a6fe817&s=direct-link&var=cf387211b67a75f696b4ac00f7b4e2ef&geo=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.3.131.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-131-13.compute-1.amazonaws.com
Software
Apache /
Resource Hash
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6.lands.ninja/?q=9b2c4lp2tx9a6fe817&s=direct-link&var=cf387211b67a75f696b4ac00f7b4e2ef&geo=DE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:09 GMT
last-modified
Fri, 19 Aug 2022 17:54:24 GMT
server
Apache
accept-ranges
bytes
etag
"2b23-5e69bc9d43400"
content-length
11043
content-type
image/png
st
eu.randomosity.xyz/pb/ 		34 B
182 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://eu.randomosity.xyz/pb/st
Requested by
Host: 6.lands.ninja
URL: https://6.lands.ninja/rp-cl-rd-ob.js?pubid=775186&siteid=312014&niche=33
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:1630:771::11 Rotterdam, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
6f9d4356870080ec8ace58f54cc9b6d006577cf9d192f5075d715db16a3f767a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6.lands.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
https://6.lands.ninja
date
Tue, 05 Sep 2023 11:58:09 GMT
access-control-allow-credentials
true
server
openresty/1.21.4.1
content-length
34
content-type
text/html;charset=UTF-8
st
eu.wenga.xyz/pb/ 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.wenga.xyz/pb/st?sctp=content-locker&m=ht&pid=775186&sid=312014&dm=6.lands.ninja&c1=https&c2=1&c3=https://eu.wenga.xyz/pb/st
Requested by
Host: 6.lands.ninja
URL: https://6.lands.ninja/?q=9b2c4lp2tx9a6fe817&s=direct-link&var=cf387211b67a75f696b4ac00f7b4e2ef&geo=DE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:9580:4771::12 Settimo Milanese, Italy, ASN49544 (I3DNET, NL),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6.lands.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:09 GMT
server
openresty/1.21.4.1
content-length
0
content-type
text/html;charset=UTF-8
st
eu.randomosity.xyz/pb/ 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.randomosity.xyz/pb/st?sctp=content-locker&m=si&pid=775186&sid=312014&dm=6.lands.ninja&c1=https&c2=1&c3=https://eu.randomosity.xyz/pb/st
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:1630:771::11 Rotterdam, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6.lands.ninja/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:58:10 GMT
server
openresty/1.21.4.1
