mail.biasdo.work Open in urlscan Pro
50.3.78.186  Public Scan

126 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

• https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1902536385&t=pageview&_s=1&dl=http%3A%2F%2Fmail.biasdo.work%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=737040268&gjid=411455876&cid=55785382.1596543102&tid=UA-16353911-1&_gid=316979649.1596543102&_r=1&gtm=2ou7m1&z=1069690969 HTTP 302
• https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-16353911-1&cid=55785382.1596543102&jid=737040268&_gid=316979649.1596543102&gjid=411455876&_v=j83&z=1069690969 HTTP 302
• https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16353911-1&cid=55785382.1596543102&jid=737040268&_v=j83&z=1069690969 HTTP 302
• https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16353911-1&cid=55785382.1596543102&jid=737040268&_v=j83&z=1069690969&slf_rd=1&random=2653357908

Request Chain 21

• http://www14.smartadserver.com/3369/call HTTP 307
• http://www14.smartadserver.com/3369/call?cklb=1

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response mail.biasdo.work/	61 KB 62 KB	187ms 168ms	Document text/html	50.3.78.186 SERVERHUB-NL
General Check archive.org Show headers Download Go to Full URL http://mail.biasdo.work/ Protocol HTTP/1.1 Server 50.3.78.186 Frankfurt am Main, Germany, ASN49532 (SERVERHUB-NL, DE), Reverse DNS principalities.ridgemind.com Software Apache / PHP/5.3.3 Resource Hash 3bfe56aa31578ada1f858246c0d8b6be51cd4e969a44f0a0001130dab49d4017 Request headers Host mail.biasdo.work Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 04 Aug 2020 04:08:19 GMT Server Apache X-Powered-By PHP/5.3.3 Keep-Alive timeout=15, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	cse.js Show response cse.google.com/	11 KB 4 KB	60ms 38ms	Script text/javascript	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cse.google.com/cse.js?cx=partner-pub-7532470883667401:rzizbetxxiz Requested by Host: mail.biasdo.work URL: http://mail.biasdo.work/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gws / Resource Hash d6e156ac99e02b84f326ec899c56702fa560f8e3bc00bfa1f1e4c210e0db7001 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 12:11:42 GMT content-encoding br server gws x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." status 200 cache-control private content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3570 x-xss-protection 0 expires Tue, 04 Aug 2020 12:11:42 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	85 KB 33 KB	16ms 15ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-16353911-1 Requested by Host: mail.biasdo.work URL: http://mail.biasdo.work/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e38590fda259c6ced9fa7152c47ac0992c7739d6e8cc6ae457ab53ea9664f134 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 12:11:42 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control status 200 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34168 x-xss-protection 0 expires Tue, 04 Aug 2020 12:11:42 GMT
GET H/1.1	200 OK	smart.js Show response ced.sascdn.com/tag/3369/	29 KB 12 KB	74ms 53ms	Script application/javascript	2.16.186.105 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL http://ced.sascdn.com/tag/3369/smart.js Requested by Host: mail.biasdo.work URL: http://mail.biasdo.work/ Protocol HTTP/1.1 Server 2.16.186.105 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-105.deploy.static.akamaitechnologies.com Software / Resource Hash c0d99fa74b7d02cea64852e44f4cfdc88206d0cf6a1a109f2568661297a6c8f7 Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 04 Aug 2020 12:11:42 GMT Content-Encoding gzip Cache-Control public, max-age=24 Content-Length 11802 Vary Accept-Encoding Connection keep-alive Content-Type application/javascript; charset=utf-8
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	49 KB 16 KB	35ms 33ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: mail.biasdo.work URL: http://mail.biasdo.work/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f2.1e100.net Software sffe / Resource Hash 7e2d6553ba3e65912c7e04e52c144c24ea4cfb2f44a7ada448999e4a3163d12b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 12:11:42 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "591 / 684 of 1000 / last-modified: 1596515884" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16691 x-xss-protection 0 expires Tue, 04 Aug 2020 12:11:42 GMT
GET H2	200	style.css www.vanguardngr.com/wp-content/themes/vanguard-ngr/	101 KB 17 KB	170ms 115ms	Stylesheet text/css	151.101.194.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.vanguardngr.com/wp-content/themes/vanguard-ngr/style.css Requested by Host: mail.biasdo.work URL: http://mail.biasdo.work/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.207 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / EasyEngine v4.0.17 Resource Hash b667bc7c014ce4f02017fa0ee42abba286c596b8664fd59551b882810473fb4a Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 12:11:42 GMT content-encoding gzip x-proxy-cache-key www.vanguardngr.com_page:httpsGETwww.vanguardngr.com/wp-content/themes/vanguard-ngr/style.css--desktop x-proxy-cache-status STALE x-powered-by EasyEngine v4.0.17 x-cache MISS, MISS status 200 x-b3-traceid 69dcccd0a5774a23ba48a3fcbee412cc x-b3-traceid-primal 69dcccd0a5774a23ba48a3fcbee412cc content-length 16547 x-served-by cache-lcy19251-LCY, cache-hhn4032-HHN accept-ranges bytes mrf-tech CDN server nginx x-timer S1596543102.163773,VS0,VE91 etag W/"5f28f201-1932c" vary Accept-Encoding, User-Agent content-type text/css cache-control public, max-age=8640000, stale-if-error=2592000 mrf-cache-status MM x-cache-hits 0, 0
GET H/1.1	200 OK	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	119 KB 43 KB	30ms 20ms	Script text/javascript	2a00:1450:4001:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: mail.biasdo.work URL: http://mail.biasdo.work/ Protocol HTTP/1.1 Server 2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2b2ff74bd40013e3acf925cc61a4d1c95bc22ffbc353f4bfff5b7a4248f791ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Timing-Allow-Origin * Date Tue, 04 Aug 2020 12:11:42 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cafe ETag 16875559467576913997 Vary Accept-Encoding P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control private, max-age=3600 Content-Disposition attachment; filename="f.txt" Content-Type text/javascript; charset=UTF-8 Content-Length 43084 X-XSS-Protection 0 Expires Tue, 04 Aug 2020 12:11:42 GMT
GET H2	403	vanguardlogo.png cdn.vanguardngr.com/wp-content/uploads/2016/06/	0 0	57ms 15ms	Image text/html	2606:4700:3030::681c:687 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.vanguardngr.com/wp-content/uploads/2016/06/vanguardlogo.png Requested by Host: mail.biasdo.work URL: http://mail.biasdo.work/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::681c:687 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	21072020-scaled.jpg i1.wp.com/digitalpaper.vanguardngr.com/wp-content/uploads/edd/2020/07/	29 KB 30 KB	77ms 27ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i1.wp.com/digitalpaper.vanguardngr.com/wp-content/uploads/edd/2020/07/21072020-scaled.jpg?fit=640%2C400&ssl=1 Requested by Host: mail.biasdo.work URL: http://mail.biasdo.work/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash cea34df3f8d00d9f5662ceb16a24751008e7d04444634510bcf50fa54d6f06b4 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nc HIT fra 3 date Tue, 04 Aug 2020 12:11:42 GMT x-content-type-options nosniff x-bytes-saved 9577 last-modified Tue, 21 Jul 2020 02:40:07 GMT server nginx etag "5a47541615f2423b" vary Accept content-type image/webp status 200 cache-control public, max-age=63115200 link <https://digitalpaper.vanguardngr.com/wp-content/uploads/edd/2020/07/21072020-scaled.jpg>; rel="canonical" content-length 30206 expires Thu, 21 Jul 2022 14:40:07 GMT
GET H2	200	van-newsstnd-icon-300px.png i2.wp.com/www.vanguardngr.com/wp-content/uploads/2020/04/	6 KB 6 KB	73ms 23ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i2.wp.com/www.vanguardngr.com/wp-content/uploads/2020/04/van-newsstnd-icon-300px.png?resize=400%2C00&ssl=1 Requested by Host: mail.biasdo.work URL: http://mail.biasdo.work/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash 68c741fec14ef11b93cc7e28186363b42eedc951a630a5309e09c95535791e97 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nc HIT fra 2 date Tue, 04 Aug 2020 12:11:42 GMT x-content-type-options nosniff x-bytes-saved 7811 last-modified Sun, 05 Apr 2020 08:49:02 GMT server nginx etag "cef7e05b71077a7b" vary Accept content-type image/webp status 200 cache-control public, max-age=63115200 link <https://www.vanguardngr.com/wp-content/uploads/2020/04/van-newsstnd-icon-300px.png>; rel="canonical" content-length 5952 expires Tue, 05 Apr 2022 20:49:02 GMT
GET H2	200	jetpack.css www.vanguardngr.com/wp-content/plugins/jetpack/css/	74 KB 13 KB	119ms 118ms	Stylesheet text/css	151.101.194.207 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.vanguardngr.com/wp-content/plugins/jetpack/css/jetpack.css?ver=8.7.1 Requested by Host: mail.biasdo.work URL: http://mail.biasdo.work/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.207 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / EasyEngine v4.0.17 Resource Hash e62c5e4f73e2790691b899a501ef20d9ba0f12f64d24c1fdc7d67705dea112e9 Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 12:11:42 GMT content-encoding gzip x-proxy-cache-key www.vanguardngr.com_page:httpsGETwww.vanguardngr.com/wp-content/plugins/jetpack/css/jetpack.css?ver=8.7.1--desktop x-proxy-cache-status BYPASS x-powered-by EasyEngine v4.0.17 x-cache MISS, MISS status 200 x-b3-traceid 510f8bcfec1b417bbee528816f6a39d0 x-b3-traceid-primal 510f8bcfec1b417bbee528816f6a39d0 content-length 13368 x-served-by cache-lcy19225-LCY, cache-hhn4032-HHN accept-ranges bytes mrf-tech CDN server nginx x-timer S1596543102.170110,VS0,VE95 etag W/"5f28f1fd-12730" vary Accept-Encoding, User-Agent content-type text/css cache-control public, max-age=8640000, stale-if-error=2592000 mrf-cache-status MM x-cache-hits 0, 0
GET H2	200	jquery.js Show response c0.wp.com/c/5.4.2/wp-includes/js/jquery/	95 KB 32 KB	91ms 40ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.4.2/wp-includes/js/jquery/jquery.js Requested by Host: mail.biasdo.work URL: http://mail.biasdo.work/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nc HIT fra 1 date Tue, 04 Aug 2020 12:11:42 GMT content-encoding br last-modified Fri, 17 May 2019 04:25:54 GMT server nginx vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 strict-transport-security max-age=15552000 expires Wed, 04 Aug 2021 12:11:42 GMT