content-length
0
content-type
text/html;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
xngqoc.com
URL
https://xngqoc.com/cuload?a=1&e=aeyJwaWQiOjExNTA1MzAsInNpZCI6MTI2MzcyMywid2lkIjo0NzkwMTQsImQiOiJtYWRhbXRheS5jb20iLCJsaSI6MX0=&tz=2&if=0&u=aHR0cHM6Ly93d3cubWFkYW10YXkuY29tLzIwMjMvMDUvZGlzY292ZXJpbmctbnV0cml0aW9uYWwtYW5kLW1lZGljaW5hbC5odG1s
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230830&jk=4480411064828398&bg=!IiGlIW7NAAYHwnCgJ8I7ADQBe5WfODo7xwDJvOjfbm2ApZD6s98dWqNRaIdMf8cokFqoBuTEl2FTa-swtdmUMha5h6dCAgAAAFdSAAAACGgBBwoAWBD8gU5gVn1C82TDAyfgn3g0wSF5SbcmRz8ZNQicv8oZT5g1Ihxr9s3Ge_7Fv2yYb5-5SUEQos71WOIzGFaGoXPJY898rOtdZQ3SW6lrqr2sz3JlgnUboNmZAsDLWbaYNOsMi3C3ofBgsZr7x6x1qlmo4NY8lwx31-eSk4LD6rayK7qz1ef6wWP_32A4gtj-kt2MelTk2YqLFbOzHwUhssqubxYjrfVmvkcYOfVF28w_zqMU2-gXilluMuHnXTA1UXroZBkhaDyvAFxdmjOVZWRxXcv1hEJfvXdCjMrv0qy0fguQ1EGQtz6sLvwVslMIN2wJ6fI9b75IRfXxAr1ms6okIeEOHBfEXepfgbMn7myMvgZFfunpWBAeEsdBA_lecsJIcqjH1sHxaAqvyz9YAXZi0irua1muPwE1TQI88f31EagJz9vJpsmNxz0BemSfxmjIcjNcv8QYTQ1XgESZYXufKDFL1M7h0196CGP4-W8AMLOHkdeJ3ypQ2T2t__we364Cudx6vUKifcOMw-niky7MnDZSWyRHJIH42gjLWO9pzuBpJ-_yMmAy6oh3R0QR6EmqT8OO6mtZ6bf34sawZ7NBa-P5fqAR6I4oTp0p92Dyp1ga3-szvgiu5gLhsRoAkUudQmc97tHFjrgFARa-xl5Q0IKVuc5fEp63SaJfoyRlcBaSDNkLh_tGmZsQijdDqC4ow18UUP5PrFBRg-dYl7Ci51XEdayA84BA5oqZuUbO738AuC9vyNXl_UmQ6zEw7BXHPyy5p88fKgeD1jG0UAbbyK_7n0RNqx8MsZgBOeZ-5pUuAJg_OTEr1YpaK5-QS-ytsoE9QPYDMsLi6vDHLggIdK6GEzqY-Evsf4H4H9HrVunIfoiIKvHmGDxSES5rs7Gy1HcSzLb0nudhRJj0dmRQL0E2LiZs-sk-SF_aAshQnsHNQknXSjyWerEKB8GAIukCmCy-_v2Qj58kGwxxBVm5az-iJNYkmC0D0FfZEKjqvwPEw_bd__NHIjzUzdgzKTxkhhBhQ2znWqHF7vmJa7kolk-FRc0N4DR7pw
Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YRECZQ2V73&gtm=45je38u0&_p=500610304&cid=624701441.1693915089&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1693915088&sct=1&seg=0&dl=https%3A%2F%2Fwww.madamtay.com%2F2023%2F05%2Fdiscovering-nutritional-and-medicinal.html&dt=Discovering%20the%20Nutritional%20and%20Medicinal%20Benefits%20of%20Earth%20Chestnuts&en=scroll&epn.percent_scrolled=90&_et=10
Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YRECZQ2V73&gtm=45je38u0&_p=500610304&cid=624701441.1693915089&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1693915088&sct=1&seg=0&dl=https%3A%2F%2Fwww.madamtay.com%2F2023%2F05%2Fdiscovering-nutritional-and-medicinal.html&dt=Discovering%20the%20Nutritional%20and%20Medicinal%20Benefits%20of%20Earth%20Chestnuts&en=user_engagement&_et=1137