GET H2	200	jquery-migrate.min.js Show response c0.wp.com/c/5.4.2/wp-includes/js/jquery/	10 KB 4 KB	91ms 40ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.4.2/wp-includes/js/jquery/jquery-migrate.min.js Requested by Host: mail.biasdo.work URL: http://mail.biasdo.work/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nc HIT fra 1 date Tue, 04 Aug 2020 12:11:42 GMT content-encoding br last-modified Fri, 20 May 2016 06:11:28 GMT server nginx vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 strict-transport-security max-age=15552000 expires Wed, 04 Aug 2021 12:11:42 GMT
GET H2	200	e-202032.js Show response stats.wp.com/	9 KB 3 KB	72ms 22ms	Script application/javascript	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://stats.wp.com/e-202032.js Requested by Host: mail.biasdo.work URL: http://mail.biasdo.work/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2 Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 12:11:42 GMT content-encoding gzip server nginx etag W/"5c6340e3-350a" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 expires Fri, 30 Jul 2021 07:16:00 GMT
GET H2	200	cse_element__en.js Show response www.google.com/cse/static/element/26b8d00a7c7a0812/	260 KB 86 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:801::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/cse/static/element/26b8d00a7c7a0812/cse_element__en.js?usqp=CAI%3D Requested by Host: cse.google.com URL: https://cse.google.com/cse.js?cx=partner-pub-7532470883667401:rzizbetxxiz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 77a59cb277854c7e55d027b3cc11095a241d8107ff7be5b345403453a3d16be1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 01 Aug 2020 14:50:05 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 06 Jul 2020 13:27:13 GMT server sffe age 249697 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 88400 x-xss-protection 0 expires Sun, 01 Aug 2021 14:50:05 GMT
GET H2	200	default+en.css www.google.com/cse/static/element/26b8d00a7c7a0812/	40 KB 9 KB	6ms 5ms	Stylesheet text/css	2a00:1450:4001:801::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/cse/static/element/26b8d00a7c7a0812/default+en.css Requested by Host: cse.google.com URL: https://cse.google.com/cse.js?cx=partner-pub-7532470883667401:rzizbetxxiz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8b2484fa9a9b136b9eb56c1d2b3bfdacd1c8970acf325585235aa35b16fc010a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 01 Aug 2020 14:50:11 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 06 Jul 2020 13:27:13 GMT server sffe age 249691 vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8947 x-xss-protection 0 expires Sun, 01 Aug 2021 14:50:11 GMT
GET H2	200	espresso.css www.google.com/cse/static/style/look/v4/	5 KB 2 KB	8ms 7ms	Stylesheet text/css	2a00:1450:4001:801::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/cse/static/style/look/v4/espresso.css Requested by Host: cse.google.com URL: https://cse.google.com/cse.js?cx=partner-pub-7532470883667401:rzizbetxxiz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 79079035ef85018e365005353caff57c4797c437cb07f6460e77bf6477cd3805 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 11:23:13 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 25 May 2020 08:30:00 GMT server sffe age 2909 vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1538 x-xss-protection 0 expires Tue, 04 Aug 2020 12:13:13 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	45 KB 18 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-16353911-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Thu, 04 Jun 2020 23:38:14 GMT server Golfe2 age 5881 date Tue, 04 Aug 2020 10:33:41 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18469 expires Tue, 04 Aug 2020 12:33:41 GMT
GET H2	200	ga-audiences www.google.de/ads/ Redirect Chain https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1902536385&t=pageview&_s=1&dl=http%3A%2F%2Fmail.biasdo.work%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=73... https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-16353911-1&cid=55785382.1596543102&jid=737040268&_gid=316979649.1596543102&gjid=411455876&_v=j83&z=1069690969 https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16353911-1&cid=55785382.1596543102&jid=737040268&_v=j83&z=1069690969 https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16353911-1&cid=55785382.1596543102&jid=737040268&_v=j83&z=1069690969&slf_rd=1&random=2653357908	42 B 106 B	18ms 18ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16353911-1&cid=55785382.1596543102&jid=737040268&_v=j83&z=1069690969&slf_rd=1&random=2653357908 Requested by Host: mail.biasdo.work URL: http://mail.biasdo.work/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 04 Aug 2020 12:11:42 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 04 Aug 2020 12:11:42 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 302 content-type text/html; charset=UTF-8 location https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16353911-1&cid=55785382.1596543102&jid=737040268&_v=j83&z=1069690969&slf_rd=1&random=2653357908 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.ch/adsid/	109 B 168 B	16ms 15ms	Script application/javascript	2a00:1450:4001:825::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.ch/adsid/integrator.js?domain=mail.biasdo.work Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Tue, 04 Aug 2020 12:11:42 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	122 B 186 B	22ms 21ms	Script application/javascript	2a00:1450:4001:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=mail.biasdo.work Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a19af0732174a23f2b3b908f26ec113cdc2af527fa24c636ea34db83ae91f6fd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Tue, 04 Aug 2020 12:11:42 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 119 x-xss-protection 0
GET H2	200	pubads_impl_2020073001.js Show response securepubads.g.doubleclick.net/gpt/	257 KB 90 KB	32ms 32ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f2.1e100.net Software sffe / Resource Hash 1a1d846a5bf4af0e523bf1fc12389d7c73c2ff454e632372af5570afc5eb06cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 12:11:42 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 30 Jul 2020 13:10:45 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 92315 x-xss-protection 0 expires Tue, 04 Aug 2020 12:11:42 GMT
POST H/1.1	200 OK	call Show response www14.smartadserver.com/3369/ Redirect Chain http://www14.smartadserver.com/3369/call http://www14.smartadserver.com/3369/call?cklb=1	403 B 2 KB	43ms 43ms	XHR application/json	185.86.138.79 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL http://www14.smartadserver.com/3369/call?cklb=1 Requested by Host: mail.biasdo.work URL: http://mail.biasdo.work/ Protocol HTTP/1.1 Server 185.86.138.79 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash cd824e1b3267731fabb168ba0b1757e28f6f00df15e38b7ad508c40ab93d8b9b Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 04 Aug 2020 12:11:41 GMT content-encoding gzip vary Accept-Encoding p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" access-control-allow-origin http://mail.biasdo.work cache-control no-cache, no-store access-control-allow-credentials true content-type application/json; charset=utf-8 content-length 455 expires -1 Redirect headers pragma no-cache date Tue, 04 Aug 2020 12:11:42 GMT location http://www14.smartadserver.com/3369/call?cklb=1 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" access-control-allow-origin http://mail.biasdo.work cache-control no-cache, no-store access-control-allow-credentials true content-length 0 expires -1
GET H/1.1	200 OK	sdk.js Show response connect.facebook.net/en_GB/	3 KB 3 KB	11ms 5ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL http://connect.facebook.net/en_GB/sdk.js Requested by Host: mail.biasdo.work URL: http://mail.biasdo.work/ Protocol HTTP/1.1 Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c078b54f3f5b768ec591967961140ae3de906229c6da857030ac3e8673fb26e0 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 04 Aug 2020 12:11:42 GMT Content-Encoding gzip X-Content-Type-Options nosniff Content-MD5 szBUOSHindq0ykspC34BuQ== Expires Tue, 04 Aug 2020 12:22:03 GMT cross-origin-resource-policy cross-origin Connection keep-alive Alt-Svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 Content-Length 1781 X-FB-Debug 3hMQ+shvfUUprtW8XJ0brMfchiNc44Sd0ih3arjppPagL0TOxXkHStuH4N8iKDXCkTxfZn94yTrVcYofErqx2g== X-FB-TRIP-ID 664085054 x-fb-content-md5 36acb01aedc92834c7f48f7c807b600a ETag "dda40a17aa867907b29217921c4667fc" X-Frame-Options DENY Content-Type application/x-javascript; charset=utf-8 Access-Control-Allow-Origin * Vary Accept-Encoding Cache-Control public,max-age=1200,stale-while-revalidate=3600 timing-allow-origin * Access-Control-Expose-Headers X-FB-Content-MD5
GET H2	200	sprite.png www.vanguardngr.com/wp-content/themes/vanguard-ngr/img/	1 KB 2 KB	25ms 24ms	Image image/webp	151.101.194.207 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.vanguardngr.com/wp-content/themes/vanguard-ngr/img/sprite.png Requested by Host: mail.biasdo.work URL: http://mail.biasdo.work/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.207 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / EasyEngine v4.0.17 Resource Hash dc16caef950e6431455adbf6a03ae3cd8e7bf3406f044562ae650847992071c7 Request headers Referer https://www.vanguardngr.com/wp-content/themes/vanguard-ngr/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 12:11:42 GMT x-proxy-cache-key www.vanguardngr.com_page:httpsGETwww.vanguardngr.com/wp-content/themes/vanguard-ngr/img/sprite.png--lowend x-proxy-cache-status HIT x-powered-by EasyEngine v4.0.17 x-cache HIT, HIT fastly-io-info ifsz=3580 idim=105x124 ifmt=png ofsz=1234 odim=105x124 ofmt=webp status 200 x-b3-traceid 298e50a959c744ff81e56015e23783ea fastly-stats io=1 content-length 1234 x-served-by cache-lcy19283-LCY, cache-hhn4032-HHN x-b3-traceid-primal db28c64aa21747928032e48e42f89697 accept-ranges bytes mrf-tech CDN server nginx x-timer S1596543102.291369,VS0,VE1 etag "8kuUqHuYJUzSsnClYvRhpYW/LMq2hLb3cJhQiUDXLUc" vary Accept, User-Agent content-type image/webp access-control-allow-origin * cache-control public, max-age=8640000, stale-if-error=2592000 mrf-cache-status HH x-cache-hits 1, 1