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| _0x3dae function| _0x5a8d function| goto string| click_id string| traffic_source string| u_id function| translateElement

8 Cookies

Domain/Path Name / Value
.madamtay.com/ Name: _ga
Value: GA1.1.624701441.1693915089
.madamtay.com/ Name: __gads
Value: ID=4b59b1edc588c1bb-22d0897667de006f:T=1693915088:RT=1693915088:S=ALNI_MZhwhRkfp45DbQPks31kcCpJBrHUQ
.madamtay.com/ Name: __gpi
Value: UID=00000c6f27e140c4:T=1693915088:RT=1693915088:S=ALNI_MbnsSk6EYATVjUWpGfEnW94jv1Qxw
fp.metricswpsh.com/ Name: id
Value: 16410531833413997928
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
smartrnd.net/ Name: uclick
Value: lp2tx9a6fe
smartrnd.net/ Name: uclickhash
Value: lp2tx9a6fe-lp2tx9a6fe-1z-0-fy3y-1617-16gx-6edbaf
.madamtay.com/ Name: _ga_YRECZQ2V73
Value: GS1.1.1693915088.1.0.1693915089.0.0.0

3 Console Messages

Source Level URL
Text
javascript error URL: https://www.madamtay.com/2023/05/discovering-nutritional-and-medicinal.html
Message:
Access to fetch at 'https://xngqoc.com/cuload?a=1&e=aeyJwaWQiOjExNTA1MzAsInNpZCI6MTI2MzcyMywid2lkIjo0NzkwMTQsImQiOiJtYWRhbXRheS5jb20iLCJsaSI6MX0=&tz=2&if=0&u=aHR0cHM6Ly93d3cubWFkYW10YXkuY29tLzIwMjMvMDUvZGlzY292ZXJpbmctbnV0cml0aW9uYWwtYW5kLW1lZGljaW5hbC5odG1s' from origin 'https://www.madamtay.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://xngqoc.com/cuload?a=1&e=aeyJwaWQiOjExNTA1MzAsInNpZCI6MTI2MzcyMywid2lkIjo0NzkwMTQsImQiOiJtYWRhbXRheS5jb20iLCJsaSI6MX0=&tz=2&if=0&u=aHR0cHM6Ly93d3cubWFkYW10YXkuY29tLzIwMjMvMDUvZGlzY292ZXJpbmctbnV0cml0aW9uYWwtYW5kLW1lZGljaW5hbC5odG1s
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7W3tr389X46p0p752brVav6HhHShJsgPykh5IJ1OpOwcwXbBt3TV07u0lcFp79hwMdu-WvOxw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-888360308%3A1693915088929714&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6.lands.ninja
a69i.com
accounts.google.com
acscdn.com
ajfnee.com
asccdn.com
blogger.googleusercontent.com
c83c29be12.2a17f5b615.com
cdnjs.cloudflare.com
eu.randomosity.xyz
eu.wenga.xyz
fonts.gstatic.com
fp.metricswpsh.com
googleads.g.doubleclick.net
js.capndr.com
js.wpadmngr.com
mcpuwpsh.com
na.nawpush.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
richinfo.co
smartrnd.net
tpc.googlesyndication.com
us.acedirect.net
www.blogger.com
www.google.com
www.googletagmanager.com
www.madamtay.com
xngqoc.com
youradexchange.com
pagead2.googlesyndication.com
region1.google-analytics.com
xngqoc.com
157.90.84.242
2001:4860:4802:34::36
2606:4700:3030::ac43:d3b9
2606:4700::6811:190e
2606:4700:e4::ac40:a213
2606:4700:e6::ac40:c309
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2001
2a00:1450:4001:810::2009
2a00:1450:4001:828::2001
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::200d
2a00:1450:4001:831::2013
2a00:1630:771::11
2a00:1d26:8771::11
2a01:4f8:c0:2306::1
2a01:9580:4771::12
2a02:b4a:1:7::9168:1
2a06:98c1:3121::3
34.192.29.125
45.133.44.24
45.133.44.53
46.105.199.75
52.3.131.13
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384
48d25b42a2c8843537008d84fc5c997d1c4302edde5590ada788a2f0a277ed99
54a0c231aed418e856089f03ff75c2cc8a2e1eaf11aa7ae02738a262aed16e12
561974763cc5e1b80e874b4c84118be1c11bbe7c86a202eb7300e8d7fac5be81
6f9d4356870080ec8ace58f54cc9b6d006577cf9d192f5075d715db16a3f767a
878f02475c307854cc5ffd7e212b09f67f26e22c4446bb1e556f712f96de6ba1
8a869c736225c4b3e488d61ac95627690688846c98c1b4f29d7410efbb46f3c5
95bfb0165ee20b9404f599edcb7f7fee4bfedc1df340dfdce225ad35f3506ff7
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
a5d43d7214a29ae16f5bbefc716c73d76760cdd93d30e8170fc842bdf3be2734
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f
f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c