GET H2	200	show_ads_impl_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20200730/r20190131/	223 KB 84 KB	27ms 27ms	Script text/javascript	2a00:1450:4001:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20200730/r20190131/show_ads_impl_fy2019.js Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 841f244beccca7ab6fe31db3bb22fffcac782750658a198b800d2eacd2cfaae0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 12:11:42 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 85516 x-xss-protection 0 server cafe etag 17155401368649166807 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Tue, 04 Aug 2020 12:11:42 GMT
GET H2	200	zrt_lookup.html googleads.g.doubleclick.net/pagead/html/r20200730/r20190131/ Frame D265	0 0	6ms 5ms	Document text/html	2a00:1450:4001:819::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20200730/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20200730/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://mail.biasdo.work/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://mail.biasdo.work/ Response headers status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * vary Accept-Encoding date Fri, 31 Jul 2020 21:09:30 GMT expires Fri, 14 Aug 2020 21:09:30 GMT content-type text/html; charset=UTF-8 etag 1809543571055990350 x-content-type-options nosniff content-encoding gzip server cafe content-length 4277 x-xss-protection 0 cache-control public, max-age=1209600 age 313332 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	;ID=162803;size=300x250;setID=151330;type=iframe;kw=;pid=4148637;place=0;rnd=4148637 ab162803.adbutler-photon.com/adserve/ Frame 2D93	0 0	299ms 118ms	Document text/html	195.201.242.21 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://ab162803.adbutler-photon.com/adserve/;ID=162803;size=300x250;setID=151330;type=iframe;kw=;pid=4148637;place=0;rnd=4148637 Requested by Host: mail.biasdo.work URL: http://mail.biasdo.work/ Protocol HTTP/1.1 Server 195.201.242.21 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.21.242.201.195.clients.your-server.de Software nginx / Resource Hash Request headers Host ab162803.adbutler-photon.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://mail.biasdo.work/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://mail.biasdo.work/ Response headers Server nginx Date Tue, 04 Aug 2020 12:11:42 GMT Content-Type text/html;charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding P3P CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE" Expires Mon, 26 Jul 1997 05:00:00 GMT Cache-Control post-check=0, pre-check=0 Pragma no-cache Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Content-Encoding gzip
GET H2	200	/ www.fctables.com/england/premier-league/iframe/ Frame 352C	0 0	167ms 140ms	Document text/html	2606:4700:e4::ac40:af0e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.fctables.com/england/premier-league/iframe/?type=table&lang_id=2&country=67&template=10&team=&timezone=Africa/Lagos&time=24&po=1&ma=1&wi=0&dr=0&los=0&gf=0&ga=0&gd=1&pts=1&ng=0&form=1&width=280&height=420&font=Tahoma&fs=11&lh=14&bg=FFFFFF&fc=333333&logo=1&tlink=0&ths=1&thb=1&thba=FFFFFF&thc=000000&bc=dddddd&hob=f5f5f5&hobc=ebe7e7&lc=333333&sh=1&hfb=1&hbc=ad0002&hfc=FFFFFF Requested by Host: mail.biasdo.work URL: http://mail.biasdo.work/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:af0e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.6.40 Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; Request headers :method GET :authority www.fctables.com :scheme https :path /england/premier-league/iframe/?type=table&lang_id=2&country=67&template=10&team=&timezone=Africa/Lagos&time=24&po=1&ma=1&wi=0&dr=0&los=0&gf=0&ga=0&gd=1&pts=1&ng=0&form=1&width=280&height=420&font=Tahoma&fs=11&lh=14&bg=FFFFFF&fc=333333&logo=1&tlink=0&ths=1&thb=1&thba=FFFFFF&thc=000000&bc=dddddd&hob=f5f5f5&hobc=ebe7e7&lc=333333&sh=1&hfb=1&hbc=ad0002&hfc=FFFFFF pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://mail.biasdo.work/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://mail.biasdo.work/ Response headers status 200 date Tue, 04 Aug 2020 12:11:42 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d388fcb6c8613118942f8e8e2fa93d08f1596543102; expires=Thu, 03-Sep-20 12:11:42 GMT; path=/; domain=.fctables.com; HttpOnly; SameSite=Lax; Secure x-powered-by PHP/5.6.40 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubdomains; cf-cache-status DYNAMIC cf-request-id 045afb85cd0000c2ae5c1cc200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5bd82eb61d1ac2ae-FRA content-encoding br
GET H2	200	sdk.js Show response connect.facebook.net/en_GB/	199 KB 60 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_GB/sdk.js?hash=54d65d79f3cc3bf51a570849759e7ab2&ua=modern_es6 Requested by Host: connect.facebook.net URL: http://connect.facebook.net/en_GB/sdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 39f4bfab089012d6683d2ec0461102e57c4cd3e1610c11cf610d3db9abeca5d2 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://mail.biasdo.work/ Origin http://mail.biasdo.work Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 J/WgvnxpavCqiYD/9Vt20Q== status 200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 61447 etag "9e4733de1982e4f717b8251786337fe6" x-fb-debug mUvrdS9R/pwIiS4TWw8+KuvS3EvqfKUMCceB3YqrKWxvn9AxbDA7m4REj75eSufmsyCw08OkyR6J1HAuRun4OA== x-fb-trip-id 664085054 x-fb-content-md5 d7264a16b59bf8ae2d997803f68ffbf0 x-frame-options DENY date Tue, 04 Aug 2020 12:11:42 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable timing-allow-origin * expires Wed, 04 Aug 2021 12:02:03 GMT
GET H/1.1	200 OK	widgets.js Show response platform.twitter.com/	95 KB 29 KB	49ms 31ms	Script application/javascript	151.101.112.157 FASTLY
General Check archive.org Show headers Download Go to Full URL http://platform.twitter.com/widgets.js Requested by Host: mail.biasdo.work URL: http://mail.biasdo.work/ Protocol HTTP/1.1 Server 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6adaf62612623c674af2f597baf83ffa56f157a9ab69346be7c11a9569fdebbc Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 04 Aug 2020 12:11:42 GMT Content-Encoding gzip X-Cache HIT, HIT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Connection keep-alive Content-Length 28825 X-Served-By cache-bwi5123-BWI, cache-hhn4051-HHN Last-Modified Thu, 30 Jul 2020 22:04:50 GMT Etag "1dc37899f984d453c1d3d8179829f041+gzip" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=1800 Accept-Ranges bytes TW-CDN FT
GET H/1.1	200 OK	g.gif pixel.wp.com/	50 B 215 B	47ms 29ms	Image image/gif	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL http://pixel.wp.com/g.gif?v=ext&j=1%3A8.7.1&blog=129338816&post=771873&tz=1&srv=www.vanguardngr.com&host=mail.biasdo.work&ref=&fcp=439&rand=0.7796048755630431 Requested by Host: mail.biasdo.work URL: http://mail.biasdo.work/ Protocol HTTP/1.1 Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1 Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 04 Aug 2020 12:11:42 GMT Cache-Control no-cache Server nginx Connection keep-alive Content-Length 50 Content-Type image/gif
GET H2	403	ads googleads.g.doubleclick.net/pagead/ Frame 7B7B	0 0	40ms 40ms	Document text/html	2a00:1450:4001:819::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7532470883667401&output=html&h=100&slotname=9505006249&adk=1952059095&adf=2837622488&w=300&lmt=1596543102&psa=0&guci=1.2.0.0.2.2.0.0&format=300x100&url=http%3A%2F%2Fmail.biasdo.work%2F&flash=0&wgl=1&adsid=NT&dt=1596543102344&bpp=14&bdt=253&idt=174&shv=r20200730&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2791375847035&frm=20&pv=2&ga_vid=55785382.1596543102&ga_sid=1596543103&ga_hid=1902536385&ga_fc=0&iag=0&icsg=140748941601408&dssz=49&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066921%2C21066533%2C21066807&oid=3&pvsid=1339484495029202&pem=43&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&pfx=0&fu=8192&bc=23&jar=2020-08-04-12&ifi=1&uci=a!1&fsb=1&xpc=1iaUkEXyxh&p=http%3A//mail.biasdo.work&dtd=189 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20200730/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-7532470883667401&output=html&h=100&slotname=9505006249&adk=1952059095&adf=2837622488&w=300&lmt=1596543102&psa=0&guci=1.2.0.0.2.2.0.0&format=300x100&url=http%3A%2F%2Fmail.biasdo.work%2F&flash=0&wgl=1&adsid=NT&dt=1596543102344&bpp=14&bdt=253&idt=174&shv=r20200730&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2791375847035&frm=20&pv=2&ga_vid=55785382.1596543102&ga_sid=1596543103&ga_hid=1902536385&ga_fc=0&iag=0&icsg=140748941601408&dssz=49&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066921%2C21066533%2C21066807&oid=3&pvsid=1339484495029202&pem=43&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&pfx=0&fu=8192&bc=23&jar=2020-08-04-12&ifi=1&uci=a!1&fsb=1&xpc=1iaUkEXyxh&p=http%3A//mail.biasdo.work&dtd=189 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://mail.biasdo.work/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://mail.biasdo.work/ Response headers status 403 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Tue, 04 Aug 2020 12:11:42 GMT server cafe content-length 46 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Tue, 04-Aug-2020 12:26:42 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	71 KB 27 KB	15ms 14ms	Script text/javascript	2a00:1450:4001:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20200730/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dcb1858dea6ab08aa4b9791811ff1bd6b8e7143f6f79428cde6c8e8f0d445956 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 12:11:42 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1596454787298083" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 27080 x-xss-protection 0 expires Tue, 04 Aug 2020 12:11:42 GMT
GET H2	403	ads googleads.g.doubleclick.net/pagead/ Frame 2554	0 0	24ms 23ms	Document text/html	2a00:1450:4001:819::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7532470883667401&output=html&h=250&slotname=7385138890&adk=544911159&adf=1447520121&w=300&lmt=1596543102&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fmail.biasdo.work%2F&flash=0&wgl=1&adsid=NT&dt=1596543102359&bpp=5&bdt=267&idt=184&shv=r20200730&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x100&correlator=2791375847035&frm=20&pv=1&ga_vid=55785382.1596543102&ga_sid=1596543103&ga_hid=1902536385&ga_fc=0&iag=0&icsg=140748941601408&dssz=50&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=2018&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066921%2C21066533%2C21066807&oid=3&pvsid=1339484495029202&pem=43&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8192&bc=23&jar=2020-08-04-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=n133CNVKZa&p=http%3A//mail.biasdo.work&dtd=187 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20200730/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-7532470883667401&output=html&h=250&slotname=7385138890&adk=544911159&adf=1447520121&w=300&lmt=1596543102&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fmail.biasdo.work%2F&flash=0&wgl=1&adsid=NT&dt=1596543102359&bpp=5&bdt=267&idt=184&shv=r20200730&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x100&correlator=2791375847035&frm=20&pv=1&ga_vid=55785382.1596543102&ga_sid=1596543103&ga_hid=1902536385&ga_fc=0&iag=0&icsg=140748941601408&dssz=50&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=2018&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066921%2C21066533%2C21066807&oid=3&pvsid=1339484495029202&pem=43&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=8192&bc=23&jar=2020-08-04-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=n133CNVKZa&p=http%3A//mail.biasdo.work&dtd=187 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://mail.biasdo.work/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://mail.biasdo.work/ Response headers status 403 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Tue, 04 Aug 2020 12:11:42 GMT server cafe content-length 46 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Tue, 04-Aug-2020 12:26:42 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
GET H2	200	widget_iframe.3c5aa8e2a38bbbee4b6d88e6846fc657.html platform.twitter.com/widgets/ Frame 8313	0 0	93ms 48ms	Document text/html	151.101.112.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets/widget_iframe.3c5aa8e2a38bbbee4b6d88e6846fc657.html?origin=http%3A%2F%2Fmail.biasdo.work Requested by Host: platform.twitter.com URL: http://platform.twitter.com/widgets.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Request headers :method GET :authority platform.twitter.com :scheme https :path /widgets/widget_iframe.3c5aa8e2a38bbbee4b6d88e6846fc657.html?origin=http%3A%2F%2Fmail.biasdo.work pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://mail.biasdo.work/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://mail.biasdo.work/ Response headers status 200 last-modified Thu, 30 Jul 2020 21:53:52 GMT cache-control public, max-age=315360000 content-type text/html; charset=utf-8 etag "9fa476ae827f556d5b037fe43632370d+gzip" content-encoding gzip access-control-allow-methods GET access-control-allow-origin * p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" accept-ranges bytes date Tue, 04 Aug 2020 12:11:42 GMT x-served-by cache-bwi5138-BWI, cache-hhn4038-HHN x-cache HIT, HIT vary Accept-Encoding tw-cdn FT content-length 5825
GET H2	403	ads googleads.g.doubleclick.net/pagead/ Frame 9E65	0 0	26ms 25ms	Document text/html	2a00:1450:4001:819::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7532470883667401&output=html&h=250&slotname=0720166341&adk=1428189087&adf=3731374482&w=300&lmt=1596543102&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fmail.biasdo.work%2F&flash=0&wgl=1&adsid=NT&dt=1596543102381&bpp=1&bdt=289&idt=185&shv=r20200730&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x100%2C300x250&correlator=2791375847035&frm=20&pv=1&ga_vid=55785382.1596543102&ga_sid=1596543103&ga_hid=1902536385&ga_fc=0&iag=0&icsg=140748941601408&dssz=50&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=2940&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066921%2C21066533%2C21066807&oid=3&pvsid=1339484495029202&pem=43&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=23&jar=2020-08-04-12&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=B7qHU2f9zV&p=http%3A//mail.biasdo.work&dtd=188 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20200730/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-7532470883667401&output=html&h=250&slotname=0720166341&adk=1428189087&adf=3731374482&w=300&lmt=1596543102&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fmail.biasdo.work%2F&flash=0&wgl=1&adsid=NT&dt=1596543102381&bpp=1&bdt=289&idt=185&shv=r20200730&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x100%2C300x250&correlator=2791375847035&frm=20&pv=1&ga_vid=55785382.1596543102&ga_sid=1596543103&ga_hid=1902536385&ga_fc=0&iag=0&icsg=140748941601408&dssz=50&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=2940&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066921%2C21066533%2C21066807&oid=3&pvsid=1339484495029202&pem=43&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=23&jar=2020-08-04-12&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=B7qHU2f9zV&p=http%3A//mail.biasdo.work&dtd=188 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://mail.biasdo.work/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://mail.biasdo.work/ Response headers status 403 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Tue, 04 Aug 2020 12:11:42 GMT server cafe content-length 46 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Tue, 04-Aug-2020 12:26:42 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	aip www14.smartadserver.com/h/	43 B 423 B	77ms 77ms	Image image/gif	185.86.138.79 SMARTADSERVER
General Check archive.org Show headers Download Go to Show image Full URL http://www14.smartadserver.com/h/aip?siteid=292855&pgid=1076954&fmtid=77693&tmstp=7962282867&visit=S&uii=308319730546943086&acd=1596543102549&ckid=6668904798316622248&pubid=3&statid=1&systgt=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3d8152%3b%24qt%3d73_4138_117804t%3b%24dma%3d0%3b%24b%3d16830%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200&tgt=%24dt%3d1t&rnd=8648485303 Requested by Host: mail.biasdo.work URL: http://mail.biasdo.work/ Protocol HTTP/1.1 Server 185.86.138.79 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 04 Aug 2020 12:11:41 GMT cache-control no-cache, no-store expires -1 content-type image/gif content-length 43 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
GET H2	200	ads googleads.g.doubleclick.net/pagead/ Frame 7122	0 0	15ms 15ms	Document text/html	2a00:1450:4001:819::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7532470883667401&output=html&adk=1812271804&adf=3025194257&lmt=1596543102&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fmail.biasdo.work%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1596543102439&bpp=25&bdt=348&idt=195&shv=r20200730&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x100%2C300x250%2C300x250&nras=1&correlator=2791375847035&frm=20&pv=1&ga_vid=55785382.1596543102&ga_sid=1596543103&ga_hid=1902536385&ga_fc=0&iag=0&icsg=140748941601408&dssz=50&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066921%2C21066533%2C21066807&oid=3&pvsid=1339484495029202&pem=43&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&jar=2020-08-04-12&ifi=10&uci=a!a&fsb=1&dtd=226 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20200730/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-7532470883667401&output=html&adk=1812271804&adf=3025194257&lmt=1596543102&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fmail.biasdo.work%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1596543102439&bpp=25&bdt=348&idt=195&shv=r20200730&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x100%2C300x250%2C300x250&nras=1&correlator=2791375847035&frm=20&pv=1&ga_vid=55785382.1596543102&ga_sid=1596543103&ga_hid=1902536385&ga_fc=0&iag=0&icsg=140748941601408&dssz=50&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066921%2C21066533%2C21066807&oid=3&pvsid=1339484495029202&pem=43&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&jar=2020-08-04-12&ifi=10&uci=a!a&fsb=1&dtd=226 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://mail.biasdo.work/ accept-encoding gzip, deflate, br accept-language en-US cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://mail.biasdo.work/ Response headers status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * content-type text/html; charset=UTF-8 x-content-type-options nosniff date Tue, 04 Aug 2020 12:11:42 GMT server cafe content-length 0 x-xss-protection 0 set-cookie test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUkZi9-J0gtq_0xKfmK1_QJBfv7dpkBkZ4Ld_4ECFGl0DDPyZN_Bi140FUJ7; expires=Sun, 29-Aug-2021 12:11:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" expires Tue, 04 Aug 2020 12:11:42 GMT cache-control private
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	7 KB 6 KB	22ms 22ms	XHR application/json	2a00:1450:4001:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200730&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20200730/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4ac0ff0729fe2add0e0335042b661b165373cb72cf6debd3b17bf7a608c0bfd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Tue, 04 Aug 2020 12:11:42 GMT content-encoding gzip x-content-type-options nosniff server cafe status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 5682 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	14 KB 5 KB	40ms 40ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20200730/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 12:11:42 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1591403518460474" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5540 x-xss-protection 0 expires Tue, 04 Aug 2020 12:11:42 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/210/ Frame F3E0	0 0	6ms 5ms	Document text/html	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/210/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://mail.biasdo.work/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://mail.biasdo.work/ Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 4590 date Tue, 04 Aug 2020 11:16:23 GMT expires Wed, 04 Aug 2021 11:16:23 GMT last-modified Wed, 26 Feb 2020 19:47:50 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 3320 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 46 B	41ms 40ms	Image image/gif	2a00:1450:4001:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200730&jk=1339484495029202&bg=!DA-lDxdYIqPI7xB_J0wCAAAAblIAAAAKmQGGXpPCOe_NZ0swsNPpjf-xwo66q5A3eFIz--rJNjMSHcQ0J2D2sIVt-Dm1fn0x5XkT0EA6C5GpQEbUInaxk3evpL3g5Qidf-ToYFa1thWiYjbQ6g41z_dcLd-fKNFCp-j07fmAuAT6lL2vhJed0qOla7-glJ6Gy5wDLC9Pmrkrmukf-6xVBYnZlehhGY3g3gUlm5y_DjuC9QymBC7paZUi4HVk1YL_QFZAuS0N6fsEUkvQm9aacSKpdVJH-PpDGJKxynNcPDXMIAt7MwvVs46ZbJnhP-m4Prc3o90kbs4RzwwAo44LFemfnTbGcgd2QV248VUV5xc5VUlSsSG6bj9d97N1oVUGV5RV9RpnTXX4_qcbKATFWYt5-Prtx2cAL5G5pteab9cT5XTKA8lt_N4Ucaa8XeeocuCLgmlZGotMWk-TeuzNhWsfxhLVZC9NrfZG5XhFoA5hlViEzGyVEeleQpewLtny57VxEoZTH5FEyEkFQC0XeJHgR01qNHD987U9t1ZgRCeH Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://mail.biasdo.work/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 04 Aug 2020 12:11:43 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT