urlscan.io logo urlscan.io
SecurityTrails logo

refinancegold.com Open in urlscan Pro
2606:4700:20::ac43:4802  Public Scan

Go To Rescan Add Verdict Report
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Submission: On February 10 via manual from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 43 IPs in 4 countries across 29 domains to perform 276 HTTP transactions. The main IP is 2606:4700:20::ac43:4802, located in United States and belongs to CLOUDFLARENET, US. The main domain is refinancegold.com. The Cisco Umbrella rank of the primary domain is 214974.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 10th 2021. Valid for: a year.
This is the only time refinancegold.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
62 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 52.222.210.175 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
6 142.250.184.226 15169 (GOOGLE)
96 151.101.1.44 54113 (FASTLY)
1 3 13.32.99.105 16509 (AMAZON-02)
1 142.250.74.198 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.181.226 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 130.211.23.194 15169 (GOOGLE)
1 52.0.49.135 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:225... 16509 (AMAZON-02)
1 2 2620:116:800d... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:231... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
1 3.70.102.167 16509 (AMAZON-02)
9 141.226.228.48 200478 (TABOOLA-AS)
3 2600:1f18:612... 14618 (AMAZON-AES)
3 15.197.193.217 16509 (AMAZON-02)
4 4 185.94.180.126 35220 (SPOTX-AMS)
3 18.195.142.161 16509 (AMAZON-02)
2 151.101.193.44 54113 (FASTLY)
2 2 18.156.0.31 16509 (AMAZON-02)
1 1 23.37.42.132 16625 (AKAMAI-AS)
2 23.79.143.124 16625 (AKAMAI-AS)
9 2a03:5f80:a::... 50952 (DATAIX-AS...)
2 69.173.144.165 26667 (RUBICONPR...)
3 134.209.221.46 14061 (DIGITALOC...)
2 157.230.220.52 14061 (DIGITALOC...)
1 141.226.224.32 200478 (TABOOLA-AS)
1 2a03:5f80:a::... 50952 (DATAIX-AS...)
276 43
62    2606:4700:20::ac43:4802 (United States)

ASN13335 (CLOUDFLARENET, US)
refinancegold.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
netdna.bootstrapcdn.com
5    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:20::ac43:464d (United States)

ASN13335 (CLOUDFLARENET, US)
mrb.upapi.net
1    2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
4    52.222.210.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-210-175.fra56.r.cloudfront.net
c.amazon-adsystem.com
7    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
96    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
wf.taboola.com
3    13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    142.250.74.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net
ad.doubleclick.net
1    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googleadservices.com
4    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
1    52.0.49.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-49-135.compute-1.amazonaws.com
trk.profitor.com
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
98ecca07078037d40793578d91284b17.safeframe.googlesyndication.com
5    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    2600:9000:225d:7600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
2    2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
cms.quantserve.com
4    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2600:9000:2315:6c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
4    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2600:9000:225e:3200:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.quantcast.mgr.consensu.org
1    3.70.102.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-102-167.eu-central-1.compute.amazonaws.com
audit-tcfv2.quantcast.mgr.consensu.org
9    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
3    2600:1f18:612b:4200:9a2f:8341:7f9b:9de (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
taboola-supply-partners.tremorhub.com
3    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
3    18.195.142.161 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-142-161.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
9    2a03:5f80:a::b212:e7a2 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)
static.vidazoo.com
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
3    134.209.221.46 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
bisdr.vidazoo.com
2    157.230.220.52 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
wserversa1.vidazoo.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    2a03:5f80:a::b212:e7a1 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)
inventory.vidazoo.com
Apex Domain
Subdomains		 Transfer
108 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 983
trc.taboola.com — Cisco Umbrella Rank: 571
15.taboola.com — Cisco Umbrella Rank: 1878
images.taboola.com — Cisco Umbrella Rank: 1580
vidstat.taboola.com — Cisco Umbrella Rank: 1885
imprammp.taboola.com — Cisco Umbrella Rank: 12723
am-match.taboola.com — Cisco Umbrella Rank: 13157
wf.taboola.com — Cisco Umbrella Rank: 2292
am-vid-events.taboola.com — Cisco Umbrella Rank: 12614
sync-t1.taboola.com — Cisco Umbrella Rank: 1241
sync.taboola.com — Cisco Umbrella Rank: 725
pips.taboola.com — Cisco Umbrella Rank: 1788
cds.taboola.com — Cisco Umbrella Rank: 1006
10 MB
62 refinancegold.com
refinancegold.com — Cisco Umbrella Rank: 214974
3 MB
15 vidazoo.com
static.vidazoo.com — Cisco Umbrella Rank: 2636
bisdr.vidazoo.com — Cisco Umbrella Rank: 2890
wserversa1.vidazoo.com — Cisco Umbrella Rank: 8949
inventory.vidazoo.com — Cisco Umbrella Rank: 3284
444 KB
12 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
ad.doubleclick.net — Cisco Umbrella Rank: 167
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
162 KB
10 googlesyndication.com
98ecca07078037d40793578d91284b17.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
49 KB
7 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2040
test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 5726
audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 9863
288 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com — Cisco Umbrella Rank: 2
2 KB
7 gstatic.com
fonts.gstatic.com
201 KB
6 google.de
adservice.google.de — Cisco Umbrella Rank: 9027
www.google.de — Cisco Umbrella Rank: 6342
2 KB
5 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 917
eus.rubiconproject.com — Cisco Umbrella Rank: 512
token.rubiconproject.com — Cisco Umbrella Rank: 593
pixel.rubiconproject.com — Cisco Umbrella Rank: 288
11 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
5 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 469
3 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 263
40 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 265
660 B
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
793 B
3 tremorhub.com
taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3206
547 B
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 129
2 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 269
634 B
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 829
cms.quantserve.com — Cisco Umbrella Rank: 927
10 KB
2 btloader.com
btloader.com — Cisco Umbrella Rank: 993
api.btloader.com — Cisco Umbrella Rank: 1201
7 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
74 KB
2 bootstrapcdn.com
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 2660
70 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 770
346 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
38 KB
1 profitor.com
trk.profitor.com — Cisco Umbrella Rank: 41221
497 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 99
15 KB
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1221
940 B
1 upapi.net
mrb.upapi.net — Cisco Umbrella Rank: 18837
607 B
276 29
Domain Requested by
62 refinancegold.com refinancegold.com
cdn.taboola.com
35 images.taboola.com vidstat.taboola.com
25 cdn.taboola.com refinancegold.com
cdn.taboola.com
vidstat.taboola.com
17 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
9 static.vidazoo.com refinancegold.com
static.vidazoo.com
7 imprammp.taboola.com refinancegold.com
vidstat.taboola.com
7 15.taboola.com cdn.taboola.com
7 fonts.gstatic.com fonts.googleapis.com
6 www.google.com 1 redirects refinancegold.com
tpc.googlesyndication.com
6 securepubads.g.doubleclick.net refinancegold.com
securepubads.g.doubleclick.net
98ecca07078037d40793578d91284b17.safeframe.googlesyndication.com
www.googletagservices.com
5 quantcast.mgr.consensu.org refinancegold.com
quantcast.mgr.consensu.org
5 www.google.de refinancegold.com
5 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
5 fonts.googleapis.com refinancegold.com
4 sync.search.spotxchange.com 4 redirects
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 tpc.googlesyndication.com 98ecca07078037d40793578d91284b17.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
refinancegold.com
4 trc.taboola.com cdn.taboola.com
4 c.amazon-adsystem.com refinancegold.com
c.amazon-adsystem.com
3 bisdr.vidazoo.com static.vidazoo.com
3 x.bidswitch.net am-match.taboola.com
imprammp.taboola.com
3 sync-t1.taboola.com am-match.taboola.com
imprammp.taboola.com
3 match.adsrvr.org am-match.taboola.com
imprammp.taboola.com
3 taboola-supply-partners.tremorhub.com am-match.taboola.com
imprammp.taboola.com
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
refinancegold.com
2 wserversa1.vidazoo.com static.vidazoo.com
2 eus.rubiconproject.com imprammp.taboola.com
eus.rubiconproject.com
2 ups.analytics.yahoo.com 2 redirects
2 sync.taboola.com am-match.taboola.com
2 am-vid-events.taboola.com vidstat.taboola.com
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 98ecca07078037d40793578d91284b17.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.googletagmanager.com refinancegold.com
www.googletagmanager.com
2 netdna.bootstrapcdn.com refinancegold.com
netdna.bootstrapcdn.com
1 inventory.vidazoo.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 pixel.rubiconproject.com eus.rubiconproject.com
1 token.rubiconproject.com eus.rubiconproject.com
1 secure-assets.rubiconproject.com 1 redirects
1 cms.quantserve.com 1 redirects
1 audit-tcfv2.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 test.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 rules.quantcount.com secure.quantserve.com
1 www.googletagservices.com 98ecca07078037d40793578d91284b17.safeframe.googlesyndication.com
1 secure.quantserve.com quantcast.mgr.consensu.org
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 trk.profitor.com refinancegold.com
1 api.btloader.com mrb.upapi.net
1 www.googleadservices.com www.googletagmanager.com
1 ad-delivery.net refinancegold.com
1 ad.doubleclick.net refinancegold.com
1 btloader.com refinancegold.com
1 mrb.upapi.net 1 redirects
276 57
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-10 -
2022-06-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2021-12-25 -
2022-03-25		 3 months crt.sh
*.profitor.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
quantcast.mgr.consensu.org
Amazon		 2021-04-24 -
2022-05-23		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.tremorhub.com
Amazon		 2021-06-27 -
2022-07-26		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.vidazoo.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-01 -
2023-02-01		 a year crt.sh

This page contains 16 frames:

Primary Page: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Frame ID: CF19B17C4C89101A411E9615A6DF9D71
Requests: 238 HTTP requests in this frame

Frame: https://98ecca07078037d40793578d91284b17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DA345429FC0BA6CF0F09B5EAAB3419E2
Requests: 1 HTTP requests in this frame

Frame: https://98ecca07078037d40793578d91284b17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7FDD4ACA0A80DAD9758D56AE283B2177
Requests: 5 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=FF60907FAA337659251818599328&cicmp=1337627&cijs=1&dast=V7cBICFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHG0ajDZaD3YzB4Gx2s9VyMhpNFoPhYDKYLWFiFovFaLhajcaaxWIxmsxWwykYbOFzurvboIGm0-Fz3eslL5vT7rB7XD6_2WTX-N1-OQAAAAA8ABC1REPs-Da0RwAAAABI8IxcK1AEVPxbCFwAAAAAYAAQiIVrAEBxFLDfaHf5AwDgQQEEAEAAIwTg7yhBBAAAAGAEAAAAgARAILGwBMDhbtEEACDAb7ybevMEAADgoE7maZvl____PwYg771JBoAibePGoAfgwQfgQQgAAOBjiJUERGTa_QydqGC0iBEAAABAbvWm6dGkTqgsqv7___-tAK4AAAL8xrupmbNuTopZwwAAAADGFuhh8fvNDrvG73bZ_________7_Z_xkAmhCU8GNaEAOKvRrPyLXC2i8gAADbuwEAvAnAxRyAHQAAAMDd____fx4AAIDNHiXbazWePcp6n8EWPqe7u34TthitJpPNcjhbLiaD4Wg4Gu1PIIcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkM8qDqXzufVqXgwH5dzX3vw8SGGq7lksZkrVqu5YjZbJQAAAAAAAACAJUyZNwEAAAA4DWI2m-x2K2682TNBrNVqWQMAAABw60YO!&excid=22&tst=1&docw=0&cs=false
Frame ID: D580B08C7D1F9CBAB80ED0C4135C12C9
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=B2BF9B323A683368741027006191&cicmp=1337627&cijs=1&dast=V74k0CFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHEKZ0JgTzmSzoA03m9lwt5kMRqPVYrTbTJYwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbdBA0-nwue71kpfNaXfYPS6f32yya_xuvxwAAAAAHgCIWqIhdnwb2iMAAAAAJHhGrhUoAir-LQQuAAAAADAACMTCNQCgOArYb7S7_AEA8KAAAgAggBEC8He0IAIAAAAwAgAAAEACIJBYWALgcLdoAgAQ4DfeTU17AgAAcFAn87TN8v___x8DkPfeJANAkbZxY9AD8OAD8CAEAADwMYQY-eX4KsZhTVSAWMQIAAAAILd60_RoUidUFlX_____VgBXAAABfuPd1NJZNyfFrGEAAAAAYwv0sPj9Zodd43e77P_________f7P8MAE0ISvgxLYgBxV6NZ-RaYe0XEACA7d0AAN4E4GIOwA4AAADg7v___z8PAAAAaY-S7bUazx5lvc9gC5_T3V2_CVuMVpPJZjmcLReTwXA0HI32J5DDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhHlSdS-fz6lQ8mI_Lua89-PgQw9VcstjMFavVXDGbrRIAAAAAAAAAwBKmzJsAAAAAnAYxm012uxU33uyZINZqtawBAAAAuHUjBw!&excid=22&tst=1&docw=0&cs=false
Frame ID: DE39D3E3E0A537046EAEAB4E8F8AF45E
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=B2BF9B323A68336870875791817&cicmp=1337627&cijs=1&dast=V7bjICFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHEKZ0JgTzmSzoA03m9lwtlxsJqPhYjHYbJYwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbdBA0-nwue71kpfNaXfYPS6f32yya_xuvxwAAAAAHgCIWqIhdnwb2iMAAAAAJHhGrhUoAir-LQQuAAAAADAACMTCNQCgOArYb7S7_AEA8KAAAgAggBEC8He0IAIAAAAwAgAAAEACIJBYWALgcLdoAgAQ4DfeTU17AgAAcFAn87TN8v___x8DkPfeJANAkbZxY9AD8OAD8CAEAADwMSTYVUvrU_ErTVSAWMQIAAAAILd60_RoUidUFlX_____VgBXAAABfuPd1NJZNyfFrGEAAAAAYwv0sPj9Zodd43e77P_________f7P8MAE0ISvgxLYgBxV6NZ-RaYe0XEACA7d0AAN4E4GIOwA4AAADg7v___z8PAABAa4-S7bUazx5lvc9gC5_T3V2_CVuMVpPJZjmcLReTwXA0HI32J5DDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhHlSdS-fz6lQ8mI_Lua89-PgQw9VcstjMFavVXDGbrRIAAAAAAAAAwBKmzJsAAAAAnAYxm012uxU33uyZINZqtawBAAAAuHUjBw!&excid=22&tst=1&docw=0&cs=false
Frame ID: 3BC997852DF457806C853DD53BF5AC15
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 84881568F77186CC2D42206FE866B864
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F01202F2244A7E8C261B00E4FB29BCD2
Requests: 2 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8066395&crid=4976685&dast=V7VgkCFgPmq1iO469BoATmq1iO469BoAUAAAAGBuIHG7UZrFakFYW12SyWq-VstFgtl5PhZDIcDEGjNoPVirSisDabxXK1nG0my8FwMhiOJlM4Gbtb45i71RqjW2M6u9USPlvC2LPVElJbM1uu1WoRW60WsdgQh6bT4XPd6yUvm9PusHtcPr_ZZNf43X6x6_i6PN9ip83l1pyeZ5df9HLZHT6XW-e0nN1Cv-fwND3MTuvL5Jb4LQ636OVwSxxms-etMft9Pqfd59ac_m6Hx-iW-31v3d9yebpMdgAAAAB4AFiCb4H4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAoMO7UAIDiKGC_0e7yBwDAgwIIAIAABgnAAF9rCYCFbPMJAAAAAAAAAADL____fwzAXsWWDIDGYEgPwIMPwANRAWkRIwAAAIDc6k3To0mdUFlUAQAQpFsBXAEABPiNd1NHhgEAAAiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEo4ce0IAYUe7VfQACAtV9AAAA2dQMAeBOACzqCVgwGqzOg5WazWc0OAAAA4O7___9fD0RcloVvMpp5bB7jYmJZjgwb38hm2Zh2y4Vz4rFtj4SraT3Yrymp72Tsbo1j7lZrjG6N6exWS_hsCWPPVktIbc1suVarRWy1WsSi34QtRqvJZLMczpaLyWA4Go5G-xPI4QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFi5tvYJrvRWjUyDdaiyWrkVm5sjrVyYZmYLCbPcLOauUWvj-k4czknvuEWBQPk9iK4SCd6t89zep2cfs9b8rI57Q67x-Xzm00WsURzskgnssu-4rIsfJPRzGPzGBcTy3Jk2PhGNsvGtFsunBOPbd-Y-Ta2yW60Vo1Mg7Voshq5lRubY61cWCYmi8kz3KxmbtHrYzrOXM6Jb7hvzEaj1WAw2k32jdlotBoMRrvJvkNn-K4-Z6O5em54bNrQudqtzswHhctg8f4kpsW0OzuYTr6j0-UVJos6o-_6PXoNCs_Bo_r4ps-Mbdyw1nrPheNgUMQSwekinYhextNFLJE8LdKJcuNyWFY2i2E5Ms0Gu-FgNFwYZoblyLDxLGfLwUQsUZou0ole7Dq-Ls-32GlzuTWn59nlF71cdofP5dY5LWe30O85PE0Ps9P6MrklfovDLXo53BKH2ex5a8x-n89p97k1p7_b4TG65X7fW_e3XJ4uk0X9x4cYruaSxWauWK3mitlslQAAAAAAAAAAljBn3gQAAADgNJDJcDVZLRcA4tZeFxgEAAAAAABg2E56_H7ddTb7-3XX2ezvd-xujWPuVmuMbo3p7FZL-GwJY89WS0htzWy5VqtFbLVaxOL3a57dYuSxjdyCiW_hFm0GK7fCt1yuZSuPYbKbrCa2mXPfL7H4_ZLL8zX9Df9-YzYarQaD0W6xY4x3-zyn18np97wlL5vT7rB7XD6_2WRlgAfMeebNnglirVbLGgAAQAAbAAAggFs3bwHnVRwAAECAHA!&cmcv=&pix=undefined&cb=1644500473399&uv=3119&tms=1644500473399&abt=adh5c-1_vA!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!mprdctdt6_vA!pblc_vE!smbs!spa2_vA!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=5305E4EB5331959641599282280&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 3FA41FFB380CEAD2A27BEC9A57E9E0CF
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7VgkCFgPmq1iO469BoATmq1iO469BoAUAAAAGBuIHG7UZrFakFYW12SyWq-VstFgtl5PhZDIcDEGjNoPVirSisDabxXK1nG0my8FwMhiOJlM4Gbtb45i71RqjW2M6u9USPlvC2LPVElJbM1uu1WoRW60WsdgQh6bT4XPd6yUvm9PusHtcPr_ZZNf43X6x6_i6PN9ip83l1pyeZ5df9HLZHT6XW-e0nN1Cv-fwND3MTuvL5Jb4LQ636OVwSxxms-etMft9Pqfd59ac_m6Hx-iW-31v3d9yebpMdgAAAAB4AFiCb4H4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAoMO7UAIDiKGC_0e7yBwDAgwIIAIAABgnAAF9rCYCFbPMJAAAAAAAAAADL____fwzAXsWWDIDGYEgPwIMPwANRAWkRIwAAAIDc6k3To0mdUFlUAQAQpFsBXAEABPiNd1NHhgEAAAiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEo4ce0IAYUe7VfQACAtV9AAAA2dQMAeBOACzqCVgwGqzOg5WazWc0OAAAA4O7___9fD0RcloVvMpp5bB7jYmJZjgwb38hm2Zh2y4Vz4rFtj4SraT3Yrymp72Tsbo1j7lZrjG6N6exWS_hsCWPPVktIbc1suVarRWy1WsSi34QtRqvJZLMczpaLyWA4Go5G-xPI4QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFi5tvYJrvRWjUyDdaiyWrkVm5sjrVyYZmYLCbPcLOauUWvj-k4czknvuEWBQPk9iK4SCd6t89zep2cfs9b8rI57Q67x-Xzm00WsURzskgnssu-4rIsfJPRzGPzGBcTy3Jk2PhGNsvGtFsunBOPbd-Y-Ta2yW60Vo1Mg7Voshq5lRubY61cWCYmi8kz3KxmbtHrYzrOXM6Jb7hvzEaj1WAw2k32jdlotBoMRrvJvkNn-K4-Z6O5em54bNrQudqtzswHhctg8f4kpsW0OzuYTr6j0-UVJos6o-_6PXoNCs_Bo_r4ps-Mbdyw1nrPheNgUMQSwekinYhextNFLJE8LdKJcuNyWFY2i2E5Ms0Gu-FgNFwYZoblyLDxLGfLwUQsUZou0ole7Dq-Ls-32GlzuTWn59nlF71cdofP5dY5LWe30O85PE0Ps9P6MrklfovDLXo53BKH2ex5a8x-n89p97k1p7_b4TG65X7fW_e3XJ4uk0X9x4cYruaSxWauWK3mitlslQAAAAAAAAAAljBn3gQAAADgNJDJcDVZLRcA4tZeFxgEAAAAAABg2E56_H7ddTb7-3XX2ezvd-xujWPuVmuMbo3p7FZL-GwJY89WS0htzWy5VqtFbLVaxOL3a57dYuSxjdyCiW_hFm0GK7fCt1yuZSuPYbKbrCa2mXPfL7H4_ZLL8zX9Df9-YzYarQaD0W6xY4x3-zyn18np97wlL5vT7rB7XD6_2WRlgAfMeebNnglirVbLGgAAQAAbAAAggFs3bwHnVRwAAECAHA!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: EFBC57870000292A1E8191534D0B4D09
Requests: 6 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=2F5879A30344536082129966824&cicmp=1337627&cijs=1&dast=V70nQCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGzJjDXfLBWewGY1Wm9lgtxhuhsPRcjFcLmFiFovFaLhajcaaxWIxmsxWwykYbOFzurvboIGm0-Fz3eslL5vT7rB7XD6_2WTX-N1-OQAAAAA8ABC1REPs-Da0RwAAAABI8IxcK1AEVPxbCFwAAAAAYAAQiIVrAEBxFLDfaHf5AwDgQQEEAEAAIwTg74hFBAAAAGAEAAAAgARAILGwBMDhbtEEACDAb7ybWv0EAADgoE7maZvl____PwYg771JBoAibePGoAfgwQfgQQgAAOBjSOnrqNw2QxmBqEC0iBEAAABAbvWm6dGkTqgsqv7___-tAK4AAAL8xruro7JuTopZwwAAAADGFuhh8fvNDrvG73bZ_________7_Z_xkAmhCU8GNaEAOKvRrPyLXC2i8gAADbuwEAvAnAxRyAHQAAAMDd____fx4AAIDOHiXbazWePcp6n8EWPqe7u34TthitJpPNcjhbLiaD4Wg4Gu1PIIcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkM8qDqXzufVqXgwH5dzX3vw8SGGq7lksZkrVqu5YjZbJQAAAAAAAACAJUyZNwEAAAA4DWI2m-x2K2682TNBrNVqWQMAAABw60YO!&excid=22&tst=1&docw=0&cs=false
Frame ID: 6C8A5A95AC6A44E0D4BBFC640A628625
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7VgkCFgPmq1iO469BoATmq1iO469BoAUAAAAGBuIHG7UZrFakFYW12SyWq-VstFgtl5PhZDIcDEGjNoPVirSisDabxXK1nG0my8FwMhiOJlM4Gbtb45i71RqjW2M6u9USPlvC2LPVElJbM1uu1WoRW60WsdgQh6bT4XPd6yUvm9PusHtcPr_ZZNf43X6x6_i6PN9ip83l1pyeZ5df9HLZHT6XW-e0nN1Cv-fwND3MTuvL5Jb4LQ636OVwSxxms-etMft9Pqfd59ac_m6Hx-iW-31v3d9yebpMdgAAAAB4AFiCb4H4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAoMO7UAIDiKGC_0e7yBwDAgwIIAIAABgnAAF9rCYCFbPMJAAAAAAAAAADL____fwzAXsWWDIDGYEgPwIMPwANRAWkRIwAAAIDc6k3To0mdUFlUAQAQpFsBXAEABPiNd1NHhgEAAAiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEo4ce0IAYUe7VfQACAtV9AAAA2dQMAeBOACzqCVgwGqzOg5WazWc0OAAAA4O7___9fD0RcloVvMpp5bB7jYmJZjgwb38hm2Zh2y4Vz4rFtj4SraT3Yrymp72Tsbo1j7lZrjG6N6exWS_hsCWPPVktIbc1suVarRWy1WsSi34QtRqvJZLMczpaLyWA4Go5G-xPI4QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFi5tvYJrvRWjUyDdaiyWrkVm5sjrVyYZmYLCbPcLOauUWvj-k4czknvuEWBQPk9iK4SCd6t89zep2cfs9b8rI57Q67x-Xzm00WsURzskgnssu-4rIsfJPRzGPzGBcTy3Jk2PhGNsvGtFsunBOPbd-Y-Ta2yW60Vo1Mg7Voshq5lRubY61cWCYmi8kz3KxmbtHrYzrOXM6Jb7hvzEaj1WAw2k32jdlotBoMRrvJvkNn-K4-Z6O5em54bNrQudqtzswHhctg8f4kpsW0OzuYTr6j0-UVJos6o-_6PXoNCs_Bo_r4ps-Mbdyw1nrPheNgUMQSwekinYhextNFLJE8LdKJcuNyWFY2i2E5Ms0Gu-FgNFwYZoblyLDxLGfLwUQsUZou0ole7Dq-Ls-32GlzuTWn59nlF71cdofP5dY5LWe30O85PE0Ps9P6MrklfovDLXo53BKH2ex5a8x-n89p97k1p7_b4TG65X7fW_e3XJ4uk0X9x4cYruaSxWauWK3mitlslQAAAAAAAAAAljBn3gQAAADgNJDJcDVZLRcA4tZeFxgEAAAAAABg2E56_H7ddTb7-3XX2ezvd-xujWPuVmuMbo3p7FZL-GwJY89WS0htzWy5VqtFbLVaxOL3a57dYuSxjdyCiW_hFm0GK7fCt1yuZSuPYbKbrCa2mXPfL7H4_ZLL8zX9Df9-YzYarQaD0W6xY4x3-zyn18np97wlL5vT7rB7XD6_2WRlgAfMeebNnglirVbLGgAAQAAbAAAggFs3bwHnVRwAAECAHA!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 7CCCA5D8D83A010A95503F1FC07C58DD
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: CD025E1EFE6B6D273FCE2998BBE1445F
Requests: 4 HTTP requests in this frame

Frame: https://static.vidazoo.com/basev/1.0.660/prebid/prebid.js
Frame ID: 859659EAC3AAB7F3FD0F57E68C0D50FF
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=D98CA950535023729118539830&cicmp=1337627&cijs=1&dast=V7MJACFgNp71jlBvbagQRp71jlBvbagQUAAAAGBugHG8QcbhjM1WC1WQ0mm91kuFjudsPdZDRaTsFgC5_T3d0GDTSdDp_rXi952Zx2h93j8vnNJrvG7_bLAQAAAOABgKglGmLHt6E9AgAAAECCZ-RagSKg4t9C4AIAAAAAA4BALFwDAIqjgP1Gu8sfAAAPCiAAAAIYJAACiYUlAA53iycAAAAHdTJP2yz_____MQB5700yABRpGzcGPQAPPgAPQgAAAB9DeBVGulx0acFEBZBFjAAAAAByqzdNjyZ1QmVR9f___28FcAUAEOA33s2elXVzUswaBgAAADC2QA-L32922DV-t8v-_________83-zwDQhKCEH9OCGFDs1XhGrhXWfgEBANjeDQDgTQAu5gDsAAAAAO7-____8wAAAE72KNleq_HsUdb7DLbwOd3d9ZuwxWg1mWyWw9lyMRkMR8PRaH8CORzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiJMLEarxczkWQsni91aNLFt1hLjcLFWGVeOyXI1mG0ms7Xo9TEdZy7nxLec4sF8XM597cHHhxiu5pLFZq5YreaK2WyVAAAAAAAAAACWMGXeBAAAAOA0iNlsstutuPFmzwSxVqtlDQAAAMCtGzk!&excid=22&tst=1&docw=0&cs=false
Frame ID: 8C983B1D5560F91E88B989E1EEBD747F
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=38A4EAB73B356512481301518731&cicmp=1337627&cijs=1&dast=V7N2oCFgNp71jlBvbagQRp71jlBvbagQUAAAAGBugHHDNckFYMCm8z4axmq8VktJssRqPdaLYYbaZgsIXP6e5ugwaaTofPda-XvGxOu8Pucfn8ZpNd43f75QAAAADwAEDUEg2x49vQHgEAAAAgwTNyrUARUPFvIXABAAAAgAFAIBauAQDFUcB-o93lDwCABwUQAAABDBIAgcTCEgCHu8UTAACAgzqZp22W_____xiAvPcmGQCKtI0bgx6ABx-AByEAAICPoUyDnrAKdN9NogLDIkYAAAAAudWbpkeTOqGyqPr___-3ArgCAAjwG-9mp8q6OSlmDQMAAAAYW6CHxe83O-wav9tl__________9m_2cAaEJQwo9pQQwo9mo8I9cKa7-AAABs7wYA8CYAF3MAdgAAAAB3_____3kAAAA9e5Rsr9V49ijrfQZb-Jzu7vpN2GK0mkw2y-FsuZgMhqPhaLQ_gRwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0RJhaj1WJm8qyFk8VuLZrYNmuJcbhYq4wrx2S5Gsw2k9la9PqYjjOXc-JbTvFgPi7nvvbg40MMV3PJYjNXrFZzxWy2SgAAAAAAAAAAS5gybwIAAABwGsRsNtntVtx4s2eCWKvVsgYAAADg1o0c!&excid=22&tst=1&docw=0&cs=false
Frame ID: 42C85A842DF182562115E0D3904CB729
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

A Teenage Girl was Hospitalized for Having Boba Tea Balls Clogging Her Stomach and Now We're Worried! - Refinance GoldGroup 3Group 3Group 3

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

276
Requests

96 %
HTTPS

54 %
IPv6

29
Domains

57
Subdomains

43
IPs

4
Countries

14681 kB
Transfer

23349 kB
Size

34
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54
  • https://mrb.upapi.net/code?w=5763896778424320&uponit=true HTTP 302
  • https://btloader.com/tag?o=5763896778424320&upapi=true
Request Chain 84
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1644500472021&ns_c=UTF-8&cv=3.5&c8=A%20Teenage%20Girl%20was%20Hospitalized%20for%20Having%20Boba%20Tea%20Balls%20Clogging%20Her%20Stomach%20and%20Now%20We%27re%20Worried!%20-%20Refinance%20Gold&c7=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1644500472021&ns_c=UTF-8&cv=3.5&c8=A%20Teenage%20Girl%20was%20Hospitalized%20for%20Having%20Boba%20Tea%20Balls%20Clogging%20Her%20Stomach%20and%20Now%20We%27re%20Worried!%20-%20Refinance%20Gold&c7=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&c9=
Request Chain 100
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/427837493/?random=1644500472267&cv=9&fst=1644500472267&num=1&fmt=3&value=0&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&ig=1&data=event%3Dno_cpc%3Bevent_category%3Dcpc%3Bevent_label%3D%E2%80%8Etbv&frm=0&url=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&tiba=A%20Teenage%20Girl%20was%20Hospitalized%20for%20Having%20Boba%20Tea%20Balls%20Clogging%20Her%20Stomach%20and%20Now%20We%27re%20Worried!%20-%20Refinance%20Gold&hn=www.googleadservices.com&async=1 HTTP 302
  • https://www.google.com/pagead/1p-user-list/427837493/?random=1644500472267&cv=9&fst=1644498000000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dno_cpc%3Bevent_category%3Dcpc%3Bevent_label%3D%E2%80%8Etbv&frm=0&url=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&tiba=A%20Teenage%20Girl%20was%20Hospitalized%20for%20Having%20Boba%20Tea%20Balls%20Clogging%20Her%20Stomach%20and%20Now%20We%27re%20Worried!%20-%20Refinance%20Gold&async=1&is_vtc=1&random=2290368450&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-user-list/427837493/?random=1644500472267&cv=9&fst=1644498000000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dno_cpc%3Bevent_category%3Dcpc%3Bevent_label%3D%E2%80%8Etbv&frm=0&url=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&tiba=A%20Teenage%20Girl%20was%20Hospitalized%20for%20Having%20Boba%20Tea%20Balls%20Clogging%20Her%20Stomach%20and%20Now%20We%27re%20Worried!%20-%20Refinance%20Gold&async=1&is_vtc=1&random=2290368450&resp=GooglemKTybQhCsO&ipr=y
Request Chain 202
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=1d1df594-8a77-11ec-8f9a-180e33a50406 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1d1df53a-8a77-11ec-8f9a-180e33a50406&orig=video&us_privacy=1---gdpr=1&
Request Chain 204
  • https://cms.quantserve.com/pixel/p-FyWrHAMskJyru.gif?idmatch=0&us_privacy=1---&gdpr=1&&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fquantcastrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=FoUr7hGCfeINgH29FIU27hHWKLoNhiniFYSEUZFP
Request Chain 212
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1d1df53a-8a77-11ec-8f9a-180e33a50406&orig=video&us_privacy=1---gdpr=1&
Request Chain 216
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1d1df53a-8a77-11ec-8f9a-180e33a50406&orig=video&us_privacy=1---gdpr=1&
Request Chain 218
  • https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58534/occ?verify=true HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-xlu7G5VE2uHMhWVx0N_5dLVna0vF3RV2CQJq_HU-~A
Request Chain 221
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

276 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
refinancegold.com/luxury-life-style/ 		96 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.11
Resource Hash
120ff362af44e4d2257f81ca571b596caffa4c8aa68f214a4cdae0a2338d407a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-type
text/html; charset=UTF-8
cf-ray
6db5c0e8ef1d910a-FRA
last-modified
Thu, 10 Feb 2022 13:36:20 GMT
link
<https://refinancegold.com/wp-json/>; rel="https://api.w.org/", <https://refinancegold.com/?p=55997>; rel=shortlink
vary
Accept-Encoding
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache-key
httpGETrefinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried:desktop:
x-cache-status
MISS
x-pingback
https://refinancegold.com/wp/xmlrpc.php
x-powered-by
PHP/7.3.11
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZBdjSj6Ls5nJ%2F8L6AzRB%2FeNJ%2FIlOCj1WADOPfAukPeQdFxRUnsc80R65nkFjYT8V%2FpgNfsxr79ve0VnTbxRw%2FXOqmUhpCU33nacSURNZC2I7vSmnoscSx09V%2Fz89%2FkdcoNvNYIAYpj33JqEnPuo5"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
styles.css
refinancegold.com/wp-content/plugins/contact-form-7/includes/css/ 		1 KB
973 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.6.1
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2810c25d2c5bb556a47609c0869ddc92d7df222eb58b5260bacd8ab798569ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55
cf-polished
origSize=1584
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 06 Nov 2016 11:23:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zb%2BAf27yJ0b8QW0MnCkElKrfw7XHIEXXgN82VzC%2B8oRSWVYRlARPeahFv7ayK%2BtGm%2B4uFXppA%2FUidrFPUX7qhrnXPff3CAMvVOgG%2BtA56q2PDcy%2B6YLW4TulbQf9wAB4CVkgRRICWguR7svcp9ij"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=600, public
cf-ray
6db5c0ea1a4e910a-FRA
expires
Thu, 10 Feb 2022 13:45:07 GMT
reset.css
refinancegold.com/wp-content/themes/devoe/css/ 		760 B
747 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp-content/themes/devoe/css/reset.css?ver=4.7.2
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97152508df33871d78e6d8595480ac6c5cf8f2feb1fc1ef7fd2ef7a0517810c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55
cf-polished
origSize=1076
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 18 Jun 2017 11:02:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5EXk1pS6uDd3pGX8rpc5tK3NeTpuWdLbpABtLEGmU0%2BcjWAtdPMSrTZ%2BIOGtBaxfeDILsgpk0ZUFcDSypxT%2FI4caCxSfTPCgTbCab7vBQHhVeT1bGbzj4DVYOmVG%2BbaMhuJPjBjM2BFFuxfyK%2BhW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=600, public
cf-ray
6db5c0ea1a54910a-FRA
expires
Thu, 10 Feb 2022 13:40:35 GMT
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.4.0/css/ 		32 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.css?ver=4.7.2
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e17416059f9e1ada9694ae457d869c6c2941d9da66c9e9ac5d725ab45b50d81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
718, 718
age
1396735
cdn-cachedat
2021-06-08 12:03:30
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
18a0a983a65a97eb1f423df55c427633
cf-ray
6db5c0ea3ce991d1-FRA
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
style.css
refinancegold.com/wp-content/themes/devoe-refinancegold/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp-content/themes/devoe-refinancegold/style.css?ver=4.7.2
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d4f4cde1c12b9a863c4d926bfdec83c3454e9cc289421b0b54dec9e29ce02c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55
cf-polished
origSize=10577
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 18 Jun 2017 11:02:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4pp0cyjQygsnWknEPjdunJmt60TjeM633zsV2fcH%2FADdprfWUmyPms959dHWLCr2GAh1vR2d0RmgSNZB8ccB84dioQUuaAqRJdx7XVlBdPFbhQVdjXv2HpumWdk553DMAHPpi8qKmBviAJJSC1c"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=600, public
cf-ray
6db5c0ea1a55910a-FRA
expires
Thu, 10 Feb 2022 13:40:57 GMT
media-queries.css
refinancegold.com/wp-content/themes/devoe/css/ 		37 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp-content/themes/devoe/css/media-queries.css?ver=4.7.2
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a5102012bb51c0aebff9a62452465fb242d5a175e17bdce5862622087a78cc1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55
cf-polished
origSize=51307
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 18 Jun 2017 11:02:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtinmGY0ZoS0NX6CYIJJ%2BXkcJB750%2FxbHYJoVGLI%2B%2FzfwpAs4VodUJ71e3CzGtn5t8m5bw8wQ6lVPCWrBWCpaMsh2%2BUhwPTk3%2B9lnC4s4U7UDeNJaz3V6fF4Ht80C46SYJyCKbjsuqm6E1%2FXXM2G"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=600, public
cf-ray
6db5c0ea1a59910a-FRA
expires
Thu, 10 Feb 2022 13:45:35 GMT
css
fonts.googleapis.com/ 		16 KB
1002 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:400,700|Open+Sans:300,400,600,700,800
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5a78d686f9f2df6cf037bd2f8d264f7fe20e0d44e686f61cdd1a2edc377519ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 11:57:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 10 Feb 2022 13:41:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Feb 2022 13:41:11 GMT
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%7COpen%2BSans%3A300%2C400%2C600%2C700%2C800%26subset%3Dlatin%2Clatin-ext&ver=1.0.0
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a5628efbf02460d323fd28c0a5cbaabb6097a924c158db1523a18292809691e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 13:07:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 10 Feb 2022 13:41:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Feb 2022 13:41:11 GMT
/
refinancegold.com/ 		99 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/?display_custom_css=css&ver=4.7.2
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.11
Resource Hash
4632873c3450cce9db388b030d144e33d3f7e3b8175aaf837008f2cb20acf670

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1535
x-cache-key
httpGETrefinancegold.com/:phone:
x-powered-by
PHP/7.3.11
x-cache-status
MISS
x-pingback
https://refinancegold.com/wp/xmlrpc.php
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 10 Feb 2022 12:44:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xRCvfLwgb4chmU7pQM%2B2zYzaQUD9YudLFF6VaPUWy4BnUH7cS3Qp83uo37Zrj%2Fb4omRxqoViiwYGCRHKQQzJ8wH5TkB6eAl6hmBFRurCGUTpqHnaB%2BgdQsoYwQxJpicCRhf0ndKlTM4pWLpFxPW"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
6db5c0ea1a5c910a-FRA
link
<https://refinancegold.com/wp-json/>; rel="https://api.w.org/", <https://refinancegold.com/>; rel=shortlink
jquery.js
refinancegold.com/wp/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 26 Jan 2017 18:32:19 GMT
server
cloudflare
etag
W/"588a40b3-17ba0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xERa1xIzlfvc2SJb61jnjPYKCZL1nBvjv4D0ZxQSZNK4bXxyA3OUY%2F3CkmA4DPdJ2FA1lhi98tLDLqlrrxdmG%2FCEgooZ3EKOuzem1GmxBwkOPr4%2Fv1DoX1RCJQVaDt5mOoWVGi9Bc1Cc957twDX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=600, public
cf-ray
6db5c0ea1a63910a-FRA
expires
Thu, 10 Feb 2022 13:41:23 GMT
jquery-migrate.min.js
refinancegold.com/wp/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 26 Jan 2017 18:32:19 GMT
server
cloudflare
etag
W/"588a40b3-2748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fsVh0fHmq1eVOe217wOmVzxYa2vlCXv5ZmHvwIe64X%2B4JSIgkCYH7PjudK6zoaRh8peKCee2hRbzUAYc7DeEXRgTbzeuAYi7zfRGhApRVvZQn8GN9txMr1VADmHwrMagcsHqPnpDu0DBFGqLZYLV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=600, public
cf-ray
6db5c0ea1a64910a-FRA
expires
Thu, 10 Feb 2022 13:40:16 GMT
advanced.js
refinancegold.com/wp-content/plugins/advanced-d/public/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp-content/plugins/advanced-d/public/assets/js/advanced.js?ver=1.9
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee6700679f12efb4bede0842985cfda0b26eac03eaba5b03cddb64829f23e992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 06 Sep 2018 07:19:09 GMT
server
cloudflare
etag
W/"5b90d4ed-1a66"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZY19J5Lr0NESJel5%2BHQSo%2Bvpe7QnXgd%2FPrEFba%2F4akIuRvkQhaDyNoYHzXT%2B8Xua4XoP1ohgmlDkUR%2Fz3xAvVxVrADQqCe7hMG3jLCEyth6ZTnEaWqDfK%2Bnw8vvZGj5KtLOuEkG20El%2BEBP%2FhL2U"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=600, public
cf-ray
6db5c0ea1a67910a-FRA
expires
Thu, 10 Feb 2022 13:44:49 GMT
script.js
refinancegold.com/wp-content/plugins/advanced-ads-responsive/public/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp-content/plugins/advanced-ads-responsive/public/assets/js/script.js?ver=1.8
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5841eb6d1895c740317d98a4cd9e5aeced865f5c50182647401afc3d303367e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 06 Sep 2018 07:23:47 GMT
server
cloudflare
etag
W/"5b90d603-b92"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mMEIEU4kBt8qCnsCQZ90CBG0A6i3FLXqc132LjszKSzrxRT%2FA3K5ZrninpvR4jsTz%2BwDs457YErtZBgO7FBvD7OnOQUf2hgKO74oELiEIcis6uE%2FRkCbIXcn7O9OgHAm8QXtfZe1PpfrRf0uCvI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=600, public
cf-ray
6db5c0ea1a6b910a-FRA
expires
Thu, 10 Feb 2022 13:44:49 GMT
header_script.js
refinancegold.com/wp-content/plugins/omg-ab-testing/js/ 		741 B
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp-content/plugins/omg-ab-testing/js/header_script.js?ver=1644500180
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a829de87d087e2ed0fd6212afdef1ffba129570de8a57ce6023458aafee7d2d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 18 Jun 2017 11:02:37 GMT
server
cloudflare
etag
W/"59465dcd-2e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WoSukZWg4UhmcbOJLXltUYrmymVgCrPk7BAoQo1DHQO2UnF%2FJPzr17MjAWvi9FbZ5eqO02yqE2laMTCHsX2nioM0z7RxuXVA4jk31O8qIfOof4Du1TJJ3P8yhvxJT%2F%2F1Rto5zgEOXBiS1qxk2tSS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=600, public
cf-ray
6db5c0ea2a6c910a-FRA
expires
Thu, 10 Feb 2022 13:47:07 GMT
cfp.min.js
refinancegold.com/wp-content/plugins/advanced-d-pro/modules/click-fraud-protection/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp-content/plugins/advanced-d-pro/modules/click-fraud-protection/assets/js/cfp.min.js?ver=2.2
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
754970eaac11fed3c9d4af1cd0c433507dc6886aa484c4530d17b3d6c73d1b1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 06 Sep 2018 07:22:25 GMT
server
cloudflare
etag
W/"5b90d5b1-f2e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQ330HHxYbBtEouqOtttI4HFcXgCepXhrFp5FFwi0LqPsrrxH1NjsAeWnR73G9Gyq%2FZBslzPFSTB%2F3%2Bb8N1MI86vhZosxCLRPtuYZUB5HnOiHw7bxd7URdZlSNZw9%2B7mGna9slbpu6%2B%2Br3MYfXsQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=600, public
cf-ray
6db5c0ea2a6f910a-FRA
expires
Thu, 10 Feb 2022 13:42:37 GMT
base.min.js
refinancegold.com/wp-content/plugins/advanced-d-pro/modules/cache-busting/inc/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp-content/plugins/advanced-d-pro/modules/cache-busting/inc/base.min.js?ver=2.2
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac1536aea35ab05c539a51b3a46d50931a2970ec90e881b2fe3d0dbd02b80ba7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 06 Sep 2018 07:22:35 GMT
server
cloudflare
etag
W/"5b90d5bb-101ca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpWCGDMI61u94n2Sp%2BhgRBjTa5IF9p7hNqydiseCbQCUAGNjmEvc608PFxWqGgc%2Biytaddmd5CUjrUojzHR0PS4WQIDMJUKE4prUz9Sx%2FymNt0TV%2FM1377aq01A5LKBptZGspo68LT0pJKa%2F%2BBv3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=600, public
cf-ray
6db5c0ea2a7b910a-FRA
expires
Thu, 10 Feb 2022 13:49:10 GMT
css
fonts.googleapis.com/ 		51 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Oswald:100,200,300,400,400italic,500,600,700,700italic,800,900|PT+Serif:100,200,300,400,400italic,500,600,700,700italic,800,900|Open+Sans:100,200,300,400,500,600,700,800,900&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83ea2a9d9e3c396128b36dc836e591a8c6d37cc1070ce0ad8b538a3289ffeb19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 12:02:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 10 Feb 2022 13:41:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Feb 2022 13:41:11 GMT
s.js
refinancegold.com/wp-content/js/ 		204 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp-content/js/s.js
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fc4119707275d9baa26949bee0f7b404c9bdaa81542c9bd465bddb1fe6f45de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 10 Feb 2022 09:50:07 GMT
server
cloudflare
etag
W/"6204dfcf-32ecd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKx9R%2BDW4n7N6P5Td8rkDbAx1pUHOh5OpIBrygahIuWfdfLBaxGLBHqGRVK%2B6WVZ4ve1uVpWXBWBTG2PuXWsR0WTPXrgXgB8vbQ%2BCiFxs6KELcFleSDDFlNo0RU78AHZkhu8E7zhIq8ozQTLVG9T"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=600, public
cf-ray
6db5c0ea2a7d910a-FRA
expires
Thu, 10 Feb 2022 13:42:15 GMT
fsDevoe.css
refinancegold.com/wp-content/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp-content/css/fsDevoe.css
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b850b5f71a170e618493679f8994bdd376ed18f5a2d57f3127df1a911776649

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55
cf-polished
origSize=32389
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 28 Jun 2021 13:22:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dx0t1K7mJ59ZKijpuC5Pl2oCA%2FvuF%2BW3YIWWn%2FrFYVfLmxnW1AovS%2BLHPxgFybEcNeZEXR9ScNWY%2FJSf44qp26og9hr1C2qW%2FIR%2BiMeWaxWjQNuFOaEyzgPTi%2BOn69q5wcRGMbigoQTMPHmLK6mx"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=600, public
cf-ray
6db5c0ea1a69910a-FRA
expires
Thu, 10 Feb 2022 13:49:36 GMT
header.js
refinancegold.com/wp-content/js/ 		298 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp-content/js/header.js
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f82f91be376838eac98e0c16c2435a50537b748bcf054b73ab7a385457733b5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 08 Feb 2022 11:16:04 GMT
server
cloudflare
etag
W/"620250f4-4a723"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrhGMxKj%2BrKzy5YrynNeOBfuSwP2BgDxqb%2FDdeoTUGRR4NQfKtRD3Wyw9F94i3zAZvvoE56MFcjHOD1mhqibolPHal3MB3YtL%2FsTaAik2LPD7lULg2FisXO8GY5J1faYd56UwSN%2BlKEPwQYe%2Bygs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=600, public
cf-ray
6db5c0eb2d46910c-FRA
expires
Thu, 10 Feb 2022 13:49:27 GMT
api.js
refinancegold.com/cdn-cgi/bm/cv/669835187/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gR4JhwDF3SEfcuaoMIOQO6AjFyw0Ro61sKTdIaV%2FYq4rveDVi2wI2kBiXs01%2FgWGN%2Bgqm%2B6HbJYrKnHDHv4DaP8W03MQaSiKjDoVYkkQsz9As21Zju1HdOzaE1Ow7QfVgqT1c4yxhCjS5mKnySSY"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
6db5c0eb2d47910c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rg_listicle1.png
refinancegold.com/wp-content/uploads/2017/06/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2017/06/rg_listicle1.png
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90f9937f4c37c8ed81eeffbd82bd38a619aacda6bf44ffb4aa7e4d1e2e0470d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54
cf-polished
origFmt=png, origSize=4992
content-disposition
inline; filename="rg_listicle1.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3894
last-modified
Tue, 20 Jun 2017 06:29:15 GMT
server
cloudflare
etag
"5948c0bb-1380"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TzHevQU73y0k20CvTBWxqV6Pu8LkAPIkL0SJA%2FYg528ySHc51cUcitLp9pALMo%2FRofOwcEWWifnT%2Bk%2FVduaeh8sbtD63XwKcYXJmNV78VPWwA0zkH3ePeJ9f77rsAGV%2FzizxVyRSo9dyw4lxSym5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:41:12 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0eb2d49910c-FRA
cf-bgj
imgq:85,h2pri
4CDI7Z2L43B7YWSRPKM7FEPVUY-1000x600.jpg
refinancegold.com/wp-content/uploads/2020/05/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2020/05/4CDI7Z2L43B7YWSRPKM7FEPVUY-1000x600.jpg
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53b8a0abb2811d9c8571c147fe2cde461bd4fef533cdcfdece26478161ad697d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=81577
content-disposition
inline; filename="4CDI7Z2L43B7YWSRPKM7FEPVUY-1000x600.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
64868
last-modified
Tue, 07 Dec 2021 13:03:36 GMT
server
cloudflare
etag
"61af5ba8-13ea9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cj8lbSsVeLdjGpp5faHd9OVfKiJae9NZkNNHSKKalrE5b9vyLf%2BYAVI5UsrAZEI39Kc0Hy%2B8uFZF4yOrd5rwPJiYTOQEwV8cHlrqbzkO6emVunwqaPC4MeaF1ZH4sjWJSm0w4710NDmATUnamOn2"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:49:10 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0eb2d4a910c-FRA
cf-bgj
imgq:85,h2pri
1.jpeg
refinancegold.com/wp-content/uploads/2020/05/ 		279 KB
279 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2020/05/1.jpeg
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc2b13f80a4d2aebe8552dc439aa5c0f2322ba9d1db1e861ddcd378650c08fbb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
285364
last-modified
Tue, 07 Dec 2021 16:44:06 GMT
server
cloudflare
etag
"61af8f56-45ab4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6GxacOfzGGrNmrswuiDTuT7b7SQyFD9XRJ453zTIF2fIShYlsSG%2BCSM8pnBrcWo2Nq5U52hrkxfJYnTmYKr51Y1Sjfbkrq85YhmESCNJ4wamKUjf1LcftvR8Rhb%2BKwC99gANqagogk%2Fz5gCkzVf"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0eb2d4b910c-FRA
expires
Thu, 10 Feb 2022 13:51:11 GMT
boba.jpg
refinancegold.com/wp-content/uploads/2019/10/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2019/10/boba.jpg
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f226fac24eddb7ea232ccb727ac1395dadf83f3873441f5ff124598b4e681c82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=63096
content-disposition
inline; filename="boba.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38364
last-modified
Mon, 07 Oct 2019 04:49:46 GMT
server
cloudflare
etag
"5d9ac3ea-f678"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VwuvLXyYAZyUnItyxpDTq1UWBADZ6prOO7CXkJzYCp7JHe23S%2B3MTOLrxTyXxQgSJCnQOeQTTRgaPfX%2BSrlwgOgUQVI1mRC%2FnlovMI2v1Sq%2BQ6OWneuCKYPX8Jw7o5SiNaMxJ5Lvbr5k29koApdJ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:51:11 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0eb2d4e910c-FRA
cf-bgj
imgq:85,h2pri
2.jpeg
refinancegold.com/wp-content/uploads/2020/05/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2020/05/2.jpeg
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f71d2b3f8f68673bf3703b008fc6fd52fd1967171ce89b98ff6e68c824387dc6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=416658
content-disposition
inline; filename="2.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34922
last-modified
Tue, 07 Dec 2021 16:48:49 GMT
server
cloudflare
etag
"61af9071-65b92"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQIYRCyNCNwuET6fuSFG2msQP2LIswDSOOyeGeYJOQkY%2BlhYAs2gLL83gpWPmV1IAO9yh1q2mToLbvlLqduMMEjbqSUULEWbM%2BWZxAknzdM0UIq90usFzSni8x7ab7JT6oIZ7BWq09nS%2FOPIL82L"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:51:11 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0eb2d4f910c-FRA
cf-bgj
imgq:85,h2pri
ott_kickstarter_fcpco-450x270.jpg
refinancegold.com/wp-content/uploads/2020/07/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2020/07/ott_kickstarter_fcpco-450x270.jpg
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97fcd8f33c72953a67247b628d12ca40d4df2572e08ef5ce1b04d310298dc7c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=15268
content-disposition
inline; filename="ott_kickstarter_fcpco-450x270.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10912
last-modified
Thu, 30 Dec 2021 17:47:25 GMT
server
cloudflare
etag
"61cdf0ad-3ba4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpdFJPA6d0mEf9pMns7jmIceqAGiA3KQy%2BDinUKBfNIEkWH5zUYmDl2ulJvmR%2BV%2F31YPVfLSEEf0IiJFu%2BCtcbydTrwbDwcch4PEN7DgWWBUMY4WUcaTwnuGP4TK3O%2Bqp7lOjuYLXuPE204r29IX"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:45:13 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0eb2d51910c-FRA
cf-bgj
imgq:85,h2pri
cheers-cast-mc-square-200605-2-450x270.jpg
refinancegold.com/wp-content/uploads/2021/11/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2021/11/cheers-cast-mc-square-200605-2-450x270.jpg
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
703583b9f92f590726e22e91067c24565b1a57b308b8f7de33eed86a21b2fd55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=29683
content-disposition
inline; filename="cheers-cast-mc-square-200605-2-450x270.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28412
last-modified
Wed, 17 Nov 2021 13:17:24 GMT
server
cloudflare
etag
"619500e4-73f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhT0nQ7%2Ba9eZbb1s7uenJvOYicZClTmdTiE33sKleBMWDTwRncmQ0iy9u8U3y5WWcPK3j6rzvVVce3EnIi4ViOB4A5r6MU5nY%2BYTzM1Hr2X6Id5JukAJ1TBC3ZhgvjTZhObTd0PGJq5V15qbz0SG"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:51:02 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0eb2d53910c-FRA
cf-bgj
imgq:85,h2pri
rainy-day-photography-450x270.jpg
refinancegold.com/wp-content/uploads/2020/08/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2020/08/rainy-day-photography-450x270.jpg
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8783e8fbce8682e675da8fd7ab26635ccfcffd6191c934cfd89d6f79b5378e59

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=30605
content-disposition
inline; filename="rainy-day-photography-450x270.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28934
last-modified
Wed, 29 Dec 2021 15:43:05 GMT
server
cloudflare
etag
"61cc8209-778d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TO1ylMoF2Qvd1zBCOHn6xAJWu9L6asoB%2BpFROq25r8qBaGjkHP7hOxg29xg8Z8bIDYt8bXMrE4IvpvSLJO2hYO6UlmeDYF%2BTHbkhyxPJ44GSmWRRYCyGYHh21Qtc8RNuAMLycw5QFy8yLskW%2FsoN"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:51:02 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0eb2d56910c-FRA
cf-bgj
imgq:85,h2pri
Justin-Theroux-sitting-on-the-set-of-the-Today-show-in-a-black-striped-sweater-450x270.jpg
refinancegold.com/wp-content/uploads/2020/10/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2020/10/Justin-Theroux-sitting-on-the-set-of-the-Today-show-in-a-black-striped-sweater-450x270.jpg
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3f2ca3c3c53fd03c471250fb65377ec3c775aa398e3a08c16dcc4efc3659cd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=21818
content-disposition
inline; filename="Justin-Theroux-sitting-on-the-set-of-the-Today-show-in-a-black-striped-sweater-450x270.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18334
last-modified
Tue, 12 Oct 2021 07:59:01 GMT
server
cloudflare
etag
"61654045-553a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7VhmrvUV3veshh752D%2BaF82fAwkf7ZWyyuYDl%2BZxD9J6%2FPpNBJ%2BL42iP5vLV0MGyBduuVOVqOAObPnrq73khNJlhcrpESsPGRvAcPfG2rhSJHKNg8UFVJ8VheAHzGaexKqY8fZcztgnYU%2Fsda5o"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:51:02 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0eb2d59910c-FRA
cf-bgj
imgq:85,h2pri
4ba18d4f3507c01f113056627a527352-450x270.jpeg
refinancegold.com/wp-content/uploads/2021/11/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2021/11/4ba18d4f3507c01f113056627a527352-450x270.jpeg
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b03554cc1a00a1538184d608decf92cc122b8377bd6080ad92f9aba273c0710

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
degrade=85, origSize=34757, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33141
last-modified
Wed, 10 Nov 2021 16:33:35 GMT
server
cloudflare
etag
"618bf45f-87c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BR1pdkq1F32XFyRI0yEDd%2FRFJ5uSa%2BO9SU9prsmDO31bwmdxXZ6uQ0%2F4CaGNXfvNvXcKh1GRtutxND%2Fjnk%2F5zYyZOcHJ%2BQImiwED9uQDbdysyNZSjT9C4umN4Pg06KTyW5lMk37C%2B5PZs5C6NuYQ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Thu, 10 Feb 2022 13:51:11 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0eb2d5a910c-FRA
cf-bgj
imgq:85,h2pri
GR47DGUQWFBB3HQNOQBZCAK7TY-450x270.jpg
refinancegold.com/wp-content/uploads/2021/11/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2021/11/GR47DGUQWFBB3HQNOQBZCAK7TY-450x270.jpg
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3b46d2cc0f52beeead64060dc8453a7fa787b730d1f8b35b6c290225bbfb28a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=22844
content-disposition
inline; filename="GR47DGUQWFBB3HQNOQBZCAK7TY-450x270.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18874
last-modified
Wed, 10 Nov 2021 16:31:59 GMT
server
cloudflare
etag
"618bf3ff-593c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HoIdUzVl8vlrkmaYzX1aYTbYd6egrXbItzYFCPY4m1nLL4YtrHmGCzo8jRROvX0rlx7dkRp%2F%2FHw1BkW2u3Ng7FUeznoAo0XlAxvL52IIiEohiLQMyqr9ONIN139UuzffT1PIoAAq1gSsq9u7MKKK"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:45:13 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0eb2d5c910c-FRA
cf-bgj
imgq:85,h2pri
view-over-big-asian-city-bangkok-thailand-nighttime-tall-skyscrapers-illuminated-74692814-450x270.jpg
refinancegold.com/wp-content/uploads/2020/06/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2020/06/view-over-big-asian-city-bangkok-thailand-nighttime-tall-skyscrapers-illuminated-74692814-450x270.jpg
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d685fd45aa5f5e3cf9f47ca7853bc5c96ffb52136800c85f98ac11085b520663

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
degrade=85, origSize=42232, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40697
last-modified
Tue, 07 Dec 2021 13:00:54 GMT
server
cloudflare
etag
"61af5b06-a4f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etVi8XCzofhtwZEq7Jr8KmVw9USO3iObtgGF1tnNITLo01XAttHu7wfHNlmnA3pYsIWteQL0Y3NjRwRplywcX5V6Ui9Gz8FCH%2FTsG0CyeNEPc0aimFTtAviltd%2BgcqRpA5dnylw%2BKr2aIrOHSo5S"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Thu, 10 Feb 2022 13:51:11 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0eb2d5d910c-FRA
cf-bgj
imgq:85,h2pri
President_Barack_Obama_listens_to_Senior_Advisor_David_Axelrod_in_the_outer_Oval_Office_on_June_26_2009-450x270.jpg
refinancegold.com/wp-content/uploads/2020/06/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2020/06/President_Barack_Obama_listens_to_Senior_Advisor_David_Axelrod_in_the_outer_Oval_Office_on_June_26_2009-450x270.jpg
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1bc0fed6c324550790d139c639f94e110ea5212259150f3d2d21be25ec33c53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=19887
content-disposition
inline; filename="President_Barack_Obama_listens_to_Senior_Advisor_David_Axelrod_in_the_outer_Oval_Office_on_June_26_2009-450x270.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15734
last-modified
Tue, 07 Dec 2021 12:58:18 GMT
server
cloudflare
etag
"61af5a6a-4daf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0GYFql66UjhTPsoDbxxTY7fcPBkD%2B4BP%2BMZ%2FIwh9ieO0kmjysjsynGIDlwhW6SE2iNBkTtz9El8Gim5nj%2F775nxboor4yUpl8WnFQUv%2BOXYum411JD6xlXWp%2Fkdw6rmMQ9jk5d3tc3%2B1CcWRosP"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:45:13 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0eb2d5f910c-FRA
cf-bgj
imgq:85,h2pri
6e3b9e10-1924-11eb-94d7-a102dea0327e-450x270.jpeg
refinancegold.com/wp-content/uploads/2021/10/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2021/10/6e3b9e10-1924-11eb-94d7-a102dea0327e-450x270.jpeg
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eda8bc7915a253408ab7ac580b71c54e0a3dceda2377ebd966eb418f0d8ea3ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=26859
content-disposition
inline; filename="6e3b9e10-1924-11eb-94d7-a102dea0327e-450x270.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20592
last-modified
Sun, 31 Oct 2021 13:13:22 GMT
server
cloudflare
etag
"617e9672-68eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48Z8mWk0Z%2B11sTLQwo0XK2j%2FQeK4eJcRCe3T382rSDI%2BupZE%2BFQ9E1oMXpQ2q%2ByGB5j25G62kXmSTEvJqRcI9LF58yollzh2QmuU3L%2Ft4%2BJGG9GKHtE2uQKistBpLMMuqexE6nRpA8rnnTPN85XR"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:51:11 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0eb2d60910c-FRA
cf-bgj
imgq:85,h2pri
220103051603-03-nyc-school-return-fall-2021-file-450x270.jpg
refinancegold.com/wp-content/uploads/2022/01/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2022/01/220103051603-03-nyc-school-return-fall-2021-file-450x270.jpg
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b4d3fa19b312a0d55da7421d6c87e6d600042cfcbabc51902c0d91af4328606

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=23448
content-disposition
inline; filename="220103051603-03-nyc-school-return-fall-2021-file-450x270.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20290
last-modified
Wed, 05 Jan 2022 13:58:22 GMT
server
cloudflare
etag
"61d5a3fe-5b98"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUIAv8FkaHjPPamewtsneF9deWwm5mGnQ2f92BSEKza2NwdPBCi%2FtKfadx9QpL0T5VKxX9IkvSq4Ae%2FAHO3Jyzs6WTrsKE%2FpZxs%2B4Bf8MnABZQgUmWk6H8dkP%2BmEqbpaTAw%2F%2BjOk40%2F%2BjPnL5XV4"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:45:13 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0eb2d61910c-FRA
cf-bgj
imgq:85,h2pri
pexels-photo-271639-450x270.jpeg
refinancegold.com/wp-content/uploads/2021/04/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2021/04/pexels-photo-271639-450x270.jpeg
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40a1977ad68585c2b2fdc265842ca215eaef9467ef4da186d08acc5dd023371f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=13615
content-disposition
inline; filename="pexels-photo-271639-450x270.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8584
last-modified
Wed, 09 Feb 2022 12:03:41 GMT
server
cloudflare
etag
"6203ad9d-352f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ypx2AHHqIVyLlRqFtfxJfd3LLVu6wzCC%2FksvP1ck2YEicPAMXfcjwFyh1%2FVzehHNl0%2BvA3F2%2FUxubI0MrPJKE1ePDFbd6za%2FxsL1pf5X3FGbjJNJNQYn4amUwKqFg26iKByhjX%2FIPxTj8z%2BbWyFb"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:45:13 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0eb2d63910c-FRA
cf-bgj
imgq:85,h2pri
pexels-photo-4056856-450x270.jpeg
refinancegold.com/wp-content/uploads/2021/11/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2021/11/pexels-photo-4056856-450x270.jpeg
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
439e045c378c7d54667caaf7101d85ddc4b292dd9a7517ee301f065874ee6c22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=7762
content-disposition
inline; filename="pexels-photo-4056856-450x270.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4684
last-modified
Tue, 08 Feb 2022 04:13:58 GMT
server
cloudflare
etag
"6201ee06-1e52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRWUhh1BtyaV97Sju1%2B0KQxB5G6K48RDhD9gceRgfbanIFfrbfWXI1TF1dcYmsRwTz3ibJOX%2BqJ9TKVIDcldi7jxiJApLWG0h0%2BV1D2ygCwmjkF3icNf2vkFqJ3Wy63%2F%2B%2BM8Fqg7UZ5eTAQjXUx1"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:45:13 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0eb2d65910c-FRA
cf-bgj
imgq:85,h2pri
1x-1-450x270.jpg
refinancegold.com/wp-content/uploads/2021/12/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2021/12/1x-1-450x270.jpg
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8d41b29fc9583d50152269f161f17fdf6f291a69a045c830f852bcc9c6c0f20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=14202
content-disposition
inline; filename="1x-1-450x270.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10380
last-modified
Wed, 29 Dec 2021 13:45:44 GMT
server
cloudflare
etag
"61cc6688-377a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Se6MjHDay0i8kRy%2FV10X%2BuunUOBhqyhE4x89C6L3PVInybabqpcIiDXE5hubhsSh6JFkygZnKiHx78IeGDcGJLAhtPjXUOmrnCiwT5B9tUgEdtfoxCZJWcMG4kaXBvJt5MsSa4B1kMEB7F9vucJd"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:45:13 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0eb2d68910c-FRA
cf-bgj
imgq:85,h2pri
a22c20c0-7517-11ea-ae7f-68ecad11d00b-450x270.jpeg
refinancegold.com/wp-content/uploads/2021/12/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2021/12/a22c20c0-7517-11ea-ae7f-68ecad11d00b-450x270.jpeg
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b89493dea8f626d5c54909f4cee2d5d8f79a6450647347f776b9e5f52c7c45c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=20047
content-disposition
inline; filename="a22c20c0-7517-11ea-ae7f-68ecad11d00b-450x270.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15962
last-modified
Wed, 29 Dec 2021 13:48:02 GMT
server
cloudflare
etag
"61cc6712-4e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7lT8pNJ%2Bb4QhwhWMFfYwkAbZaRblNZYuKsO09FOaVNk9CLnA0gB%2BI2g85NWp1hhCZRlKRNWqpGbHe81j1quTH%2F8ovVknVdemDu69o9%2BI40zxzpMSXkbBrkEHk9bRmdUhNddK7EI%2BEen3UUVwct4S"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:43:08 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0eb2d6a910c-FRA
cf-bgj
imgq:85,h2pri
refinanceGold-7.png
refinancegold.com/wp-content/uploads/2017/06/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2017/06/refinanceGold-7.png
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d247fc2f8aed1c05c0973e8d5a0bfd9b08a3175af85f1b50c99536ee81d3c39

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54
cf-polished
origFmt=png, origSize=26064
content-disposition
inline; filename="refinanceGold-7.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20660
last-modified
Sun, 18 Jun 2017 11:23:56 GMT
server
cloudflare
etag
"594662cc-65d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rT8pvbeg7w1BKFEZxrRW%2BjSYm2n%2FZrxNogSSHSGmU0J2iNN6G7ndox92PRUMNrTgVOlraWB%2BSjlc0%2BIo%2FbGdg8m0Tf6sJx%2FKQCkHG20TJtDbUQcmf%2BH1hsiGxr35hV2aMGvfPw%2B3Wu2Rc5w4DyZA"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:46:35 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0eb2d6b910c-FRA
cf-bgj
imgq:85,h2pri
footer.js
refinancegold.com/wp-content/js/ 		0
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp-content/js/footer.js
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
last-modified
Mon, 10 May 2021 09:31:10 GMT
server
cloudflare
etag
"6098fd5e-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIE8tbiRoOOOj0H4Jn8f1osg5FyCQFP3DpeSwWBxDeHAVv9yO3aMTVQiK8WMCxiddJFiMxcw35yfg7Lh0fx03LyqwCRfP9Li9pwNCDi0YSTpBKKox4kMyjP4PSoWF4y%2FIEtjgU06tnmIU%2FqawnZZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0eafccf910c-FRA
expires
Thu, 10 Feb 2022 13:41:23 GMT
comment-reply.min.js
refinancegold.com/wp/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp/wp-includes/js/comment-reply.min.js?ver=4.7.2
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 26 Jan 2017 18:32:19 GMT
server
cloudflare
etag
W/"588a40b3-436"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x17raCErOYwz%2BKu%2BMzwHnumlhuB7csoKA6g1Qt8CMD3%2FhLSCtb%2Bg62nCu4CkWvGcTBRbIoLcBJSbedtAy84FIomWbnZTo2kcEr3ieAG2Ir%2FfyKTc7MT8SAuyzNweF%2BLfGnGEZvHBu9iBe6kN%2BpS5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=600, public
cf-ray
6db5c0eafcda910c-FRA
expires
Thu, 10 Feb 2022 13:49:25 GMT
jquery.form.min.js
refinancegold.com/wp-content/plugins/contact-form-7/includes/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 30 Jun 2014 23:57:06 GMT
server
cloudflare
etag
W/"53b1f952-3b90"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Azlo6Ysu6V2%2BfQrxvupecC0BPj0KmVQCQ8UyOrDWtVRx6LNdkGV7U5qxvx8qDsZIi4O2r64JAXtO2r3Ai0DJjYzu0nzJLQq6tOXO3kCK5%2FaErbU9lI%2Fp8XX6pL0Hw6ZvjwGNK211P%2BS6gJ3A%2B%2Bc9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=600, public
cf-ray
6db5c0eb1d26910c-FRA
expires
Thu, 10 Feb 2022 13:40:35 GMT
scripts.js
refinancegold.com/wp-content/plugins/contact-form-7/includes/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.6.1
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e53e3225dd38555910d735fb00b46096a8145722c7ecb55c6ed60774470f54ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 03 Nov 2016 11:49:50 GMT
server
cloudflare
etag
W/"581b245e-2f4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zsYcCowj%2BOZq42xd6JY6AuzVXVTtvI90UdHFB1fWFYwVcLrq9EOSF%2F9L%2B5NIlWHjHzF096jDhYLwdg9qyBussibwMno%2FqctCKOWCPRDL%2F8AJraUteTh26gkIt1Fq5TY%2BJQg6SR7BKEuB%2BwU5U7u"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=600, public
cf-ray
6db5c0eb2d36910c-FRA
expires
Thu, 10 Feb 2022 13:43:33 GMT
sticky.js
refinancegold.com/wp-content/plugins/advanced-d-sticky-d/public/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp-content/plugins/advanced-d-sticky-d/public/assets/js/sticky.js?ver=1.7.5
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20e460bb7b4adb017e216b3eb9f419687014ce7eb8aae022f3dfc333aa02516d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 06 Sep 2018 07:24:26 GMT
server
cloudflare
etag
W/"5b90d62a-131b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51eGv8X9Upxj7zucvmx32Okbgk2dNVoQmgOhSD5zUnKxUsgDusjjjjYsTHr82dtdJPowyEKAsx2a3CCod%2BqjlCrsWUfJpIXHVfej12n4FItJfKUmYRCrFKjlteINZ6dPvVV7qef03YsMhTtT9SNy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=600, public
cf-ray
6db5c0eb2d39910c-FRA
expires
Thu, 10 Feb 2022 13:42:59 GMT
footer_script.js
refinancegold.com/wp-content/plugins/omg-ab-testing/js/ 		612 B
827 B 		Script
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp-content/plugins/omg-ab-testing/js/footer_script.js?ver=1644500180
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a54aa073969ffbe33ba7386333d486519ef597b7b5e657252d30fe3a569efdf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 18 Jun 2017 11:02:37 GMT
server
cloudflare
etag
W/"59465dcd-264"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKlx%2FS3nczMln2wHrxd5JBk%2FsDeWu5f%2FTf28Xz8Vic1Bs7ZIB%2Bjf8vxMm4OMC9a4k8lbQPtq2LTcSX8WsSAxVKxjd4H8EML1koGg99ob5kUGF0IxMBDg%2BIyQzceOWfT1Ip%2FmmhvoF5QFgTNFYaOO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=600, public
cf-ray
6db5c0eb2d3a910c-FRA
expires
Thu, 10 Feb 2022 13:46:59 GMT
scripts.js
refinancegold.com/wp-content/themes/devoe/js/ 		979 B
943 B 		Script
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp-content/themes/devoe/js/scripts.js?ver=4.7.2
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0cbf891a3296c09c83f2c9ed876ef25bb40da30f61f6ae4acfb76908e9b786d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 18 Jun 2017 11:02:27 GMT
server
cloudflare
etag
W/"59465dc3-3d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ld9HAsahn5%2BCpqlu2ZAPEPRwsLoSZymRpAwZ9f5kuxF4LV79UzntWyOZmcR4AJV0faA%2BY6KbOI3mlC8BrRHX66VgfSBgfqDwqTBDw5EV13LalQz%2BL7564dh3eXiZoCpKqV%2FHVgersr4bk1ygWEra"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=600, public
cf-ray
6db5c0eb2d3c910c-FRA
expires
Thu, 10 Feb 2022 13:49:26 GMT
jquery.nicescroll.js
refinancegold.com/wp-content/themes/devoe/js/ 		111 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp-content/themes/devoe/js/jquery.nicescroll.js?ver=4.7.2
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e85e63b826a38be8463c806740cca67a0eb50772eda0c551a7cde5cb3270a41f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 18 Jun 2017 11:02:27 GMT
server
cloudflare
etag
W/"59465dc3-1ba74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j43bDpabIszBLQVBWiZeci6HQqqEXgko3glXXq4WX3lkag95A7t2TFtXNJJ7y18s7fc9Rxvp%2F6GOaczZA7BN6DRGJiKwmyhyMbhEw2a9O8fsaGmeCE0x%2BnPzslqkDqrlTgQXq2Ibl8vxWoS4%2FZ8x"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=600, public
cf-ray
6db5c0eb2d3e910c-FRA
expires
Thu, 10 Feb 2022 13:41:23 GMT
jquery.infinitescroll.min.js
refinancegold.com/wp-content/themes/devoe/js/ 		21 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp-content/themes/devoe/js/jquery.infinitescroll.min.js?ver=4.7.2
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c716b541f4ddccc7b9be7e11b956c77edb05261ac160e4abdc9d72a32f13f2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 18 Jun 2017 11:02:27 GMT
server
cloudflare
etag
W/"59465dc3-5433"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yh2u1tKq4FYJsrRLTYogOfCKDgDwAsP98A9UE1fTlwAKoN24AlTMmrYzDcEy72an70adYIrfl9ibl4KXJQq6dGgI%2BYM4TqOz4acYDmIHZLoxgpACmVjEw4aI0XI6Yt6%2BZkRIbVMvxEiCzcIbISTu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=600, public
cf-ray
6db5c0eb2d40910c-FRA
expires
Thu, 10 Feb 2022 13:40:35 GMT
wp-embed.min.js
refinancegold.com/wp/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp/wp-includes/js/wp-embed.min.js?ver=4.7.2
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 26 Jan 2017 18:32:19 GMT
server
cloudflare
etag
W/"588a40b3-576"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gq2%2FRaz5%2BpRSeMNFHIcGo%2BMYLsGgMTZG3ZZIhGPOQFGcQhzFZml6c2%2BVWwSaS03L%2FDw%2FXoYluDQkDqNubulEu3aITjhbyUOblsITTC8Z%2BeO72L6ETWU3WSmQOpmGOqFDqLba%2F4uH%2FBqEVYxm5VxO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=600, public
cf-ray
6db5c0eb2d43910c-FRA
expires
Thu, 10 Feb 2022 13:40:35 GMT
style.css
refinancegold.com/wp-content/themes/devoe/ 		49 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp-content/themes/devoe/style.css
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/wp-content/themes/devoe-refinancegold/style.css?ver=4.7.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0be9211b41f489aa09762ea85360380e77c912c46a3ffb53a58f5b02ac7f3236

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/wp-content/themes/devoe-refinancegold/style.css?ver=4.7.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54
cf-polished
origSize=66000
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 18 Jun 2017 11:02:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r3oNt4CAKwA7I43ot8tEPuTxD0LWLv7HZUzp1oo7Fk3BYPry1Gu%2BmgXe5to4XpM4%2FEdg0fMcMpYt8xWNGJomgxTQBdn4BAm%2BIEvClr7tldTIoejAqIckz%2FioaUpMsLnAa3DIqVCvnV0ipVehbKLi"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=600, public
cf-ray
6db5c0ea5b60910c-FRA
expires
Thu, 10 Feb 2022 13:42:16 GMT
css
fonts.googleapis.com/ 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,600,700&display=swap
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/wp-content/css/fsDevoe.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 12:58:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 10 Feb 2022 13:41:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Feb 2022 13:41:11 GMT
css
fonts.googleapis.com/ 		6 KB
763 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i&display=swap&subset=latin-ext
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/wp-content/css/fsDevoe.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f117756a981f0a57be016c03d2d727a14f9fbc0b003133d5126790d11a2a0470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 12:50:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 10 Feb 2022 13:41:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Feb 2022 13:41:11 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-162150449-1
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/wp-content/js/header.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
519d9c9330d40554134cf461fce2b4e7e3037317599aeb3bff683f500a656733
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36129
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 10 Feb 2022 13:41:11 GMT
tag
btloader.com/
Redirect Chain
  • https://mrb.upapi.net/code?w=5763896778424320&uponit=true
  • https://btloader.com/tag?o=5763896778424320&upapi=true
19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5763896778424320&upapi=true
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4eacf23bb8c23e212ad8a0091f45803f7ada6430ff997f13a22c66d4bc8faec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray
6db5c0ecccc1699f-FRA
date
Thu, 10 Feb 2022 13:41:11 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4330
etag
W/"1a929f4fc6bf77abb0790c1da4b24c76"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1tEp83VU1g%2F%2BLDHt%2ByceUj3J4zSocY%2Bpjlx1damOeswWSq9XNZmDHLb7d4WwpmzIm535Z039DYl%2BaV7kFoVKX%2BTzmN6d1U2G7plpxs23MFDYssWyu4PzX4u9jbdx%2BPoeAmaEGwzK7mIeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate
content-encoding
br

Redirect headers

date
Thu, 10 Feb 2022 13:41:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUnKpjdKS5Qv72HG2YeNkHbHrsv16rqzHqy5qlsYHFfk9NPJxrtJtEQbVkQz7k5S564FIKa9JBbM8FIPMNsFE3nBtzd5EdOAoFV2wWw0cudY5KcIIU6wHOpHR6dKi2TUUgxouuhCE%2FFoC1A%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?o=5763896778424320&upapi=true
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6db5c0ebe9085c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/wp-content/js/header.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW
content-encoding
gzip
etag
8d3665a9b316600491247ca6d78c204c
age
543
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1S72S52X8E9TA43CBP35
date
Thu, 10 Feb 2022 13:32:25 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
R0BIk3MduUyPDQE4U6SlU20tUtxJ_Y4vLXz5WXF3pMoQQ3sa2UZomQ==
pexels-jessica-bryant-1370704-min-e1598014764542.jpg
refinancegold.com/wp-content/uploads/2020/08/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2020/08/pexels-jessica-bryant-1370704-min-e1598014764542.jpg
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ef00d90ceb3fab734be8e89e300e1ad0665ff11070ddb201ad3472439bb06fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=118155
content-disposition
inline; filename="pexels-jessica-bryant-1370704-min-e1598014764542.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
101698
last-modified
Fri, 21 Aug 2020 12:59:24 GMT
server
cloudflare
etag
"5f3fc52c-1cd8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0aJ7FgTIMRfdhVHOV1a%2BwJ%2BGNShid%2FZ4lSSvwwveluGve4vy3Chi0QtI8p8NTmR3JgKGy1xMn09lK0tW9erXWIXYhMiIRx1Qdyssfkt8ctHqQByVOYCX0pEof1xUTI6vuULXt%2FbqxCyDOaQc6u6"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:48:04 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0ebff1c910c-FRA
cf-bgj
imgq:85,h2pri
gif.gif
refinancegold.com/wp-content/uploads/2021/11/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2021/11/gif.gif
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f6b712be72df9f2667186c7786093498dc8f924cceb9c5199d8981edb4d48e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1257773
last-modified
Sat, 27 Nov 2021 17:43:22 GMT
server
cloudflare
etag
"61a26e3a-13312d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChI97diBR664dw8gWObK9SXkY58Z13j4qYtTlK7tGSMd5MOhG4KDWMfD7iUYE%2FhC75L9SES4UNVFaB%2FJY%2BMFIoF46A5EVAMAt8qcCW0Qo5sJZ%2F%2FkAvw%2BuU6GZRLlpzlDRccga3qJ7Us1L6KQuojd"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
expires
Thu, 10 Feb 2022 13:44:09 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0ebff1e910c-FRA
cf-bgj
imgq:85,h2pri
GettyImages-1198421579-H-2021-1615313258.jpg
refinancegold.com/wp-content/uploads/2021/07/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2021/07/GettyImages-1198421579-H-2021-1615313258.jpg
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
575ab71dae401859fe7ddea238d466f62c5c994f7394c26cb8b69c45f06305a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=71294
content-disposition
inline; filename="GettyImages-1198421579-H-2021-1615313258.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
46372
last-modified
Wed, 28 Jul 2021 10:08:19 GMT
server
cloudflare
etag
"61012c93-1167e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TqeZAgEl5Hf%2FXzXurgwLOQElpANjSg1VBcghRMTBKgRSivQQVOlMMm9pEY0jsxkdoYChC51jUuPyHAA%2BBBg%2BFwed4W7S8xkfaZKmT821tHiV5d1MLCJqcQ8CRl%2B20o9AkHVDenVjm5kM4Nmi6cqm"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:48:04 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0ebff1f910c-FRA
cf-bgj
imgq:85,h2pri
shutterstock_794832013-scaled.jpg
refinancegold.com/wp-content/uploads/2021/11/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2021/11/shutterstock_794832013-scaled.jpg
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
329c449ba1129a531b0a8fe41e82729efcb3069507a549f9b9ebc23645de5659

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=31739
content-disposition
inline; filename="shutterstock_794832013-scaled.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18324
last-modified
Sat, 27 Nov 2021 17:28:42 GMT
server
cloudflare
etag
"61a26aca-7bfb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dolcgc89JkX%2B3XLV5cwHWDPrByk63JZv9ZKqYttLVqYqF7mcJ2HLaHc1KO89JnOvjJFsNEarcYlMts1x1CpKBGgIUg9VfhNoXLjZtclGXOq7m8jroO9IKYNxHfguhM1J2oZqIxL3LBwlWiRMAZD"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:48:04 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0ebff22910c-FRA
cf-bgj
imgq:85,h2pri
tokyo-olympics.jpg
refinancegold.com/wp-content/uploads/2021/08/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2021/08/tokyo-olympics.jpg
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cee7189ffb889724036983eeced509e2b6a4d4419597c255b070b2ae1e9197d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=634649
content-disposition
inline; filename="tokyo-olympics.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
61090
last-modified
Wed, 18 Aug 2021 12:20:58 GMT
server
cloudflare
etag
"611cfb2a-9af19"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8L2CeyT2EzSvoAqXPqERrnIUG6SHnTIP4XqDRag3iKJ1gJdJz09MQC6ogePmbDeS%2BYvASmkS3R7Yqw7JK8wFiLjoQYHWoVETG9esD2MsHWLEPMgZNkapLoLde35SJn5De5VHvVgbpcGpin%2BXCF2"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:48:04 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0ebff27910c-FRA
cf-bgj
imgq:85,h2pri
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v41/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v41/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Oswald:100,200,300,400,400italic,500,600,700,700italic,800,900|PT+Serif:100,200,300,400,400italic,500,600,700,700italic,800,900|Open+Sans:100,200,300,400,500,600,700,800,900&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d287da709652059aee8af366398fb5597fa3bf2e9cbe53b7c8ffe3da44f19ff8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://refinancegold.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 01:09:14 GMT
x-content-type-options
nosniff
age
131517
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31624
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:47:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 01:09:14 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Oswald:100,200,300,400,400italic,500,600,700,700italic,800,900|PT+Serif:100,200,300,400,400italic,500,600,700,700italic,800,900|Open+Sans:100,200,300,400,500,600,700,800,900&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://refinancegold.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 08:55:44 GMT
x-content-type-options
nosniff
age
103527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 08:55:44 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|Open+Sans:300,400,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://refinancegold.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 00:14:34 GMT
x-content-type-options
nosniff
age
134797
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 00:14:34 GMT
EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v16/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v16/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Oswald:100,200,300,400,400italic,500,600,700,700italic,800,900|PT+Serif:100,200,300,400,400italic,500,600,700,700italic,800,900|Open+Sans:100,200,300,400,500,600,700,800,900&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://refinancegold.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:33:29 GMT
x-content-type-options
nosniff
age
65262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29492
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:11:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:33:29 GMT
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v16/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v16/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Oswald:100,200,300,400,400italic,500,600,700,700italic,800,900|PT+Serif:100,200,300,400,400italic,500,600,700,700italic,800,900|Open+Sans:100,200,300,400,500,600,700,800,900&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://refinancegold.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:33:29 GMT
x-content-type-options
nosniff
age
65262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32900
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:09:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:33:29 GMT
memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
fonts.gstatic.com/s/opensans/v27/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f27408b033a0195d0f29b0ecbc143f470c4fbb0807472a688b2f9e66403651e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://refinancegold.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 06:39:33 GMT
x-content-type-options
nosniff
age
543698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17768
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:32:14 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 04 Feb 2023 06:39:33 GMT
fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.css?ver=4.7.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.css?ver=4.7.2
Origin
https://refinancegold.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
756
age
1498427
cdn-proxyver
1.02
cdn-cachedat
12/27/2021 09:53:28
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
64464
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
6a047e3d000f91aa48989b6a3327c0e8
accept-ranges
bytes
cf-ray
6db5c0ec2a636903-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://refinancegold.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 18:59:48 GMT
x-content-type-options
nosniff
age
153683
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16692
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:32:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 18:59:48 GMT
prebid.js
refinancegold.com/wp-content/js/ 		444 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/wp-content/js/prebid.js
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/wp-content/js/header.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
187c8af628c9ca69d44762a1df5c3f41bd2fb741b11201b3d1c3ef5ce84c6192

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 10 Jan 2022 10:34:32 GMT
server
cloudflare
etag
W/"61dc0bb8-6f144"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZjQfGF0VgEZRyeklnqdjEpjfFg7ChSe4FBXWYNlmu9voeyNaxn3p6%2BJhaIpnekAc1a5KlqJHczMrngYcC5qFGD%2FDe61H5aXBSdxpH%2Fh2pcaHHYpr4RpF5CNkj%2Fz5Ogv6vyE9sME2lba5kouSfufr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=600, public
cf-ray
6db5c0ec8876910c-FRA
expires
Thu, 10 Feb 2022 13:40:44 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/wp-content/js/header.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
6a46038f38ed947bd05566d4f8db7340927644407163807e36256b2490a63a6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27205
x-xss-protection
0
server
sffe
etag
"1127 / 144 of 1000 / last-modified: 1644494755"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 10 Feb 2022 13:41:11 GMT
loader.js
cdn.taboola.com/libtrc/omgstudios-network/ 		887 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/omgstudios-network/loader.js
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/wp-content/js/header.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbf8f32d4b79c203421092b55c46980b034523a07466f67bd2e5bc82aa28d3b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
aFuDscOd1bz2D83EBumgyrP7pSXl3pB.
content-encoding
gzip
etag
"7793a2a15f292e32217bc6442912ac2f"
age
112
x-cache
HIT
content-length
52136
x-amz-id-2
UsMozZrjCVJrZqPYO7c2hy2MlVRf+Yh1s1l6Rm9tCRJVocXGA3USM2Hxlgbt1cvqib6HzGf1ZU0=
x-served-by
cache-hhn4042-HHN
last-modified
Wed, 09 Feb 2022 17:09:41 GMT
server
AmazonS3
x-timer
S1644500472.788700,VS0,VE0
date
Thu, 10 Feb 2022 13:41:11 GMT
vary
Accept-Encoding
x-amz-request-id
RMD2XK25BV2K2TTM
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
96
x-cache-hits
2
config
c.amazon-adsystem.com/cdn/prod/ 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Frefinancegold.com&pubid=44c2aa72-095d-4287-9cfc-a3ece790295c
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 09:58:59 GMT
via
1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
server
Server
age
13332
x-cache
Hit from cloudfront
access-control-allow-origin
https://refinancegold.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
RR2Jru2F-9hoVYAcIOvC8x7Tj26allKuhP3tlLFCVtF7_3IJNuI_kw==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&pid=zg2b4Al9xdJip&cb=0&ws=1600x1200&v=7.72.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1642158300654-0%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x600%22%2C%22300x250%22%2C%22120x600%22%2C%22300x250%22%2C%22250x250%22%2C%22300x300%22%2C%22200x200%22%5D%2C%22sn%22%3A%22sb2D%22%7D%5D&pubid=44c2aa72-095d-4287-9cfc-a3ece790295c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
via
1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
DMC4KX654YDW3EW7KFWK
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://refinancegold.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
NzUpgRAfi9Tpqnv-VARdpX25M7FSxXJkL4HMUpfiDD-B_y6fFmMY1A==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
29206
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
date
Thu, 10 Feb 2022 05:34:26 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
7hq8uQL30LFNjlslkRRyA5gAq1btte2GjLLg2IJYNuCS10Rq67FIXg==
impl.20220209-5-RELEASE.js
cdn.taboola.com/libtrc/ 		617 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/omgstudios-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
25db276f514822906922fbfedd6557c9418afbf1d9d51d69c4f9dacd722a4baa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
ni.XKnNDCYFnD0XKIPB7fzmdxGXZ7_Rh
content-encoding
br
etag
"47aba8dcefca4560e05ab437baae1ec9"
age
13974
x-cache
HIT
content-length
130247
x-amz-id-2
C4xoagvjSLMQSS56VFYFpwmCZYL2J9LxU/w4DbbnE3PRSAULQr5EoaWsziBWdpu1ediUTKZAKSc=
x-served-by
cache-hhn4042-HHN
last-modified
Wed, 09 Feb 2022 09:39:49 GMT
server
AmazonS3-br
x-timer
S1644500472.917492,VS0,VE0
date
Thu, 10 Feb 2022 13:41:11 GMT
vary
Accept-Encoding
x-amz-request-id
YZ6P6ZMR64YAZW31
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
22
x-cache-hits
13376
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/omgstudios-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 05:51:47 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
28164
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
dTUer7G5Nmpa4t-8bGNFLnd85-EwMefxcGlouMesI6jF_CAqWGwPog==
result
refinancegold.com/cdn-cgi/bm/cv/ 		0
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://refinancegold.com/cdn-cgi/bm/cv/result?req_id=6db5c0e8ef1d910a
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/cdn-cgi/bm/cv/669835187/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 10 Feb 2022 13:41:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QU9coIqwj9MFHND8S%2FfuSYb2%2Fbxm7vAkHkKOSzMSkujOJ8CdA%2BqY4F3%2FFa2p9sWDSnzdGWWqlKptV6AYcKINU8aIu6e3hxaJrcijYBeFuJjHKWKfkCePaFz2LHqDoeZ6fWf4AYDIq84VhSs4SGgX"}],"group":"cf-nel","max_age":604800}
cf-ray
6db5c0ed9bdc910c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-427837493&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162150449-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d212518bc7e09285d2ed0142c582cf781f9169b22c622cb9f1fd9d5fcf38e1cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39596
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 10 Feb 2022 13:41:12 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 16:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77564
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Feb 2022 16:08:28 GMT
px.gif
ad-delivery.net/ 		43 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.6400819825985478
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Thu, 10 Feb 2022 13:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
139862
x-guploader-uploadid
ADPycdsiEy1nuSQNLEfhas8uFzs_VoTwqWcTlfyykl3xjJisrZ87FPDWKxvP13qNt4XQ7osgGFoYD-rBw7_qRR-jYcOYmaiEZQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jiPw8b3PVTTjSiu18S%2Ba2ZGtA5gsvhUSkBEKGojN8cTTmPCAKlhXlApE4M4QC2AwKQzu19gAGUhoXINIlYHLhCa2zYWyfD%2FeNQf9EpFAAxtnVHpM4AlUQYbzOwDG%2FW5dDNusRDCjfzzZdq0Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
6db5c0edeb8890bb-FRA
expires
Tue, 08 Feb 2022 23:12:16 GMT
pubads_impl_2022020301.js
securepubads.g.doubleclick.net/gpt/ 		351 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
05ed7424c6f3c3d2aec5dfe7fa92e5f617afe58a01666c1c584d342a8b57a0e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:19:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1324
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122037
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 09:34:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 10 Feb 2023 13:19:08 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		126 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=refinancegold.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
eff5a93ff9fd70a1bd514db7f78bd81e96a79773f250a780682e6f82307f9642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Feb 2022 13:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102
x-xss-protection
0
expires
Thu, 10 Feb 2022 13:41:12 GMT
json
trc.taboola.com/omgstudios-refinancegold/trc/3/ 		35 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/omgstudios-refinancegold/trc/3/json?tim=13%3A41%3A12.016&lti=deflated&data=%7B%22id%22%3A76%2C%22ii%22%3A%22%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1644426574480%2C%22vi%22%3A1644500472014%2C%22cv%22%3A%2220220209-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried%22%2C%22extpvid%22%3A%22RG__null__null__cn-c1n--ch-ctl--BO-B1O--BT-369---D---DE__f371dc6d-0b7a-430e-a799-6ec02725b6f9__DE__desktop__1644500471%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1630%2C%22dh%22%3A5716%2C%22nsid%22%3A%22omgstudios-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-b%3Apub%3Domgstudios-network%3Aabp%3D0%22%2C%22uip%22%3A%22cn-c1n--ch-ctl--BO-B1O--BT-369---D---DE%22%2C%22orig_uip%22%3A%22cn-c1n--ch-ctl--BO-B1O--BT-369---D---DE%22%2C%22cd%22%3A3389.3125%2C%22mw%22%3A728%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried%2Ccn-c1n--ch-ctl--BO-B1O--BT-369---D---DE%3Dthumbnails-b%3Apub%3Domgstudios-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7ff00b7a94c1f985573dd018a80379acb2808a71433e651aa032408cb1213c64

Request headers

Referer
https://refinancegold.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
898
date
Thu, 10 Feb 2022 13:41:12 GMT
content-encoding
gzip
server
nginx
x-timer
S1644500472.028605,VS0,VE898
x-served-by
cache-hhn4042-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://refinancegold.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1644500472021&ns_c=UTF-8&cv=3.5&c8=A%20Teenage%20Girl%20was%20Hospitalized%20for%20Having%20Boba%20Tea%20Balls%20Clogging%20Her%20Stom...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1644500472021&ns_c=UTF-8&cv=3.5&c8=A%20Teenage%20Girl%20was%20Hospitalized%20for%20Having%20Boba%20Tea%20Balls%20Clogging%20Her%20Sto...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1644500472021&ns_c=UTF-8&cv=3.5&c8=A%20Teenage%20Girl%20was%20Hospitalized%20for%20Having%20Boba%20Tea%20Balls%20Clogging%20Her%20Stomach%20and%20Now%20We%27re%20Worried!%20-%20Refinance%20Gold&c7=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&c9=
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:12 GMT
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
cs6csSAX4NXHUWE9gyelV7QfQ_Zljm8-UfD9bjUuEvX8SqPZ3sXtFA==
x-cache
Miss from cloudfront

Redirect headers

date
Thu, 10 Feb 2022 13:41:12 GMT
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1644500472021&ns_c=UTF-8&cv=3.5&c8=A%20Teenage%20Girl%20was%20Hospitalized%20for%20Having%20Boba%20Tea%20Balls%20Clogging%20Her%20Stomach%20and%20Now%20We're%20Worried!%20-%20Refinance%20Gold&c7=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&c9=
content-length
408
x-amz-cf-id
2bEX9eKdWMoLCLVhydB1RnoFNXBQmjrpWh8xPKQuV13_Lpix6Eq0XQ==
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-427837493&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14879
x-xss-protection
0
server
cafe
etag
17635014576153706337
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 13:41:12 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162150449-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
378
date
Thu, 10 Feb 2022 13:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 10 Feb 2022 15:34:54 GMT
pv
api.btloader.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=8XMsd7xU&w=5697642411589632&o=5763896778424320&cv=2.0.2-2-gfdc9054&r=false&pageURL=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&upapi=true
Requested by
Host: mrb.upapi.net
URL: https://mrb.upapi.net/code?w=5763896778424320&uponit=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 10 Feb 2022 13:41:12 GMT
cache-control
no-cache, no-store, must-revalidate
vary
Origin
alt-svc
clear
via
1.1 google
pixel
trk.profitor.com/ 		7 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.profitor.com/pixel?user_id=f371dc6d-0b7a-430e-a799-6ec02725b6f9&session_id=b81910a4-cc70-4b65-9f45-9adfa6ff807a&device=desktop&country_code=DE&source=no_source&acronym=RG&campaign_id=no_campaign_id&medium=no_medium&creative_title=no_creative_title&creative_image=no_creative_image&url=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&url_referrer=no_url_referrer&pcl=0&request_time=1644518472000&req_cpc=0&test_vals=cn-c1n--ch-ctl--BO-B1O--BT-369---D---DE&is_bot=0
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.49.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-49-135.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 13:41:12 GMT
ETag
W/"7-Qqj2Udef0AXurAYS32RCuYOgEYQ"
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
7
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=refinancegold.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Feb 2022 13:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=refinancegold.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Feb 2022 13:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2785550943752486&correlator=2236345332973661&output=ldjh&impl=fifs&eid=31060437%2C31061815%2C31064764%2C31064538&vrg=2022020301&ptt=17&sc=1&sfv=1-0-38&ecs=20220210&iu_parts=22671415233%2Crg_pixel_d&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&prev_scp=tb_push__test__p%3Dactive__desktop%26cn__test__p%3Dc1n__desktop%26cmpoct__test__p%3Dcmpagg__desktop%26pbtol__test__p%3Dpb3900__desktop%26ch__test__p%3Dctl__desktop%26amztam__test__p%3Dhigh__desktop%26BO__test__p%3DB1O__desktop%26BT__test__p%3D369__desktop&eri=1&cust_params=utm_campaign%3Drg_no_campaign%26site_version%3D3.6.9%26pcl%3D0%26int_connection%3D4g%26tb_push__test%3Dactive__desktop%26cn__test%3Dc1n__desktop%26cmpoct__test%3Dcmpagg__desktop%26pbtol__test%3Dpb3900__desktop%26ch__test%3Dctl__desktop%26amztam__test%3Dhigh__desktop%26BO__test%3DB1O__desktop%26BT__test%3D369__desktop&cookie_enabled=1&bc=31&abxe=1&dt=1644500472204&lmt=1644500180&dlt=1644500471351&idt=830&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1304141938&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=2117191649.1644500472&ga_sid=1644500472&ga_hid=994380097&ga_fc=false&fws=132&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
aa957210d3a01bd32ad1ac8204388de01f6266522f955e740ddacb63cb7efe1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8623
x-xss-protection
0
google-lineitem-id
5887064317
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138378023924
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://refinancegold.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
98ecca07078037d40793578d91284b17.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DA34 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://98ecca07078037d40793578d91284b17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 10 Feb 2022 13:41:12 GMT
expires
Fri, 10 Feb 2023 13:41:12 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=994380097&t=pageview&_s=1&dl=%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&ul=en-us&de=UTF-8&dt=A%20Timely%20Warning&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1596627354&gjid=578906611&cid=2117191649.1644500472&tid=UA-162150449-1&_gid=929710620.1644500472&_r=1&gtm=2ou290&z=1170497692
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://refinancegold.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 13:41:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://refinancegold.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=994380097&t=event&_s=2&dl=%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&ul=en-us&de=UTF-8&dt=A%20Timely%20Warning&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=spa&ea=layout&_u=YAhAAUABAAAAAC~&jid=&gjid=&cid=2117191649.1644500472&tid=UA-162150449-1&_gid=929710620.1644500472&gtm=2ou290&z=1903842132
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 02:05:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
41753
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=994380097&t=event&_s=3&dl=%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&ul=en-us&de=UTF-8&dt=A%20Timely%20Warning&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=cpc&ea=no_cpc&el=%E2%80%8Etbv&ev=0&_u=YAhAAUABAAAAAC~&jid=&gjid=&cid=2117191649.1644500472&tid=UA-162150449-1&_gid=929710620.1644500472&gtm=2ou290&z=1366537836
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 02:05:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
41753
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/427837493/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/427837493/?random=1644500472262&cv=9&fst=1644500472262&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&tiba=A%20Teenage%20Girl%20was%20Hospitalized%20for%20Having%20Boba%20Tea%20Balls%20Clogging%20Her%20Stomach%20and%20Now%20We%27re%20Worried!%20-%20Refinance%20Gold&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c374557595201904da5bc03efc1315bd96b586ce9b601ed9a1eddf7410da5895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 13:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1154
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/427837493/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/427837493/?random=1644500472265&cv=9&fst=1644500472265&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&ig=1&data=event%3Dlayout%3Bevent_category%3Dspa&frm=0&url=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&tiba=A%20Teenage%20Girl%20was%20Hospitalized%20for%20Having%20Boba%20Tea%20Balls%20Clogging%20Her%20Stomach%20and%20Now%20We%27re%20Worried!%20-%20Refinance%20Gold&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bcea7032be69dd43fb201d37e7430992109855891f6a0341d23f340f53c00d39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 13:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1167
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/427837493/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/427837493/?random=1644500472266&cv=9&fst=1644500472266&num=1&value=0&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&ig=1&data=event%3Dno_cpc%3Bevent_category%3Dcpc%3Bevent_label%3D%E2%80%8Etbv&frm=0&url=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&tiba=A%20Teenage%20Girl%20was%20Hospitalized%20for%20Having%20Boba%20Tea%20Balls%20Clogging%20Her%20Stomach%20and%20Now%20We%27re%20Worried!%20-%20Refinance%20Gold&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6907fdf9af3c8425a96c3377a64d5433f40a096a18e5905c7644acc91ea36a8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 13:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1193
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/427837493/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/427837493/?random=1644500472267&cv=9&fst=1644500472267&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&ig=1&data=event%3Dlayout%3Bevent_category%3Dspa&frm=0&url=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&tiba=A%20Teenage%20Girl%20was%20Hospitalized%20for%20Having%20Boba%20Tea%20Balls%20Clogging%20Her%20Stomach%20and%20Now%20We%27re%20Worried!%20-%20Refinance%20Gold&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
182c6449ab3c711cdceece663f9a65c75f65b6137fb0e38a5581f1216c8da29b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 13:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1167
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/427837493/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/427837493/?random=1644500472267&cv=9&fst=1644500472267&num=1&fmt=3&value=0&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600...
  • https://www.google.com/pagead/1p-user-list/427837493/?random=1644500472267&cv=9&fst=1644498000000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&...
  • https://www.google.de/pagead/1p-user-list/427837493/?random=1644500472267&cv=9&fst=1644498000000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/427837493/?random=1644500472267&cv=9&fst=1644498000000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dno_cpc%3Bevent_category%3Dcpc%3Bevent_label%3D%E2%80%8Etbv&frm=0&url=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&tiba=A%20Teenage%20Girl%20was%20Hospitalized%20for%20Having%20Boba%20Tea%20Balls%20Clogging%20Her%20Stomach%20and%20Now%20We%27re%20Worried!%20-%20Refinance%20Gold&async=1&is_vtc=1&random=2290368450&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H3
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 13:41:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 13:41:12 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/427837493/?random=1644500472267&cv=9&fst=1644498000000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dno_cpc%3Bevent_category%3Dcpc%3Bevent_label%3D%E2%80%8Etbv&frm=0&url=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&tiba=A%20Teenage%20Girl%20was%20Hospitalized%20for%20Having%20Boba%20Tea%20Balls%20Clogging%20Her%20Stomach%20and%20Now%20We%27re%20Worried!%20-%20Refinance%20Gold&async=1&is_vtc=1&random=2290368450&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
98ecca07078037d40793578d91284b17.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7FDD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://98ecca07078037d40793578d91284b17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 10 Feb 2022 13:41:12 GMT
expires
Fri, 10 Feb 2023 13:41:12 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
choice.js
quantcast.mgr.consensu.org/choice/xBsKjf515hayH/refinancegold.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/xBsKjf515hayH/refinancegold.com/choice.js
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/wp-content/js/header.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225d:7600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3b5e51a25ec089ff57c04dde8201ebd6339d41bab9775a662ee33b5556370c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 10 Feb 2022 13:40:50 GMT
content-encoding
gzip
last-modified
Wed, 10 Feb 2021 22:41:34 GMT
server
AmazonS3
age
23
etag
W/"e6c1f0e11c6a692462150c21586e6cfd"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 622dda1d37c6c071fbb7b1381dd6abb4.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
LHR61-P1
x-amz-cf-id
Gon_2z-OGw9ZlyXFbqOujBI0ogHlVT2LRf1Fx1aPPXtB2XXBlDF_lg==
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/xBsKjf515hayH/refinancegold.com/choice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:12 GMT
content-encoding
gzip
etag
"yoD6mq4JTyPdtDBolW+GUg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Thu, 17 Feb 2022 13:41:12 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/21/ 		263 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/21/cmp2.js?referer=refinancegold.com
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/xBsKjf515hayH/refinancegold.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225d:7600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ff465494895c140fd64990db088bc91035c73c5a35fd77d97f7530004d65fda6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
content-encoding
br
x-amz-cf-pop
LHR61-P1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Thu, 12 Nov 2020 16:37:58 GMT
server
AmazonS3
etag
W/"23437f9f6f5cacf447062304df25440f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 622dda1d37c6c071fbb7b1381dd6abb4.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-meta-qc-ineu
True
x-amz-cf-id
7AkrT_WyWY9Cls8UhuSI3XCHlzxcqnhYULPzmdzWQPxrEbPV9nt-WA==
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7FDD 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 98ecca07078037d40793578d91284b17.safeframe.googlesyndication.com
URL: https://98ecca07078037d40793578d91284b17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98ecca07078037d40793578d91284b17.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:32:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
545
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 10 Feb 2023 13:32:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7FDD 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 98ecca07078037d40793578d91284b17.safeframe.googlesyndication.com
URL: https://98ecca07078037d40793578d91284b17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98ecca07078037d40793578d91284b17.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38562
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644410386637351"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Feb 2022 13:41:12 GMT
/
www.google.com/pagead/1p-user-list/427837493/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/427837493/?random=1644500472267&cv=9&fst=1644498000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dlayout%3Bevent_category%3Dspa&frm=0&url=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&tiba=A%20Teenage%20Girl%20was%20Hospitalized%20for%20Having%20Boba%20Tea%20Balls%20Clogging%20Her%20Stomach%20and%20Now%20We%27re%20Worried!%20-%20Refinance%20Gold&async=1&fmt=3&is_vtc=1&random=3578085287&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 13:41:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/427837493/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/427837493/?random=1644500472267&cv=9&fst=1644498000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dlayout%3Bevent_category%3Dspa&frm=0&url=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&tiba=A%20Teenage%20Girl%20was%20Hospitalized%20for%20Having%20Boba%20Tea%20Balls%20Clogging%20Her%20Stomach%20and%20Now%20We%27re%20Worried!%20-%20Refinance%20Gold&async=1&fmt=3&is_vtc=1&random=3578085287&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 13:41:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/427837493/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/427837493/?random=1644500472266&cv=9&fst=1644498000000&num=1&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dno_cpc%3Bevent_category%3Dcpc%3Bevent_label%3D%E2%80%8Etbv&frm=0&url=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&tiba=A%20Teenage%20Girl%20was%20Hospitalized%20for%20Having%20Boba%20Tea%20Balls%20Clogging%20Her%20Stomach%20and%20Now%20We%27re%20Worried!%20-%20Refinance%20Gold&async=1&fmt=3&is_vtc=1&random=3071812117&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 13:41:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/427837493/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/427837493/?random=1644500472266&cv=9&fst=1644498000000&num=1&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dno_cpc%3Bevent_category%3Dcpc%3Bevent_label%3D%E2%80%8Etbv&frm=0&url=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&tiba=A%20Teenage%20Girl%20was%20Hospitalized%20for%20Having%20Boba%20Tea%20Balls%20Clogging%20Her%20Stomach%20and%20Now%20We%27re%20Worried!%20-%20Refinance%20Gold&async=1&fmt=3&is_vtc=1&random=3071812117&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 13:41:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/427837493/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/427837493/?random=1644500472265&cv=9&fst=1644498000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dlayout%3Bevent_category%3Dspa&frm=0&url=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&tiba=A%20Teenage%20Girl%20was%20Hospitalized%20for%20Having%20Boba%20Tea%20Balls%20Clogging%20Her%20Stomach%20and%20Now%20We%27re%20Worried!%20-%20Refinance%20Gold&async=1&fmt=3&is_vtc=1&random=3964905369&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 13:41:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/427837493/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/427837493/?random=1644500472265&cv=9&fst=1644498000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dlayout%3Bevent_category%3Dspa&frm=0&url=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&tiba=A%20Teenage%20Girl%20was%20Hospitalized%20for%20Having%20Boba%20Tea%20Balls%20Clogging%20Her%20Stomach%20and%20Now%20We%27re%20Worried!%20-%20Refinance%20Gold&async=1&fmt=3&is_vtc=1&random=3964905369&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 13:41:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-xBsKjf515hayH.js
rules.quantcount.com/ 		2 B
346 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-xBsKjf515hayH.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:6c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:34:23 GMT
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
server
AmazonS3
age
408
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-P2
content-length
2
x-amz-cf-id
Ko3tIK-ZvG0LwKjA-2Cp33QF6umL6BTPQdOqoTBTrCQSmUqbNa-z0w==
/
www.google.com/pagead/1p-user-list/427837493/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/427837493/?random=1644500472262&cv=9&fst=1644498000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&tiba=A%20Teenage%20Girl%20was%20Hospitalized%20for%20Having%20Boba%20Tea%20Balls%20Clogging%20Her%20Stomach%20and%20Now%20We%27re%20Worried!%20-%20Refinance%20Gold&async=1&fmt=3&is_vtc=1&random=26308050&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 13:41:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/427837493/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/427837493/?random=1644500472262&cv=9&fst=1644498000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&tiba=A%20Teenage%20Girl%20was%20Hospitalized%20for%20Having%20Boba%20Tea%20Balls%20Clogging%20Her%20Stomach%20and%20Now%20We%27re%20Worried!%20-%20Refinance%20Gold&async=1&fmt=3&is_vtc=1&random=26308050&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 13:41:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7FDD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPCRe-6-Fov1q-U2gSV08PKaf8hlIaN-YhMp2nIPz0RVwy8xWYrebMdBS7dn9CovZ_vIBMgYXrENYnYcxFut3GCX7Z9ZW1oLC2P9qwsqPN-LBYBetjY8exXPnHpxwA2o7jLwFFHWEiUZsuRV1G_h1UqVmJbnuENy2gSY35l3GEpwVescS6XXBd9J1NhOwSoCiyrKeYQq7C3p8C8K-N48hPMiIB6jgahhH9Vg-8MKb48v0bXNaQWiVmz8XN1BK8bKe0-WhTWzvkcOcpC3ysVStIdQutuv6bQrNNRweIwdddkIKUSIPuX1PVaXCEgg&sai=AMfl-YT1wjXgyHvcEJk_K60H4POcsDqXxLFXLygwntOx41t8_m1cI6TiNAEUvxSzmTIQrAN5bPyb5zixd70AuX-3QuqnC_oAQfvwtkaKn6xy9Tm9-vt2hXTzqZcPqnbeuA0s&sig=Cg0ArKJSzM9SCtnhSAYXEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 98ecca07078037d40793578d91284b17.safeframe.googlesyndication.com
URL: https://98ecca07078037d40793578d91284b17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98ecca07078037d40793578d91284b17.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Feb 2022 13:41:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 10 Feb 2022 13:41:12 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7FDD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu44UCN_A_SB3txpQqDg6iY90U5Jjb88qydonNo4-kuTtaVQiYlXdSEYkLl9qiBIfNftkQOJo2wSlfEScRUyrmLf9eyY6u-cFD9GsO2ZraVNtDEuhJUFJ7vgllRovfKqppacRYPPF2Ul6hBf9fMkOY37r8bFJF0hfohMLx-9vXgNOS67R1VoVazx-V0pLSVmQdzhAOLs4otcan1k0LlqwqpDXVZ0rmKIXMUgWsuQNDPd2UN6COcA7nKu9hxgd0myraoR4IMmWyQkNg_nPXkYg1I6fsKOW9TU8wHURNN--H6WQL7x2XeCqO2xKAVFTzO&sai=AMfl-YTvdViGMm5PG_EQkd9UXu-wDdItl8G5iOTFWYiMJAvqEfbL1J4ZOLc93TSnS-g4_vs7th8S4XP3TyGNbgUgOcmRFKSVmOINwrhfk9j9Ei5VY3bpXdAKnc91tFy3aVdA&sig=Cg0ArKJSzDtg5DYhF55EEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://98ecca07078037d40793578d91284b17.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Feb 2022 13:41:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 10 Feb 2022 13:41:12 GMT
google-atp-list.json
quantcast.mgr.consensu.org/tcfv2/ 		154 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/21/cmp2.js?referer=refinancegold.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225d:7600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
551a4a808579c7378031adf0db69216f283b918c1ad8121a2537aea2de752975

Request headers

Accept
application/json, text/plain, */*
Referer
https://refinancegold.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 03:00:31 GMT
content-encoding
br
age
38442
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Thu, 10 Feb 2022 03:00:26 GMT
server
AmazonS3
etag
W/"ad4bcd2cac4f746076ef071869c77880"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
via
1.1 093beac632db05785d90f7138ab9cc1c.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
LHR61-P1
x-amz-cf-id
qUmszj7RF_GE8psevmXSW4u3nOfhLit9i4nwt5_fudpCmJ30GwFvUA==
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d6ce42d326385a78bc33983ad259f2a8fffcd6c2cfd3c53f5eb924bed4514b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Feb 2022 13:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9661
x-xss-protection
0
cmp-list.json
test.quantcast.mgr.consensu.org/GVL-v2/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/21/cmp2.js?referer=refinancegold.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:3200:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea2cfd052397a2a777ace87690d76dc8caa81d75a37d35639401e7e995bff377

Request headers

Accept
application/json, text/plain, */*
Referer
https://refinancegold.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 03:00:42 GMT
content-encoding
gzip
age
38431
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Thu, 03 Feb 2022 19:52:29 GMT
server
AmazonS3
etag
W/"4b1249837503afcdf64c329aec87b38a"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
wJc6WWcV90znCBTeZs7CxIHimMpQQ1tj
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA60-P4
content-type
application/json
x-amz-cf-id
axHN_ObgIt4DDOF15T3VUIjZsNnyJQvbKJTAsc6Gk4hY_Er8sbkccQ==
vendor-list.json
quantcast.mgr.consensu.org/GVL-v2/ 		304 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/21/cmp2.js?referer=refinancegold.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225d:7600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79e19ced4ea473154f6ced4ec56a9ee7b57333dbd4b4dc8949adb6c9cc2e9d8e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 03:00:37 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
38436
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 10 Feb 2022 03:00:31 GMT
server
AmazonS3
etag
W/"67e057fa5d3b0e443146e458e4e7c060"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 093beac632db05785d90f7138ab9cc1c.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
LHR61-P1
x-amz-cf-id
S4rKU5-XRYXtjNm9CItoLq3fCNNvi6p3ze8bgeWH_QktLFNcLxGfXQ==
cta-component.20220209-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20220209-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/omgstudios-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a217093482f8f267d7b2687f71cb07e0d1d54f2006e6895e78b94e3b390721bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
2MUNJOtx9gstkd_6i6I0StMJ7vaEX.qi
content-encoding
gzip
etag
"9849d7a808261a0a8eb56398b3b71925"
age
0
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5020
x-amz-id-2
Hec1YCwJ+Rs9MYnWdNba4UPDlqoBsVeLGGoZFrSYAWtLaiveBmWGtUuUDTIY4vi9k6SSD+mym5w=
x-served-by
cache-hhn4042-HHN
last-modified
Wed, 09 Feb 2022 16:23:55 GMT
server
AmazonS3
x-timer
S1644500473.960568,VS0,VE1
date
Thu, 10 Feb 2022 13:41:12 GMT
vary
Accept-Encoding
x-amz-request-id
EP1HY0TWDCAPXJBM
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
22
x-cache-hits
1
tb
15.taboola.com/ 		33 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=omgstudios-refinancegold&unitType=226&tbloc=&pageType=text&pstn=cn-c1n--ch-ctl--BO-B1O--BT-369---D---DE&uuip=&cisrf=&cirf=https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&encoded=1&uid=1f7c6274-5d40-425d-9cf1-9a2bdbd3835f-tuct8fe9b78&variant=-100|493335&callback=TRC.videoTagCallbacks.videoCallback1&cb=1644500472966&tagid=&cntry=DE&platform=1&sesid=be2a724fcfc81b29d0c7df2c479a9bc6&itemid=/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&viewid=1644500472014&geolat=&geoing=&deviceifa=&appid=&sd=v2_be2a724fcfc81b29d0c7df2c479a9bc6_1f7c6274-5d40-425d-9cf1-9a2bdbd3835f-tuct8fe9b78_1644500472_1644500472_CNawjgYQ9u9CGM6h957uLyABKAEwODib4wlAiIoQSKW02QNQouwQWABgAGjGot3Fm8C5-osBcAA&ri=9cea2efb09d46078048a0f09d0c39690&appname=&cdb=&gdprApplies=true&rid=RG__null__null__cn-c1n--ch-ctl--BO-B1O--BT-369---D---DE__f371dc6d-0b7a-430e-a799-6ec02725b6f9__DE__desktop__1644500471&sii=&oee=true&tpubid=1095670&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=NW&hasGDPRConsent=true&tcfVersion=2&cmpStatus=&tnetid=1022195&prcnt=&layer=&normp=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
da7c0db2b45a67050b4479f6da5fad15117887c0cfa5a7541829dfd14a05624e

Request headers

Referer
https://refinancegold.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Feb 2022 13:41:12 GMT
content-encoding
gzip
access-control-allow-origin
https://refinancegold.com
machineid
1444
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-hhn4042-HHN
pragma
no-cache
server
nginx
x-timer
S1644500473.971511,VS0,VE18
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
userx.20220209-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220209-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/omgstudios-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8847cc60ae38e9ee058fe1c1ead1cd834995c605c5d940437078419e622ce933

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
RgKiJj9y5hVzVg2dj.Jgqf5eaJ_wtWqe
content-encoding
gzip
etag
"61e315da9d36378bf5cee1884d4b1acb"
age
54
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5396
x-amz-id-2
B3PrPhx6ERMy7WdmJifkK4gsY+C2WN29mT6puInQndovlkvpLLuY9VtAjK3pZalp3jNMRmS7aJU=
x-served-by
cache-hhn4042-HHN
last-modified
Wed, 09 Feb 2022 16:23:05 GMT
server
AmazonS3
x-timer
S1644500473.971287,VS0,VE0
date
Thu, 10 Feb 2022 13:41:12 GMT
vary
Accept-Encoding
x-amz-request-id
0H2M8DTFSXRHZKVR
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
22
x-cache-hits
27
explore-more.20220209-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20220209-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/omgstudios-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6309c4a5cc3463b9b7180a7b7c4cd233492052104119f23b6fbc1d79bd99e7ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
tl6cPAo9WGIfbPdxF3_mrNCrtVUwIeN7
content-encoding
gzip
etag
"0e2ef31d9195fe7285e47f2628269229"
age
13
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4480
x-amz-id-2
Z7ug0hil7ooh69iXk4jrYcEbHjCES0eRFjZ80I/+UBTJZIm2MSp1YQlDBcGu4aVZ32zAg+X00f8=
x-served-by
cache-hhn4042-HHN
last-modified
Wed, 09 Feb 2022 16:23:48 GMT
server
AmazonS3
x-timer
S1644500473.971950,VS0,VE0
date
Thu, 10 Feb 2022 13:41:12 GMT
vary
Accept-Encoding
x-amz-request-id
MYA2NK7PBKM1K7XE
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
22
x-cache-hits
5
feed-card-placeholder.20220209-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20220209-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/omgstudios-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fe183cf65f19ad2ed6494c6cbc3bd50bd86a9b6c7ccbff95143fa6c26bacb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
1ex18JJrZzUfqeX9S56mp1cj6vdBf9Y1
content-encoding
gzip
etag
"b0cec8ec7667c7db8960686fe402a9a2"
age
23
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
ufjFT4T2J1UhdhTJ9vmauFZDYmACicCcGPHE+uAf3R6XglXz189OXwh/zp+KGyxnhQm8SFTAcjM=
x-served-by
cache-hhn4042-HHN
last-modified
Wed, 09 Feb 2022 16:23:45 GMT
server
AmazonS3
x-timer
S1644500473.973528,VS0,VE0
date
Thu, 10 Feb 2022 13:41:12 GMT
vary
Accept-Encoding
x-amz-request-id
J0X32VJQ6TXZ1ZK4
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
22
x-cache-hits
16
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Feb 2022 13:41:13 GMT
tbp
15.taboola.com/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f814909edd91c7ce87ce39c5f4ede78a2df74ebd3632b1c262ed6489f27a3ead

Request headers

Referer
https://refinancegold.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
content-encoding
gzip
access-control-allow-origin
https://refinancegold.com
machineid
1416
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4042-HHN
pragma
no-cache
server
nginx
x-timer
S1644500473.016507,VS0,VE33
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
3538e8a31702ac5aae6c23ffd436935f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3538e8a31702ac5aae6c23ffd436935f.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d441e5b0248e45e84fcd6773f562d0848f632bf0e30285b7b0a18accf57edfed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
5575314
edge-cache-tag
371851402407615511394070421712886068098,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
371851402407615511394070421712886068098,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
676
x-cache
MISS, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3538e8a31702ac5aae6c23ffd436935f.jpg
content-length
17094
x-request-id
4bf6d769624daaf455e3c17fe351062a
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Fri, 26 Nov 2021 08:32:14 GMT
server
nginx
x-timer
S1644500473.017379,VS0,VE1
etag
"90d8f550be936039557ed95f6a107cd4"
x-served-by
cache-dca17761-DCA, cache-dca17752-DCA, cache-iad-kcgs7200066-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1
tbp
15.taboola.com/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4c5c321ce68ecff97486f9007394261921f053eba300549f701e785365dc862d

Request headers

Referer
https://refinancegold.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
content-encoding
gzip
access-control-allow-origin
https://refinancegold.com
machineid
1416
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4042-HHN
pragma
no-cache
server
nginx
x-timer
S1644500473.017164,VS0,VE31
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
a4b3eaa744f011c22df06efaf99e7ce4.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a4b3eaa744f011c22df06efaf99e7ce4.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
057dbd3f0bcfa9b23000d30f3360d1dfe60a1ac970dd81a8a724131600b5a344

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
532330
edge-cache-tag
614318912909769013766555204147966168654,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
614318912909769013766555204147966168654,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
854
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a4b3eaa744f011c22df06efaf99e7ce4.png
content-length
11606
x-request-id
5f1335a1de0cb723c35fd74f9e171fe8
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Fri, 04 Feb 2022 09:06:51 GMT
server
nginx
x-timer
S1644500473.017259,VS0,VE1
etag
"aad0f3b2d4e689f0c4818eb46982d2e0"
x-served-by
cache-dca17780-DCA, cache-iad-kjyo7100144-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
09bc3f795dca62acfc2e3ca5258e097f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/09bc3f795dca62acfc2e3ca5258e097f.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bb9154b6e7ad2be43ab97ad68b5f365b180820af1d4c2175fec328e3fc48ff14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
1441957
edge-cache-tag
292237866902487520649545116409238900502,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
292237866902487520649545116409238900502,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
383
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/09bc3f795dca62acfc2e3ca5258e097f.jpg
content-length
11682
x-request-id
5038e0ff6e88aa0f22cae6d39f76773e
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Mon, 24 Jan 2022 17:35:21 GMT
server
nginx
x-timer
S1644500473.017609,VS0,VE1
etag
"a4461418352e08f04b34e3770d08671b"
x-served-by
cache-wdc5578-WDC, cache-iad-kiad7000150-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
tbp
15.taboola.com/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback3
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8f53d29d769856c8bbfeaa102e900b1c07840f9415dbb1e9088a3acad824276a

Request headers

Referer
https://refinancegold.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
content-encoding
gzip
access-control-allow-origin
https://refinancegold.com
machineid
1442
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4042-HHN
pragma
no-cache
server
nginx
x-timer
S1644500473.018624,VS0,VE178
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
3538e8a31702ac5aae6c23ffd436935f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3538e8a31702ac5aae6c23ffd436935f.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
584c87f4d3c4456eea6e4ca2343ad9a20df70080281c917f615652a3770d5ffa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
1951562
edge-cache-tag
371851402407615511394070421712886068098,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
371851402407615511394070421712886068098,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
482
expiration
expiry-date="Tue, 15 Feb 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3538e8a31702ac5aae6c23ffd436935f.jpg
content-length
69008
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Sat, 15 Jan 2022 07:10:41 GMT
server
nginx
x-timer
S1644500473.018753,VS0,VE2
etag
"f3c39492265724054be8b15f5109c846"
x-served-by
cache-dca17724-DCA, cache-iad-kjyo7100108-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
tbp
15.taboola.com/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback4
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aca2f54c99f924c83be63bc175e2b50ae9242bafbed4958a3d27769461f70b2b

Request headers

Referer
https://refinancegold.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
content-encoding
gzip
access-control-allow-origin
https://refinancegold.com
machineid
1443
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4042-HHN
pragma
no-cache
server
nginx
x-timer
S1644500473.019209,VS0,VE24
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
a4b3eaa744f011c22df06efaf99e7ce4.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a4b3eaa744f011c22df06efaf99e7ce4.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
72d5172dfe30305a71cf5d32d9c10d5e0b2f20c894e8ad8f07cfd4427cd00f74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
531563
edge-cache-tag
614318912909769013766555204147966168654,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
614318912909769013766555204147966168654,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
1146
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a4b3eaa744f011c22df06efaf99e7ce4.png
content-length
31076
x-request-id
e3dbf7517bed2c8cb39b051d0afdb6a8
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Fri, 04 Feb 2022 09:06:51 GMT
server
nginx
x-timer
S1644500473.019322,VS0,VE1
etag
"98ebaf72a3ca77cddd268dcd445e48eb"
x-served-by
cache-dca17776-DCA, cache-iad-kiad7000147-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
abtests
trc.taboola.com/omgstudios-refinancegold/log/3/ 		0
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/omgstudios-refinancegold/log/3/abtests?route=AM:AM:V&lti=deflated&ri=9cea2efb09d46078048a0f09d0c39690&sd=v2_be2a724fcfc81b29d0c7df2c479a9bc6_1f7c6274-5d40-425d-9cf1-9a2bdbd3835f-tuct8fe9b78_1644500472_1644500472_CNawjgYQ9u9CGM6h957uLyABKAEwODib4wlAiIoQSKW02QNQouwQWABgAGjGot3Fm8C5-osBcAA&ui=1f7c6274-5d40-425d-9cf1-9a2bdbd3835f-tuct8fe9b78&pi=/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&wi=-1785242815032570074&pt=text&vi=1644500472014&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1644500473016%7D&tim=13%3A41%3A13.016&id=9876&llvl=2&cv=20220209-5-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
8
pragma
no-cache
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish
server
nginx
x-timer
S1644500473.023210,VS0,VE8
x-served-by
cache-hhn4042-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
9cfa6bf5722188232a1b458cb54c7194.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9cfa6bf5722188232a1b458cb54c7194.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c8c142eac1ae9a9f7cce24a20edafe60fa26307439e2409ee9393b1a550292af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
2512275
edge-cache-tag
384909009795398178221486296188876000720,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
384909009795398178221486296188876000720,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
157
expiration
expiry-date="Fri, 11 Feb 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9cfa6bf5722188232a1b458cb54c7194.jpg
content-length
73248
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Tue, 11 Jan 2022 10:46:44 GMT
server
nginx
x-timer
S1644500473.024633,VS0,VE1
etag
"a92bf0d20304c657e0cdddf57303a594"
x-served-by
cache-bwi5058-BWI, cache-iad-kjyo7100021-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
09bc3f795dca62acfc2e3ca5258e097f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/09bc3f795dca62acfc2e3ca5258e097f.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b6b9161ef29e0f0ee30be59cd9f34b072d5164070dc7b2c23ca0d4bb51826af6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
1437858
edge-cache-tag
292237866902487520649545116409238900502,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
292237866902487520649545116409238900502,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
872
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/09bc3f795dca62acfc2e3ca5258e097f.jpg
content-length
36398
x-request-id
eda56927773aaba1df6b50ccc4c1d40b
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Mon, 24 Jan 2022 17:35:21 GMT
server
nginx
x-timer
S1644500473.027973,VS0,VE1
etag
"9708676cbee40efb247f2d7de10c5cda"
x-served-by
cache-wdc5535-WDC, cache-iad-kjyo7100157-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
23af1a7d-8c7c-4e25-a8cf-61a52a00666d_1000x600.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/15696a61-c9e8-4b87-af5d-ad3d7449b815/images/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/15696a61-c9e8-4b87-af5d-ad3d7449b815/images/23af1a7d-8c7c-4e25-a8cf-61a52a00666d_1000x600.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
49e597ca5ae080fe66075e6c7511e0890130973ed45c3c6b94b5d58c48a82bf1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
1653421
edge-cache-tag
539392457529294479604138804954548914586,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag
539392457529294479604138804954548914586,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
157
expiration
expiry-date="Mon, 31 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/15696a61-c9e8-4b87-af5d-ad3d7449b815/images/23af1a7d-8c7c-4e25-a8cf-61a52a00666d_1000x600.jpeg
content-length
13238
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Fri, 31 Dec 2021 12:25:42 GMT
server
nginx
x-timer
S1644500473.028227,VS0,VE1
etag
"ff41eaae291a0f8b4f0f019c6b67c9f5"
x-served-by
cache-bwi5053-BWI, cache-iad-kjyo7100157-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
584c9d2d15474db00231bce569072c50.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/584c9d2d15474db00231bce569072c50.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3ec79a18c63bd2ed41948b7a6216790adb95fd28e1738e01f81b8f8d35442446

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
449510
edge-cache-tag
302434613874262415331069392992231191081,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag
302434613874262415331069392992231191081,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
618
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/584c9d2d15474db00231bce569072c50.png
content-length
15104
x-request-id
c7df99bb61efc7bd938904cdd4c1a8dd
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Mon, 31 Jan 2022 12:21:42 GMT
server
nginx
x-timer
S1644500473.028119,VS0,VE1
etag
"4a818d12042b30a51150ed1539a2ff7f"
x-served-by
cache-dca17775-DCA, cache-iad-kjyo7100169-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
47.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2018/06/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2018/06/47.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f6b3aeb908aaf9e30b9255421ef98ad57b86c05cdd78dd8167c84e29d2d21e5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
5603691
edge-cache-tag
477412848764214343162980529586757549594,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag
477412848764214343162980529586757549594,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
985
x-cache
MISS, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2018/06/47.jpg
content-length
44190
x-request-id
ea01a3336fc9007cdb30bb9eedc294bc
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Mon, 08 Nov 2021 23:46:56 GMT
server
nginx
x-timer
S1644500473.032664,VS0,VE1
etag
"00df2a09a902d46e40b688d97dcb4f4a"
x-served-by
cache-bwi5074-BWI, cache-dca17725-DCA, cache-iad-kjyo7100083-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1
sallystruthers.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2018/03/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2018/03/sallystruthers.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f485a249bbefbd76b90c2e8ad5b2d3cf300b2596b846bc38164e3d2aa7f5a730

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
3700622
edge-cache-tag
495392196727842592195207331434018125760,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag
495392196727842592195207331434018125760,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
328
expiration
expiry-date="Sat, 22 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2018/03/sallystruthers.jpg
content-length
89814
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Wed, 22 Dec 2021 23:44:33 GMT
server
nginx
x-timer
S1644500473.032778,VS0,VE1
etag
"dc309a85f305bdd17abdc0348d9b9f7d"
x-served-by
cache-bwi5052-BWI, cache-iad-kiad7000092-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
13.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2021/12/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2021/12/13.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f27987d359c2f8b5d3beb675dc857ae32f1d36031fdbf1ba3e505392a032af15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
183850
edge-cache-tag
572110475673427526813837706527181000845,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag
572110475673427526813837706527181000845,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
249
expiration
expiry-date="Thu, 10 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2021/12/13.jpeg
content-length
32280
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Mon, 07 Feb 2022 20:10:31 GMT
server
nginx
x-timer
S1644500473.033267,VS0,VE1
etag
"91e4e885e3809b1214c055e2f11ae6be"
x-served-by
cache-dca17721-DCA, cache-iad-kcgs7200140-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
m.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2018/03/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2018/03/m.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
75a04fe8bdb3b73b144726ea123f85d4e7b123ecb947985934ae37e672724db4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
1511293
edge-cache-tag
626031082353088686437730170210028769053,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag
626031082353088686437730170210028769053,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
181
expiration
expiry-date="Wed, 23 Feb 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2018/03/m.jpg
content-length
32190
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Sun, 23 Jan 2022 16:31:35 GMT
server
nginx
x-timer
S1644500473.036653,VS0,VE2
etag
"ec6d272b2b1b8fba9b8dced9f1e7d9ca"
x-served-by
cache-dca17763-DCA, cache-iad-kiad7000137-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
02-1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2019/05/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2019/05/02-1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dc5a268159727297ac6b538d38d33f487dd9f3d0f19cdc9bf5fe65d96aba693c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
3931972
edge-cache-tag
364705254349767941218797246665624656569,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag
364705254349767941218797246665624656569,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
109
expiration
expiry-date="Tue, 25 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2019/05/02-1.jpg
content-length
25940
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Sat, 25 Dec 2021 20:18:58 GMT
server
nginx
x-timer
S1644500473.036863,VS0,VE1
etag
"1431935d4f97c2f292146cec98ce6e38"
x-served-by
cache-bwi5059-BWI, cache-iad-kjyo7100057-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
Rachel-Leigh-Cook.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2017/12/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2017/12/Rachel-Leigh-Cook.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
704f212551e7e23fe504966ee5279640610d073a2236b476d94976ecb840c034

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
2013470
edge-cache-tag
418627590562894056107621227327100544872,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag
418627590562894056107621227327100544872,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
68
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2017/12/Rachel-Leigh-Cook.jpg
content-length
23626
x-request-id
abc579b77643ffe4b4f86ada17bae539
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Mon, 27 Dec 2021 06:18:21 GMT
server
nginx
x-timer
S1644500473.036943,VS0,VE1
etag
"b745a40b8d415f1a89a711bc00d353f1"
x-served-by
cache-wdc5569-WDC, cache-iad-kiad7000058-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
Kate-del-Castillo-1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2019/07/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2019/07/Kate-del-Castillo-1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2753e0e038c24b88e3153cd4d3b06d63d964b20babda1c60655dc234999e3d82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
3000063
edge-cache-tag
336745678277345926329250388034847830641,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag
336745678277345926329250388034847830641,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
160
expiration
expiry-date="Wed, 19 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2019/07/Kate-del-Castillo-1.jpg
content-length
14626
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Sun, 19 Dec 2021 20:49:42 GMT
server
nginx
x-timer
S1644500473.041824,VS0,VE1
etag
"eab78d7a40ee253f2c5baa6eb3adcb13"
x-served-by
cache-wdc5581-WDC, cache-iad-kiad7000117-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2020/07/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2020/07/9.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2f7a6adfb2f4b02d205597d8ad96aa05bf4270632d43e81df6c8e56385a12f01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
3442042
edge-cache-tag
399958352814775324399673195606972864358,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag
399958352814775324399673195606972864358,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
93
expiration
expiry-date="Sun, 23 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2020/07/9.jpg
content-length
18552
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Thu, 23 Dec 2021 13:46:44 GMT
server
nginx
x-timer
S1644500473.045650,VS0,VE1
etag
"e7fbd4f083ad2034888da38e7c4a737f"
x-served-by
cache-bwi5067-BWI, cache-iad-kcgs7200095-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
cmp2ui-en.js
quantcast.mgr.consensu.org/tcfv2/21/ 		518 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/21/cmp2ui-en.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/21/cmp2.js?referer=refinancegold.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225d:7600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d57977eb4dce878622263a6b26a0656d995c2ed7020341bff8f69ce1e5c82d0f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 15:02:49 GMT
content-encoding
gzip
age
167904
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Thu, 12 Nov 2020 16:37:58 GMT
server
AmazonS3
etag
W/"daf04faba84df4c84506f95af29844ea"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 622dda1d37c6c071fbb7b1381dd6abb4.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
LHR61-P1
x-amz-cf-id
aJnDTGn462z3eOWlROSUJmsNZDiFlL3WJrkrTZ55hsL4PubKo2i43g==
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/3.6.0/ 		99 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.6.0/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f0053c6e34d063e7fdef12f2060608d6fa828a24cbb02e54e824ae79dafd9e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront), 1.1 varnish
age
863059
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
28633
x-served-by
cache-hhn4042-HHN
last-modified
Sat, 08 Jan 2022 10:02:24 GMT
server
AmazonS3
x-timer
S1644500473.067054,VS0,VE0
etag
"d31cb35a18b8f5a0ccabe55b4d75073e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
ZdDtJUq3Bv_5vTf4xkGhVxp9Q8fVtfHsEtTNsHwgMa_gCCgw4Kv0Tg==
x-cache-hits
4659
json
trc.taboola.com/omgstudios-refinancegold/trc/3/ 		22 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/omgstudios-refinancegold/trc/3/json?tim=13%3A41%3A13.072&route=AM:AM:V&lti=deflated&data=%7B%22id%22%3A39%2C%22ii%22%3A%22%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_be2a724fcfc81b29d0c7df2c479a9bc6_1f7c6274-5d40-425d-9cf1-9a2bdbd3835f-tuct8fe9b78_1644500472_1644500472_CNawjgYQ9u9CGM6h957uLyABKAEwODib4wlAiIoQSKW02QNQouwQWABgAGjGot3Fm8C5-osBcAA%22%2C%22ui%22%3A%221f7c6274-5d40-425d-9cf1-9a2bdbd3835f-tuct8fe9b78%22%2C%22uifp%22%3A%221f7c6274-5d40-425d-9cf1-9a2bdbd3835f-tuct8fe9b78%22%2C%22lbt%22%3A1644426574480%2C%22vi%22%3A1644500472014%2C%22cv%22%3A%2220220209-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried%22%2C%22extpvid%22%3A%22RG__null__null__cn-c1n--ch-ctl--BO-B1O--BT-369---D---DE__f371dc6d-0b7a-430e-a799-6ec02725b6f9__DE__desktop__1644500471%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%2C%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Frefinancegold.com%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1630%2C%22dh%22%3A6057%2C%22nsid%22%3A%22omgstudios-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-t2m%3Apub%3Domgstudios-network%3Aabp%3D0%22%2C%22uip%22%3A%22Explore%20More%22%2C%22orig_uip%22%3A%22Explore%20More%22%2C%22cd%22%3A3%2C%22mw%22%3A1600%2C%22fi%22%3A7%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10526764%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fluxury-life-style%2Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried%2CExplore%20More%3Drbox-t2m%3Apub%3Domgstudios-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8039035a60f95ba4f1e3e5eb1ea3cb5387a974ceb91c73b2be12cfda5e7a8d04

Request headers

Referer
https://refinancegold.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
703
date
Thu, 10 Feb 2022 13:41:13 GMT
content-encoding
gzip
server
nginx
x-timer
S1644500473.076634,VS0,VE703
x-served-by
cache-hhn4042-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://refinancegold.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
creative_js.js
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront), 1.1 varnish
age
4146083
x-amz-meta-mtime
1580720676
x-cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1580720957
x-amz-meta-mode
33188
content-encoding
gzip
content-length
1904
x-served-by
cache-hhn4042-HHN
last-modified
Mon, 03 Feb 2020 09:09:18 GMT
server
AmazonS3
x-timer
S1644500473.077134,VS0,VE0
etag
"d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
weURnwUwOHgFt6bTo3Iz_wVjW8GmAzFabBY2qdh0wOmhvZi_Ab2wtQ==
x-cache-hits
795861
3538e8a31702ac5aae6c23ffd436935f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3538e8a31702ac5aae6c23ffd436935f.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d441e5b0248e45e84fcd6773f562d0848f632bf0e30285b7b0a18accf57edfed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
5575314
edge-cache-tag
371851402407615511394070421712886068098,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
371851402407615511394070421712886068098,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
676
x-cache
MISS, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3538e8a31702ac5aae6c23ffd436935f.jpg
content-length
17094
x-request-id
4bf6d769624daaf455e3c17fe351062a
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Fri, 26 Nov 2021 08:32:14 GMT
server
nginx
x-timer
S1644500473.085648,VS0,VE0
etag
"90d8f550be936039557ed95f6a107cd4"
x-served-by
cache-dca17761-DCA, cache-dca17752-DCA, cache-iad-kcgs7200066-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 2
a4b3eaa744f011c22df06efaf99e7ce4.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a4b3eaa744f011c22df06efaf99e7ce4.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
057dbd3f0bcfa9b23000d30f3360d1dfe60a1ac970dd81a8a724131600b5a344

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
532330
edge-cache-tag
614318912909769013766555204147966168654,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
614318912909769013766555204147966168654,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
854
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a4b3eaa744f011c22df06efaf99e7ce4.png
content-length
11606
x-request-id
5f1335a1de0cb723c35fd74f9e171fe8
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Fri, 04 Feb 2022 09:06:51 GMT
server
nginx
x-timer
S1644500473.085779,VS0,VE0
etag
"aad0f3b2d4e689f0c4818eb46982d2e0"
x-served-by
cache-dca17780-DCA, cache-iad-kjyo7100144-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
09bc3f795dca62acfc2e3ca5258e097f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/09bc3f795dca62acfc2e3ca5258e097f.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bb9154b6e7ad2be43ab97ad68b5f365b180820af1d4c2175fec328e3fc48ff14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
1441957
edge-cache-tag
292237866902487520649545116409238900502,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
292237866902487520649545116409238900502,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
383
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/09bc3f795dca62acfc2e3ca5258e097f.jpg
content-length
11682
x-request-id
5038e0ff6e88aa0f22cae6d39f76773e
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Mon, 24 Jan 2022 17:35:21 GMT
server
nginx
x-timer
S1644500473.085941,VS0,VE0
etag
"a4461418352e08f04b34e3770d08671b"
x-served-by
cache-wdc5578-WDC, cache-iad-kiad7000150-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
a4b3eaa744f011c22df06efaf99e7ce4.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a4b3eaa744f011c22df06efaf99e7ce4.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
72d5172dfe30305a71cf5d32d9c10d5e0b2f20c894e8ad8f07cfd4427cd00f74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
531563
edge-cache-tag
614318912909769013766555204147966168654,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
614318912909769013766555204147966168654,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
1146
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a4b3eaa744f011c22df06efaf99e7ce4.png
content-length
31076
x-request-id
e3dbf7517bed2c8cb39b051d0afdb6a8
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Fri, 04 Feb 2022 09:06:51 GMT
server
nginx
x-timer
S1644500473.086018,VS0,VE0
etag
"98ebaf72a3ca77cddd268dcd445e48eb"
x-served-by
cache-dca17776-DCA, cache-iad-kiad7000147-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
09bc3f795dca62acfc2e3ca5258e097f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/09bc3f795dca62acfc2e3ca5258e097f.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b6b9161ef29e0f0ee30be59cd9f34b072d5164070dc7b2c23ca0d4bb51826af6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
1437858
edge-cache-tag
292237866902487520649545116409238900502,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
292237866902487520649545116409238900502,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
872
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/09bc3f795dca62acfc2e3ca5258e097f.jpg
content-length
36398
x-request-id
eda56927773aaba1df6b50ccc4c1d40b
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Mon, 24 Jan 2022 17:35:21 GMT
server
nginx
x-timer
S1644500473.088694,VS0,VE0
etag
"9708676cbee40efb247f2d7de10c5cda"
x-served-by
cache-wdc5535-WDC, cache-iad-kjyo7100157-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
23af1a7d-8c7c-4e25-a8cf-61a52a00666d_1000x600.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/15696a61-c9e8-4b87-af5d-ad3d7449b815/images/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/15696a61-c9e8-4b87-af5d-ad3d7449b815/images/23af1a7d-8c7c-4e25-a8cf-61a52a00666d_1000x600.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
49e597ca5ae080fe66075e6c7511e0890130973ed45c3c6b94b5d58c48a82bf1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
1653421
edge-cache-tag
539392457529294479604138804954548914586,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag
539392457529294479604138804954548914586,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
157
expiration
expiry-date="Mon, 31 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/15696a61-c9e8-4b87-af5d-ad3d7449b815/images/23af1a7d-8c7c-4e25-a8cf-61a52a00666d_1000x600.jpeg
content-length
13238
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Fri, 31 Dec 2021 12:25:42 GMT
server
nginx
x-timer
S1644500473.089324,VS0,VE0
etag
"ff41eaae291a0f8b4f0f019c6b67c9f5"
x-served-by
cache-bwi5053-BWI, cache-iad-kjyo7100157-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
584c9d2d15474db00231bce569072c50.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/584c9d2d15474db00231bce569072c50.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3ec79a18c63bd2ed41948b7a6216790adb95fd28e1738e01f81b8f8d35442446

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
449510
edge-cache-tag
302434613874262415331069392992231191081,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag
302434613874262415331069392992231191081,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
618
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/584c9d2d15474db00231bce569072c50.png
content-length
15104
x-request-id
c7df99bb61efc7bd938904cdd4c1a8dd
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Mon, 31 Jan 2022 12:21:42 GMT
server
nginx
x-timer
S1644500473.090027,VS0,VE0
etag
"4a818d12042b30a51150ed1539a2ff7f"
x-served-by
cache-dca17775-DCA, cache-iad-kjyo7100169-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
47.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2018/06/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2018/06/47.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f6b3aeb908aaf9e30b9255421ef98ad57b86c05cdd78dd8167c84e29d2d21e5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
5603691
edge-cache-tag
477412848764214343162980529586757549594,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag
477412848764214343162980529586757549594,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
985
x-cache
MISS, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2018/06/47.jpg
content-length
44190
x-request-id
ea01a3336fc9007cdb30bb9eedc294bc
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Mon, 08 Nov 2021 23:46:56 GMT
server
nginx
x-timer
S1644500473.095648,VS0,VE0
etag
"00df2a09a902d46e40b688d97dcb4f4a"
x-served-by
cache-bwi5074-BWI, cache-dca17725-DCA, cache-iad-kjyo7100083-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 2
13.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2021/12/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2021/12/13.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f27987d359c2f8b5d3beb675dc857ae32f1d36031fdbf1ba3e505392a032af15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
183850
edge-cache-tag
572110475673427526813837706527181000845,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag
572110475673427526813837706527181000845,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
249
expiration
expiry-date="Thu, 10 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2021/12/13.jpeg
content-length
32280
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Mon, 07 Feb 2022 20:10:31 GMT
server
nginx
x-timer
S1644500473.097245,VS0,VE0
etag
"91e4e885e3809b1214c055e2f11ae6be"
x-served-by
cache-dca17721-DCA, cache-iad-kcgs7200140-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
m.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2018/03/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2018/03/m.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
75a04fe8bdb3b73b144726ea123f85d4e7b123ecb947985934ae37e672724db4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
1511293
edge-cache-tag
626031082353088686437730170210028769053,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag
626031082353088686437730170210028769053,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
181
expiration
expiry-date="Wed, 23 Feb 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2018/03/m.jpg
content-length
32190
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Sun, 23 Jan 2022 16:31:35 GMT
server
nginx
x-timer
S1644500473.097331,VS0,VE0
etag
"ec6d272b2b1b8fba9b8dced9f1e7d9ca"
x-served-by
cache-dca17763-DCA, cache-iad-kiad7000137-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
02-1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2019/05/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2019/05/02-1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dc5a268159727297ac6b538d38d33f487dd9f3d0f19cdc9bf5fe65d96aba693c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
3931972
edge-cache-tag
364705254349767941218797246665624656569,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag
364705254349767941218797246665624656569,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
109
expiration
expiry-date="Tue, 25 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2019/05/02-1.jpg
content-length
25940
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Sat, 25 Dec 2021 20:18:58 GMT
server
nginx
x-timer
S1644500473.097992,VS0,VE0
etag
"1431935d4f97c2f292146cec98ce6e38"
x-served-by
cache-bwi5059-BWI, cache-iad-kjyo7100057-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
Rachel-Leigh-Cook.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2017/12/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2017/12/Rachel-Leigh-Cook.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
704f212551e7e23fe504966ee5279640610d073a2236b476d94976ecb840c034

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
2013470
edge-cache-tag
418627590562894056107621227327100544872,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag
418627590562894056107621227327100544872,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
68
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2017/12/Rachel-Leigh-Cook.jpg
content-length
23626
x-request-id
abc579b77643ffe4b4f86ada17bae539
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Mon, 27 Dec 2021 06:18:21 GMT
server
nginx
x-timer
S1644500473.098088,VS0,VE0
etag
"b745a40b8d415f1a89a711bc00d353f1"
x-served-by
cache-wdc5569-WDC, cache-iad-kiad7000058-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
Kate-del-Castillo-1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2019/07/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2019/07/Kate-del-Castillo-1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2753e0e038c24b88e3153cd4d3b06d63d964b20babda1c60655dc234999e3d82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
3000063
edge-cache-tag
336745678277345926329250388034847830641,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag
336745678277345926329250388034847830641,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
160
expiration
expiry-date="Wed, 19 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2019/07/Kate-del-Castillo-1.jpg
content-length
14626
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Sun, 19 Dec 2021 20:49:42 GMT
server
nginx
x-timer
S1644500473.098169,VS0,VE0
etag
"eab78d7a40ee253f2c5baa6eb3adcb13"
x-served-by
cache-wdc5581-WDC, cache-iad-kiad7000117-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2020/07/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2020/07/9.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2f7a6adfb2f4b02d205597d8ad96aa05bf4270632d43e81df6c8e56385a12f01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
3442042
edge-cache-tag
399958352814775324399673195606972864358,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag
399958352814775324399673195606972864358,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
93
expiration
expiry-date="Sun, 23 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//refinancegold.com/wp-content/uploads/2020/07/9.jpg
content-length
18552
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Thu, 23 Dec 2021 13:46:44 GMT
server
nginx
x-timer
S1644500473.103475,VS0,VE0
etag
"e7fbd4f083ad2034888da38e7c4a737f"
x-served-by
cache-bwi5067-BWI, cache-iad-kcgs7200095-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
rg_listicle1.png
refinancegold.com/wp-content/uploads/2017/06/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2017/06/rg_listicle1.png
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/explore-more.20220209-5-RELEASE.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90f9937f4c37c8ed81eeffbd82bd38a619aacda6bf44ffb4aa7e4d1e2e0470d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56
cf-polished
origFmt=png, origSize=4992
content-disposition
inline; filename="rg_listicle1.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3894
last-modified
Tue, 20 Jun 2017 06:29:15 GMT
server
cloudflare
etag
"5948c0bb-1380"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gP5jhJHumlJfBY4hDAFdukGCRXpyANa%2BoORc5ao5V%2FTZn%2Fftg8tE4YzuupHsq9CQpYGYKI%2B3Dp4rh61o4Y8NBXsDjirjmgZysIq0HFM%2F0y%2BTml9Xx%2BiAj2JzzWzx7FQcoZimg%2B2LnPegwdL9DyZ7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:41:12 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0f4eda2910c-FRA
cf-bgj
imgq:85,h2pri
st
imprammp.taboola.com/ Frame D580 		0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=FF60907FAA337659251818599328&cicmp=1337627&cijs=1&dast=V7cBICFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHG0ajDZaD3YzB4Gx2s9VyMhpNFoPhYDKYLWFiFovFaLhajcaaxWIxmsxWwykYbOFzurvboIGm0-Fz3eslL5vT7rB7XD6_2WTX-N1-OQAAAAA8ABC1REPs-Da0RwAAAABI8IxcK1AEVPxbCFwAAAAAYAAQiIVrAEBxFLDfaHf5AwDgQQEEAEAAIwTg7yhBBAAAAGAEAAAAgARAILGwBMDhbtEEACDAb7ybevMEAADgoE7maZvl____PwYg771JBoAibePGoAfgwQfgQQgAAOBjiJUERGTa_QydqGC0iBEAAABAbvWm6dGkTqgsqv7___-tAK4AAAL8xrupmbNuTopZwwAAAADGFuhh8fvNDrvG73bZ_________7_Z_xkAmhCU8GNaEAOKvRrPyLXC2i8gAADbuwEAvAnAxRyAHQAAAMDd____fx4AAIDNHiXbazWePcp6n8EWPqe7u34TthitJpPNcjhbLiaD4Wg4Gu1PIIcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkM8qDqXzufVqXgwH5dzX3vw8SGGq7lksZkrVqu5YjZbJQAAAAAAAACAJUyZNwEAAAA4DWI2m-x2K2682TNBrNVqWQMAAABw60YO!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/

Response headers

server
nginx
accept-ranges
bytes
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish
x-served-by
cache-hhn4042-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1644500473.118645,VS0,VE73
content-length
0
cmTagCUSTOM.js
vidstat.taboola.com/vpaid/units/30_3_6010/infra/ 		604 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f11884de40899d47234c1cf86074c4e1daf2adf2b83ecff07996dba83044fa47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish
age
1648854
x-amz-meta-mtime
1637665336
x-cache
HIT
x-amz-meta-ctime
1637665337
x-amz-meta-mode
33188
content-encoding
br
content-length
114684
x-amz-id-2
0nGhQyYL6JJMNrNtgN9DZ54Xe47FlcMytbRNYowkLHISIE+ayuuCG0l+V0ZSZ+siOhY7wKkivBg=
x-served-by
cache-hhn4042-HHN
accept-ranges
bytes
last-modified
Tue, 23 Nov 2021 11:02:18 GMT
server
AmazonS3-br
x-timer
S1644500473.117800,VS0,VE0
etag
"c85616763ae0c5c14b78b36594bb92db"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
1BJTM91JQABF5B1D
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
189832
cmOsUnit.css
vidstat.taboola.com/vpaid/units/30_3_6010/assets/css/ 		61 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/30_3_6010/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
e811e414f4376d969d84db459974e258fbea5cb9aaa9fc90049c18946eb2a6e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish
age
1649689
x-amz-meta-mtime
1637665346
x-cache
HIT
x-amz-meta-ctime
1637665346
x-amz-meta-mode
33188
content-encoding
br
content-length
8011
x-amz-id-2
DorYSe3tYgOl1kHh+s4QSJZ4EV7e6QatR1h0Kst7losPnxWoI5OXRUDbs44/HPvWpI9TzqPsi28=
x-served-by
cache-hhn4042-HHN
accept-ranges
bytes
last-modified
Tue, 23 Nov 2021 11:02:27 GMT
server
AmazonS3-br
x-timer
S1644500473.118536,VS0,VE0
etag
"35d592e602402e62e13fc963c20298fc"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
QF5WB9J15028EQTS
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
178354
st
imprammp.taboola.com/ Frame DE39 		0
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=B2BF9B323A683368741027006191&cicmp=1337627&cijs=1&dast=V74k0CFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHEKZ0JgTzmSzoA03m9lwt5kMRqPVYrTbTJYwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbdBA0-nwue71kpfNaXfYPS6f32yya_xuvxwAAAAAHgCIWqIhdnwb2iMAAAAAJHhGrhUoAir-LQQuAAAAADAACMTCNQCgOArYb7S7_AEA8KAAAgAggBEC8He0IAIAAAAwAgAAAEACIJBYWALgcLdoAgAQ4DfeTU17AgAAcFAn87TN8v___x8DkPfeJANAkbZxY9AD8OAD8CAEAADwMYQY-eX4KsZhTVSAWMQIAAAAILd60_RoUidUFlX_____VgBXAAABfuPd1NJZNyfFrGEAAAAAYwv0sPj9Zodd43e77P_________f7P8MAE0ISvgxLYgBxV6NZ-RaYe0XEACA7d0AAN4E4GIOwA4AAADg7v___z8PAAAAaY-S7bUazx5lvc9gC5_T3V2_CVuMVpPJZjmcLReTwXA0HI32J5DDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhHlSdS-fz6lQ8mI_Lua89-PgQw9VcstjMFavVXDGbrRIAAAAAAAAAwBKmzJsAAAAAnAYxm012uxU33uyZINZqtawBAAAAuHUjBw!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/

Response headers

server
nginx
accept-ranges
bytes
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish
x-served-by
cache-hhn4042-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1644500473.119659,VS0,VE9
content-length
0
st
imprammp.taboola.com/ Frame 3BC9 		0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=B2BF9B323A68336870875791817&cicmp=1337627&cijs=1&dast=V7bjICFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHEKZ0JgTzmSzoA03m9lwtlxsJqPhYjHYbJYwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbdBA0-nwue71kpfNaXfYPS6f32yya_xuvxwAAAAAHgCIWqIhdnwb2iMAAAAAJHhGrhUoAir-LQQuAAAAADAACMTCNQCgOArYb7S7_AEA8KAAAgAggBEC8He0IAIAAAAwAgAAAEACIJBYWALgcLdoAgAQ4DfeTU17AgAAcFAn87TN8v___x8DkPfeJANAkbZxY9AD8OAD8CAEAADwMSTYVUvrU_ErTVSAWMQIAAAAILd60_RoUidUFlX_____VgBXAAABfuPd1NJZNyfFrGEAAAAAYwv0sPj9Zodd43e77P_________f7P8MAE0ISvgxLYgBxV6NZ-RaYe0XEACA7d0AAN4E4GIOwA4AAADg7v___z8PAABAa4-S7bUazx5lvc9gC5_T3V2_CVuMVpPJZjmcLReTwXA0HI32J5DDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhHlSdS-fz6lQ8mI_Lua89-PgQw9VcstjMFavVXDGbrRIAAAAAAAAAwBKmzJsAAAAAnAYxm012uxU33uyZINZqtawBAAAAuHUjBw!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/

Response headers

server
nginx
accept-ranges
bytes
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish
x-served-by
cache-hhn4042-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1644500473.120744,VS0,VE66
content-length
0
/
audit-tcfv2.quantcast.mgr.consensu.org/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22xBsKjf515hayH%22%2C%22publisher%22%3A%22Refinance%20Gold%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.21%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22TxtEoPrjVmhdjmnZxxlo1A%22%2C%22clientTimestamp%22%3A1644500473158%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-nxsmf46tgu393gkt6rcu%22%7D
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/21/cmp2ui-en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.102.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-102-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://refinancegold.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 10 Feb 2022 13:41:13 GMT
content-length
2
content-type
text/plain; charset=utf-8
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8488 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 10 Feb 2022 13:34:54 GMT
expires
Fri, 10 Feb 2023 13:34:54 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
379
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame F012 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dc04a85f9560e201c04132fdf529308820fbd630c6cf85c21e638ed9760b50f3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AptjU42vW/kJxaYokYaw2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 10 Feb 2022 13:41:13 GMT
date
Thu, 10 Feb 2022 13:41:13 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-AptjU42vW/kJxaYokYaw2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
PMS.js
vidstat.taboola.com/PMS/2.2.1/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/PMS/2.2.1/PMS.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront), 1.1 varnish
age
3502001
x-amz-meta-mtime
1542789750
x-cache
Hit from cloudfront, HIT
x-amz-meta-mode
33188
content-encoding
gzip
content-length
15795
x-served-by
cache-hhn4042-HHN
last-modified
Wed, 21 Nov 2018 08:42:31 GMT
server
AmazonS3
x-timer
S1644500473.221712,VS0,VE0
etag
"57a7ebef371550a9ab54a2f0f82547af"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
0O7z6VW9AL1L88cf_kIuoP_A5jN71DAJkA3vm2xv6yILK0B1A5FTlg==
x-cache-hits
455834
creative_js.js
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront), 1.1 varnish
age
4146084
x-amz-meta-mtime
1580720676
x-cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1580720957
x-amz-meta-mode
33188
content-encoding
gzip
content-length
1904
x-served-by
cache-hhn4042-HHN
last-modified
Mon, 03 Feb 2020 09:09:18 GMT
server
AmazonS3
x-timer
S1644500473.263016,VS0,VE0
etag
"d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
weURnwUwOHgFt6bTo3Iz_wVjW8GmAzFabBY2qdh0wOmhvZi_Ab2wtQ==
x-cache-hits
795862
refinanceGold-6.png
refinancegold.com/wp-content/uploads/2017/06/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2017/06/refinanceGold-6.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d247fc2f8aed1c05c0973e8d5a0bfd9b08a3175af85f1b50c99536ee81d3c39

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=26064
content-disposition
inline; filename="refinanceGold-6.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20660
last-modified
Sun, 18 Jun 2017 11:21:22 GMT
server
cloudflare
etag
"59466232-65d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUJtSJJD6pHJ8m6xfnbmgdHqvD3SLPIygvxIqgoD1lsqvVLWm4eVK712ESjKU4Q2HFm6ekAXOXij6%2F8RMfONlSm%2FnHH8TNvUdEWmi71oY6iNitDwLVfxG5YQIfSXVV4j0JdPRgOVFi%2BddFxefzG8"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:48:33 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c0f638f7910c-FRA
cf-bgj
imgq:85,h2pri
video-autoplay-detector.js
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront), 1.1 varnish
age
993941
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
2210
x-served-by
cache-hhn4042-HHN
last-modified
Mon, 10 Jun 2019 11:55:53 GMT
server
AmazonS3
x-timer
S1644500473.367041,VS0,VE0
etag
"2fac39530c1c168282a35d1ab56450ed"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
dMQndaMYz4lAKRlFPrdUyMaueOEjTlwBX-FuhX2o7-w7PeNmsjlMEw==
x-cache-hits
176446
a4b3eaa744f011c22df06efaf99e7ce4.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a4b3eaa744f011c22df06efaf99e7ce4.png
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
057dbd3f0bcfa9b23000d30f3360d1dfe60a1ac970dd81a8a724131600b5a344

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
532330
edge-cache-tag
614318912909769013766555204147966168654,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
614318912909769013766555204147966168654,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
854
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a4b3eaa744f011c22df06efaf99e7ce4.png
content-length
11606
x-request-id
5f1335a1de0cb723c35fd74f9e171fe8
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Fri, 04 Feb 2022 09:06:51 GMT
server
nginx
x-timer
S1644500473.394668,VS0,VE0
etag
"aad0f3b2d4e689f0c4818eb46982d2e0"
x-served-by
cache-dca17780-DCA, cache-iad-kjyo7100144-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 3
st
imprammp.taboola.com/ Frame 3FA4 		1 KB
631 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8066395&crid=4976685&dast=V7VgkCFgPmq1iO469BoATmq1iO469BoAUAAAAGBuIHG7UZrFakFYW12SyWq-VstFgtl5PhZDIcDEGjNoPVirSisDabxXK1nG0my8FwMhiOJlM4Gbtb45i71RqjW2M6u9USPlvC2LPVElJbM1uu1WoRW60WsdgQh6bT4XPd6yUvm9PusHtcPr_ZZNf43X6x6_i6PN9ip83l1pyeZ5df9HLZHT6XW-e0nN1Cv-fwND3MTuvL5Jb4LQ636OVwSxxms-etMft9Pqfd59ac_m6Hx-iW-31v3d9yebpMdgAAAAB4AFiCb4H4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAoMO7UAIDiKGC_0e7yBwDAgwIIAIAABgnAAF9rCYCFbPMJAAAAAAAAAADL____fwzAXsWWDIDGYEgPwIMPwANRAWkRIwAAAIDc6k3To0mdUFlUAQAQpFsBXAEABPiNd1NHhgEAAAiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEo4ce0IAYUe7VfQACAtV9AAAA2dQMAeBOACzqCVgwGqzOg5WazWc0OAAAA4O7___9fD0RcloVvMpp5bB7jYmJZjgwb38hm2Zh2y4Vz4rFtj4SraT3Yrymp72Tsbo1j7lZrjG6N6exWS_hsCWPPVktIbc1suVarRWy1WsSi34QtRqvJZLMczpaLyWA4Go5G-xPI4QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFi5tvYJrvRWjUyDdaiyWrkVm5sjrVyYZmYLCbPcLOauUWvj-k4czknvuEWBQPk9iK4SCd6t89zep2cfs9b8rI57Q67x-Xzm00WsURzskgnssu-4rIsfJPRzGPzGBcTy3Jk2PhGNsvGtFsunBOPbd-Y-Ta2yW60Vo1Mg7Voshq5lRubY61cWCYmi8kz3KxmbtHrYzrOXM6Jb7hvzEaj1WAw2k32jdlotBoMRrvJvkNn-K4-Z6O5em54bNrQudqtzswHhctg8f4kpsW0OzuYTr6j0-UVJos6o-_6PXoNCs_Bo_r4ps-Mbdyw1nrPheNgUMQSwekinYhextNFLJE8LdKJcuNyWFY2i2E5Ms0Gu-FgNFwYZoblyLDxLGfLwUQsUZou0ole7Dq-Ls-32GlzuTWn59nlF71cdofP5dY5LWe30O85PE0Ps9P6MrklfovDLXo53BKH2ex5a8x-n89p97k1p7_b4TG65X7fW_e3XJ4uk0X9x4cYruaSxWauWK3mitlslQAAAAAAAAAAljBn3gQAAADgNJDJcDVZLRcA4tZeFxgEAAAAAABg2E56_H7ddTb7-3XX2ezvd-xujWPuVmuMbo3p7FZL-GwJY89WS0htzWy5VqtFbLVaxOL3a57dYuSxjdyCiW_hFm0GK7fCt1yuZSuPYbKbrCa2mXPfL7H4_ZLL8zX9Df9-YzYarQaD0W6xY4x3-zyn18np97wlL5vT7rB7XD6_2WRlgAfMeebNnglirVbLGgAAQAAbAAAggFs3bwHnVRwAAECAHA!&cmcv=&pix=undefined&cb=1644500473399&uv=3119&tms=1644500473399&abt=adh5c-1_vA!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!mprdctdt6_vA!pblc_vE!smbs!spa2_vA!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=5305E4EB5331959641599282280&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.0/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a7e10dbfb0283c0817331b260e5d431bf49b969e3ff862292752c747bdf39e1d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish
x-served-by
cache-hhn4042-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1644500473.405183,VS0,VE217
vary
Accept-Encoding
sync
am-match.taboola.com/ Frame EFBC 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7VgkCFgPmq1iO469BoATmq1iO469BoAUAAAAGBuIHG7UZrFakFYW12SyWq-VstFgtl5PhZDIcDEGjNoPVirSisDabxXK1nG0my8FwMhiOJlM4Gbtb45i71RqjW2M6u9USPlvC2LPVElJbM1uu1WoRW60WsdgQh6bT4XPd6yUvm9PusHtcPr_ZZNf43X6x6_i6PN9ip83l1pyeZ5df9HLZHT6XW-e0nN1Cv-fwND3MTuvL5Jb4LQ636OVwSxxms-etMft9Pqfd59ac_m6Hx-iW-31v3d9yebpMdgAAAAB4AFiCb4H4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAoMO7UAIDiKGC_0e7yBwDAgwIIAIAABgnAAF9rCYCFbPMJAAAAAAAAAADL____fwzAXsWWDIDGYEgPwIMPwANRAWkRIwAAAIDc6k3To0mdUFlUAQAQpFsBXAEABPiNd1NHhgEAAAiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEo4ce0IAYUe7VfQACAtV9AAAA2dQMAeBOACzqCVgwGqzOg5WazWc0OAAAA4O7___9fD0RcloVvMpp5bB7jYmJZjgwb38hm2Zh2y4Vz4rFtj4SraT3Yrymp72Tsbo1j7lZrjG6N6exWS_hsCWPPVktIbc1suVarRWy1WsSi34QtRqvJZLMczpaLyWA4Go5G-xPI4QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFi5tvYJrvRWjUyDdaiyWrkVm5sjrVyYZmYLCbPcLOauUWvj-k4czknvuEWBQPk9iK4SCd6t89zep2cfs9b8rI57Q67x-Xzm00WsURzskgnssu-4rIsfJPRzGPzGBcTy3Jk2PhGNsvGtFsunBOPbd-Y-Ta2yW60Vo1Mg7Voshq5lRubY61cWCYmi8kz3KxmbtHrYzrOXM6Jb7hvzEaj1WAw2k32jdlotBoMRrvJvkNn-K4-Z6O5em54bNrQudqtzswHhctg8f4kpsW0OzuYTr6j0-UVJos6o-_6PXoNCs_Bo_r4ps-Mbdyw1nrPheNgUMQSwekinYhextNFLJE8LdKJcuNyWFY2i2E5Ms0Gu-FgNFwYZoblyLDxLGfLwUQsUZou0ole7Dq-Ls-32GlzuTWn59nlF71cdofP5dY5LWe30O85PE0Ps9P6MrklfovDLXo53BKH2ex5a8x-n89p97k1p7_b4TG65X7fW_e3XJ4uk0X9x4cYruaSxWauWK3mitlslQAAAAAAAAAAljBn3gQAAADgNJDJcDVZLRcA4tZeFxgEAAAAAABg2E56_H7ddTb7-3XX2ezvd-xujWPuVmuMbo3p7FZL-GwJY89WS0htzWy5VqtFbLVaxOL3a57dYuSxjdyCiW_hFm0GK7fCt1yuZSuPYbKbrCa2mXPfL7H4_ZLL8zX9Df9-YzYarQaD0W6xY4x3-zyn18np97wlL5vT7rB7XD6_2WRlgAfMeebNnglirVbLGgAAQAAbAAAggFs3bwHnVRwAAECAHA!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.0/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
19402e76616ff18ec8182bf839fe4271507b0038588e4d51d20126440f100cdb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/

Response headers

server
nginx
date
Thu, 10 Feb 2022 13:41:13 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3401
VideoBidRequestHandlerServlet
wf.taboola.com/ 		9 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=481&height=270&pubid=169497&tagid=953497&crid=4976685&noaop=5&sortOrderType=0&cb=1644500473403&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1355&pt=1212696922&tz=0&viewable=true&ddast=V7VgkCFgPmq1iO469BoATmq1iO469BoAUAAAAGBuIHG7UZrFakFYW12SyWq-VstFgtl5PhZDIcDEGjNoPVirSisDabxXK1nG0my8FwMhiOJlM4Gbtb45i71RqjW2M6u9USPlvC2LPVElJbM1uu1WoRW60WsdgQh6bT4XPd6yUvm9PusHtcPr_ZZNf43X6x6_i6PN9ip83l1pyeZ5df9HLZHT6XW-e0nN1Cv-fwND3MTuvL5Jb4LQ636OVwSxxms-etMft9Pqfd59ac_m6Hx-iW-31v3d9yebpMdgAAAAB4AFiCb4H4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAoMO7UAIDiKGC_0e7yBwDAgwIIAIAABgnAAF9rCYCFbPMJAAAAAAAAAADL____fwzAXsWWDIDGYEgPwIMPwANRAWkRIwAAAIDc6k3To0mdUFlUAQAQpFsBXAEABPiNd1NHhgEAAAiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEo4ce0IAYUe7VfQACAtV9AAAA2dQMAeBOACzqCVgwGqzOg5WazWc0OAAAA4O7___9fD0RcloVvMpp5bB7jYmJZjgwb38hm2Zh2y4Vz4rFtj4SraT3Yrymp72Tsbo1j7lZrjG6N6exWS_hsCWPPVktIbc1suVarRWy1WsSi34QtRqvJZLMczpaLyWA4Go5G-xPI4QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFi5tvYJrvRWjUyDdaiyWrkVm5sjrVyYZmYLCbPcLOauUWvj-k4czknvuEWBQPk9iK4SCd6t89zep2cfs9b8rI57Q67x-Xzm00WsURzskgnssu-4rIsfJPRzGPzGBcTy3Jk2PhGNsvGtFsunBOPbd-Y-Ta2yW60Vo1Mg7Voshq5lRubY61cWCYmi8kz3KxmbtHrYzrOXM6Jb7hvzEaj1WAw2k32jdlotBoMRrvJvkNn-K4-Z6O5em54bNrQudqtzswHhctg8f4kpsW0OzuYTr6j0-UVJos6o-_6PXoNCs_Bo_r4ps-Mbdyw1nrPheNgUMQSwekinYhextNFLJE8LdKJcuNyWFY2i2E5Ms0Gu-FgNFwYZoblyLDxLGfLwUQsUZou0ole7Dq-Ls-32GlzuTWn59nlF71cdofP5dY5LWe30O85PE0Ps9P6MrklfovDLXo53BKH2ex5a8x-n89p97k1p7_b4TG65X7fW_e3XJ4uk0X9x4cYruaSxWauWK3mitlslQAAAAAAAAAAljBn3gQAAADgNJDJcDVZLRcA4tZeFxgEAAAAAABg2E56_H7ddTb7-3XX2ezvd-xujWPuVmuMbo3p7FZL-GwJY89WS0htzWy5VqtFbLVaxOL3a57dYuSxjdyCiW_hFm0GK7fCt1yuZSuPYbKbrCa2mXPfL7H4_ZLL8zX9Df9-YzYarQaD0W6xY4x3-zyn18np97wlL5vT7rB7XD6_2WRlgAfMeebNnglirVbLGgAAQAAbAAAggFs3bwHnVRwAAECAHA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1487565&dpubid=228525&abtst=adh5c-1_vA!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!mprdctdt6_vA!pblc_vE!smbs!spa2_vA!t45!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Frefinancegold.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.0/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
df140d8382fe2904fb0d1fd74b41836e9b93755542a9266b5b04194908ac870b

Request headers

Referer
https://refinancegold.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
content-encoding
gzip
access-control-allow-origin
https://refinancegold.com
machineid
1446
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4042-HHN
pragma
no-cache
server
nginx
x-timer
S1644500473.414063,VS0,VE124
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://static.vidazoo.com>; rel=preconnect,<http://static.vidazoo.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8066395&crid=4976685&dast=V7VgkCFgPmq1iO469BoATmq1iO469BoAUAAAAGBuIHG7UZrFakFYW12SyWq-VstFgtl5PhZDIcDEGjNoPVirSisDabxXK1nG0my8FwMhiOJlM4Gbtb45i71RqjW2M6u9USPlvC2LPVElJbM1uu1WoRW60WsdgQh6bT4XPd6yUvm9PusHtcPr_ZZNf43X6x6_i6PN9ip83l1pyeZ5df9HLZHT6XW-e0nN1Cv-fwND3MTuvL5Jb4LQ636OVwSxxms-etMft9Pqfd59ac_m6Hx-iW-31v3d9yebpMdgAAAAB4AFiCb4H4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAoMO7UAIDiKGC_0e7yBwDAgwIIAIAABgnAAF9rCYCFbPMJAAAAAAAAAADL____fwzAXsWWDIDGYEgPwIMPwANRAWkRIwAAAIDc6k3To0mdUFlUAQAQpFsBXAEABPiNd1NHhgEAAAiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEo4ce0IAYUe7VfQACAtV9AAAA2dQMAeBOACzqCVgwGqzOg5WazWc0OAAAA4O7___9fD0RcloVvMpp5bB7jYmJZjgwb38hm2Zh2y4Vz4rFtj4SraT3Yrymp72Tsbo1j7lZrjG6N6exWS_hsCWPPVktIbc1suVarRWy1WsSi34QtRqvJZLMczpaLyWA4Go5G-xPI4QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFi5tvYJrvRWjUyDdaiyWrkVm5sjrVyYZmYLCbPcLOauUWvj-k4czknvuEWBQPk9iK4SCd6t89zep2cfs9b8rI57Q67x-Xzm00WsURzskgnssu-4rIsfJPRzGPzGBcTy3Jk2PhGNsvGtFsunBOPbd-Y-Ta2yW60Vo1Mg7Voshq5lRubY61cWCYmi8kz3KxmbtHrYzrOXM6Jb7hvzEaj1WAw2k32jdlotBoMRrvJvkNn-K4-Z6O5em54bNrQudqtzswHhctg8f4kpsW0OzuYTr6j0-UVJos6o-_6PXoNCs_Bo_r4ps-Mbdyw1nrPheNgUMQSwekinYhextNFLJE8LdKJcuNyWFY2i2E5Ms0Gu-FgNFwYZoblyLDxLGfLwUQsUZou0ole7Dq-Ls-32GlzuTWn59nlF71cdofP5dY5LWe30O85PE0Ps9P6MrklfovDLXo53BKH2ex5a8x-n89p97k1p7_b4TG65X7fW_e3XJ4uk0X9x4cYruaSxWauWK3mitlslQAAAAAAAAAAljBn3gQAAADgNJDJcDVZLRcA4tZeFxgEAAAAAABg2E56_H7ddTb7-3XX2ezvd-xujWPuVmuMbo3p7FZL-GwJY89WS0htzWy5VqtFbLVaxOL3a57dYuSxjdyCiW_hFm0GK7fCt1yuZSuPYbKbrCa2mXPfL7H4_ZLL8zX9Df9-YzYarQaD0W6xY4x3-zyn18np97wlL5vT7rB7XD6_2WRlgAfMeebNnglirVbLGgAAQAAbAAAggFs3bwHnVRwAAECAHA!&cmcv=&pix=31589837&cb=1644500473399&uv=3119&tms=1644500473399&abt=adh5c-1_vA!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!mprdctdt6_vA!pblc_vE!smbs!spa2_vA!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1644500471129.3!ts:1644500473399&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
content-length
0
server
nginx
3538e8a31702ac5aae6c23ffd436935f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3538e8a31702ac5aae6c23ffd436935f.jpg
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d441e5b0248e45e84fcd6773f562d0848f632bf0e30285b7b0a18accf57edfed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
5575314
edge-cache-tag
371851402407615511394070421712886068098,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
371851402407615511394070421712886068098,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
676
x-cache
MISS, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3538e8a31702ac5aae6c23ffd436935f.jpg
content-length
17094
x-request-id
4bf6d769624daaf455e3c17fe351062a
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Fri, 26 Nov 2021 08:32:14 GMT
server
nginx
x-timer
S1644500473.411407,VS0,VE0
etag
"90d8f550be936039557ed95f6a107cd4"
x-served-by
cache-dca17761-DCA, cache-dca17752-DCA, cache-iad-kcgs7200066-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 3
st
imprammp.taboola.com/ Frame 6C8A 		0
86 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=2F5879A30344536082129966824&cicmp=1337627&cijs=1&dast=V70nQCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGzJjDXfLBWewGY1Wm9lgtxhuhsPRcjFcLmFiFovFaLhajcaaxWIxmsxWwykYbOFzurvboIGm0-Fz3eslL5vT7rB7XD6_2WTX-N1-OQAAAAA8ABC1REPs-Da0RwAAAABI8IxcK1AEVPxbCFwAAAAAYAAQiIVrAEBxFLDfaHf5AwDgQQEEAEAAIwTg74hFBAAAAGAEAAAAgARAILGwBMDhbtEEACDAb7ybWv0EAADgoE7maZvl____PwYg771JBoAibePGoAfgwQfgQQgAAOBjSOnrqNw2QxmBqEC0iBEAAABAbvWm6dGkTqgsqv7___-tAK4AAAL8xruro7JuTopZwwAAAADGFuhh8fvNDrvG73bZ_________7_Z_xkAmhCU8GNaEAOKvRrPyLXC2i8gAADbuwEAvAnAxRyAHQAAAMDd____fx4AAIDOHiXbazWePcp6n8EWPqe7u34TthitJpPNcjhbLiaD4Wg4Gu1PIIcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkM8qDqXzufVqXgwH5dzX3vw8SGGq7lksZkrVqu5YjZbJQAAAAAAAACAJUyZNwEAAAA4DWI2m-x2K2682TNBrNVqWQMAAABw60YO!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/

Response headers

server
nginx
accept-ranges
bytes
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish
x-served-by
cache-hhn4042-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1644500473.416273,VS0,VE9
content-length
0
cmTagCUSTOM.js
vidstat.taboola.com/vpaid/units/30_3_6010/infra/ 		604 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f11884de40899d47234c1cf86074c4e1daf2adf2b83ecff07996dba83044fa47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish
age
1648854
x-amz-meta-mtime
1637665336
x-cache
HIT
x-amz-meta-ctime
1637665337
x-amz-meta-mode
33188
content-encoding
br
content-length
114684
x-amz-id-2
0nGhQyYL6JJMNrNtgN9DZ54Xe47FlcMytbRNYowkLHISIE+ayuuCG0l+V0ZSZ+siOhY7wKkivBg=
x-served-by
cache-hhn4042-HHN
accept-ranges
bytes
last-modified
Tue, 23 Nov 2021 11:02:18 GMT
server
AmazonS3-br
x-timer
S1644500473.416364,VS0,VE0
etag
"c85616763ae0c5c14b78b36594bb92db"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
1BJTM91JQABF5B1D
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
189833
cmOsUnit.css
vidstat.taboola.com/vpaid/units/30_3_6010/assets/css/ 		61 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/30_3_6010/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
e811e414f4376d969d84db459974e258fbea5cb9aaa9fc90049c18946eb2a6e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish
age
1649690
x-amz-meta-mtime
1637665346
x-cache
HIT
x-amz-meta-ctime
1637665346
x-amz-meta-mode
33188
content-encoding
br
content-length
8011
x-amz-id-2
DorYSe3tYgOl1kHh+s4QSJZ4EV7e6QatR1h0Kst7losPnxWoI5OXRUDbs44/HPvWpI9TzqPsi28=
x-served-by
cache-hhn4042-HHN
accept-ranges
bytes
last-modified
Tue, 23 Nov 2021 11:02:27 GMT
server
AmazonS3-br
x-timer
S1644500473.416471,VS0,VE0
etag
"35d592e602402e62e13fc963c20298fc"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
QF5WB9J15028EQTS
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
178355
a4b3eaa744f011c22df06efaf99e7ce4.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a4b3eaa744f011c22df06efaf99e7ce4.png
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
72d5172dfe30305a71cf5d32d9c10d5e0b2f20c894e8ad8f07cfd4427cd00f74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
531563
edge-cache-tag
614318912909769013766555204147966168654,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
614318912909769013766555204147966168654,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
1146
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a4b3eaa744f011c22df06efaf99e7ce4.png
content-length
31076
x-request-id
e3dbf7517bed2c8cb39b051d0afdb6a8
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Fri, 04 Feb 2022 09:06:51 GMT
server
nginx
x-timer
S1644500473.419561,VS0,VE0
etag
"98ebaf72a3ca77cddd268dcd445e48eb"
x-served-by
cache-dca17776-DCA, cache-iad-kiad7000147-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 3
cy1oqekyes5bsb5ef3xz.mp4
cdn.taboola.com/libtrc/static/video/v1643976849/ 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1643976849/cy1oqekyes5bsb5ef3xz.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a8fc8f4c655dc90976df1e9468777a2091842aae6d1eccb3f5cf5ef4a68566b

Request headers

Referer
https://refinancegold.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
y0C7rZobadE0QfRUSQTmy72Q1TQXsVFb
via
1.1 varnish
etag
"c9de16762afb42164a7ff654c008590a"
age
35
x-cache
HIT
Content-Range
bytes 0-1142214/1142215
x-amz-replication-status
COMPLETED
Content-Length
1142215
x-amz-id-2
m2/1JkR5nggDH+/MaVykFCE8saDHcFUABY+kcqLggr7oPCy1J/cp2w1YNHOJaEU8gbILf0KP+Vo=
x-served-by
cache-hhn4042-HHN
last-modified
Fri, 04 Feb 2022 12:14:15 GMT
server
AmazonS3
x-timer
S1644500473.426551,VS0,VE1
date
Thu, 10 Feb 2022 13:41:13 GMT
x-amz-request-id
5XQZFS9B5T0Q82KD
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
22
x-cache-hits
0
yrvcczfiqzkqn6arwaqo.mp4
cdn.taboola.com/libtrc/static/video/v1634738029/ 		439 KB
439 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1634738029/yrvcczfiqzkqn6arwaqo.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91f8ecf969595c1e4e577b1e011140608fdc73abdc655726e4ae5b2ff5d3b7fb

Request headers

Referer
https://refinancegold.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
J4zwUNwnA0ErvhyvrKLpkCaCxT4xK5mi
via
1.1 varnish
etag
"b762c1211448685bef7913613136e233"
age
90
x-cache
HIT
Content-Range
bytes 0-449261/449262
x-amz-replication-status
COMPLETED
Content-Length
449262
x-amz-id-2
26fvZvZz03iP63Q8GE1RqR59hTyjH8L79t+C6IZEcA8NkQ1yjLGE/HypFc3t1bbdOuPc+tWZgoU=
x-served-by
cache-hhn4042-HHN
last-modified
Wed, 20 Oct 2021 13:53:57 GMT
server
AmazonS3
x-timer
S1644500473.428964,VS0,VE1
date
Thu, 10 Feb 2022 13:41:13 GMT
x-amz-request-id
XZN5XCW5MWTNYCKJ
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
22
x-cache-hits
0
cy1oqekyes5bsb5ef3xz.mp4
cdn.taboola.com/libtrc/static/video/v1643976849/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1643976849/cy1oqekyes5bsb5ef3xz.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://refinancegold.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
y0C7rZobadE0QfRUSQTmy72Q1TQXsVFb
via
1.1 varnish
etag
"c9de16762afb42164a7ff654c008590a"
age
35
x-cache
HIT
Content-Range
bytes 0-1142214/1142215
x-amz-replication-status
COMPLETED
Content-Length
1142215
x-amz-id-2
m2/1JkR5nggDH+/MaVykFCE8saDHcFUABY+kcqLggr7oPCy1J/cp2w1YNHOJaEU8gbILf0KP+Vo=
x-served-by
cache-hhn4042-HHN
last-modified
Fri, 04 Feb 2022 12:14:15 GMT
server
AmazonS3
x-timer
S1644500473.429047,VS0,VE1
date
Thu, 10 Feb 2022 13:41:13 GMT
x-amz-request-id
5XQZFS9B5T0Q82KD
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
22
x-cache-hits
0
12a0606c-8edb-45a7-8dee-f72c55e8b6c1
https://refinancegold.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://refinancegold.com/12a0606c-8edb-45a7-8dee-f72c55e8b6c1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
aea86981-ec6b-4039-a159-95740303cfa8
https://refinancegold.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://refinancegold.com/aea86981-ec6b-4039-a159-95740303cfa8
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
sodar
pagead2.googlesyndication.com/pagead/ Frame F012 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020301&jk=2785550943752486&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js
pagead2.googlesyndication.com/bg/ Frame 8488 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e751e56a80eafc3eae652801cd95947a621fa19d13b51e8ae2ba8ca92809b824
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 12:36:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
3902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13873
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Feb 2023 12:36:11 GMT
3538e8a31702ac5aae6c23ffd436935f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3538e8a31702ac5aae6c23ffd436935f.jpg
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
584c87f4d3c4456eea6e4ca2343ad9a20df70080281c917f615652a3770d5ffa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish, 1.1 varnish
age
1951562
edge-cache-tag
371851402407615511394070421712886068098,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
371851402407615511394070421712886068098,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
482
expiration
expiry-date="Tue, 15 Feb 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3538e8a31702ac5aae6c23ffd436935f.jpg
content-length
69008
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Sat, 15 Jan 2022 07:10:41 GMT
server
nginx
x-timer
S1644500474.504888,VS0,VE0
etag
"f3c39492265724054be8b15f5109c846"
x-served-by
cache-dca17724-DCA, cache-iad-kjyo7100108-IAD, cache-hhn4042-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
yrvcczfiqzkqn6arwaqo.mp4
cdn.taboola.com/libtrc/static/video/v1634738029/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1634738029/yrvcczfiqzkqn6arwaqo.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://refinancegold.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
J4zwUNwnA0ErvhyvrKLpkCaCxT4xK5mi
via
1.1 varnish
etag
"b762c1211448685bef7913613136e233"
age
91
x-cache
HIT
Content-Range
bytes 0-449261/449262
x-amz-replication-status
COMPLETED
Content-Length
449262
x-amz-id-2
26fvZvZz03iP63Q8GE1RqR59hTyjH8L79t+C6IZEcA8NkQ1yjLGE/HypFc3t1bbdOuPc+tWZgoU=
x-served-by
cache-hhn4042-HHN
last-modified
Wed, 20 Oct 2021 13:53:57 GMT
server
AmazonS3
x-timer
S1644500474.511413,VS0,VE1
date
Thu, 10 Feb 2022 13:41:13 GMT
x-amz-request-id
XZN5XCW5MWTNYCKJ
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
22
x-cache-hits
0
sync
taboola-supply-partners.tremorhub.com/ Frame EFBC 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7VgkCFgPmq1iO469BoATmq1iO469BoAUAAAAGBuIHG7UZrFakFYW12SyWq-VstFgtl5PhZDIcDEGjNoPVirSisDabxXK1nG0my8FwMhiOJlM4Gbtb45i71RqjW2M6u9USPlvC2LPVElJbM1uu1WoRW60WsdgQh6bT4XPd6yUvm9PusHtcPr_ZZNf43X6x6_i6PN9ip83l1pyeZ5df9HLZHT6XW-e0nN1Cv-fwND3MTuvL5Jb4LQ636OVwSxxms-etMft9Pqfd59ac_m6Hx-iW-31v3d9yebpMdgAAAAB4AFiCb4H4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAoMO7UAIDiKGC_0e7yBwDAgwIIAIAABgnAAF9rCYCFbPMJAAAAAAAAAADL____fwzAXsWWDIDGYEgPwIMPwANRAWkRIwAAAIDc6k3To0mdUFlUAQAQpFsBXAEABPiNd1NHhgEAAAiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEo4ce0IAYUe7VfQACAtV9AAAA2dQMAeBOACzqCVgwGqzOg5WazWc0OAAAA4O7___9fD0RcloVvMpp5bB7jYmJZjgwb38hm2Zh2y4Vz4rFtj4SraT3Yrymp72Tsbo1j7lZrjG6N6exWS_hsCWPPVktIbc1suVarRWy1WsSi34QtRqvJZLMczpaLyWA4Go5G-xPI4QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFi5tvYJrvRWjUyDdaiyWrkVm5sjrVyYZmYLCbPcLOauUWvj-k4czknvuEWBQPk9iK4SCd6t89zep2cfs9b8rI57Q67x-Xzm00WsURzskgnssu-4rIsfJPRzGPzGBcTy3Jk2PhGNsvGtFsunBOPbd-Y-Ta2yW60Vo1Mg7Voshq5lRubY61cWCYmi8kz3KxmbtHrYzrOXM6Jb7hvzEaj1WAw2k32jdlotBoMRrvJvkNn-K4-Z6O5em54bNrQudqtzswHhctg8f4kpsW0OzuYTr6j0-UVJos6o-_6PXoNCs_Bo_r4ps-Mbdyw1nrPheNgUMQSwekinYhextNFLJE8LdKJcuNyWFY2i2E5Ms0Gu-FgNFwYZoblyLDxLGfLwUQsUZou0ole7Dq-Ls-32GlzuTWn59nlF71cdofP5dY5LWe30O85PE0Ps9P6MrklfovDLXo53BKH2ex5a8x-n89p97k1p7_b4TG65X7fW_e3XJ4uk0X9x4cYruaSxWauWK3mitlslQAAAAAAAAAAljBn3gQAAADgNJDJcDVZLRcA4tZeFxgEAAAAAABg2E56_H7ddTb7-3XX2ezvd-xujWPuVmuMbo3p7FZL-GwJY89WS0htzWy5VqtFbLVaxOL3a57dYuSxjdyCiW_hFm0GK7fCt1yuZSuPYbKbrCa2mXPfL7H4_ZLL8zX9Df9-YzYarQaD0W6xY4x3-zyn18np97wlL5vT7rB7XD6_2WRlgAfMeebNnglirVbLGgAAQAAbAAAggFs3bwHnVRwAAECAHA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:9a2f:8341:7f9b:9de Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame EFBC 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7VgkCFgPmq1iO469BoATmq1iO469BoAUAAAAGBuIHG7UZrFakFYW12SyWq-VstFgtl5PhZDIcDEGjNoPVirSisDabxXK1nG0my8FwMhiOJlM4Gbtb45i71RqjW2M6u9USPlvC2LPVElJbM1uu1WoRW60WsdgQh6bT4XPd6yUvm9PusHtcPr_ZZNf43X6x6_i6PN9ip83l1pyeZ5df9HLZHT6XW-e0nN1Cv-fwND3MTuvL5Jb4LQ636OVwSxxms-etMft9Pqfd59ac_m6Hx-iW-31v3d9yebpMdgAAAAB4AFiCb4H4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAoMO7UAIDiKGC_0e7yBwDAgwIIAIAABgnAAF9rCYCFbPMJAAAAAAAAAADL____fwzAXsWWDIDGYEgPwIMPwANRAWkRIwAAAIDc6k3To0mdUFlUAQAQpFsBXAEABPiNd1NHhgEAAAiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEo4ce0IAYUe7VfQACAtV9AAAA2dQMAeBOACzqCVgwGqzOg5WazWc0OAAAA4O7___9fD0RcloVvMpp5bB7jYmJZjgwb38hm2Zh2y4Vz4rFtj4SraT3Yrymp72Tsbo1j7lZrjG6N6exWS_hsCWPPVktIbc1suVarRWy1WsSi34QtRqvJZLMczpaLyWA4Go5G-xPI4QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFi5tvYJrvRWjUyDdaiyWrkVm5sjrVyYZmYLCbPcLOauUWvj-k4czknvuEWBQPk9iK4SCd6t89zep2cfs9b8rI57Q67x-Xzm00WsURzskgnssu-4rIsfJPRzGPzGBcTy3Jk2PhGNsvGtFsunBOPbd-Y-Ta2yW60Vo1Mg7Voshq5lRubY61cWCYmi8kz3KxmbtHrYzrOXM6Jb7hvzEaj1WAw2k32jdlotBoMRrvJvkNn-K4-Z6O5em54bNrQudqtzswHhctg8f4kpsW0OzuYTr6j0-UVJos6o-_6PXoNCs_Bo_r4ps-Mbdyw1nrPheNgUMQSwekinYhextNFLJE8LdKJcuNyWFY2i2E5Ms0Gu-FgNFwYZoblyLDxLGfLwUQsUZou0ole7Dq-Ls-32GlzuTWn59nlF71cdofP5dY5LWe30O85PE0Ps9P6MrklfovDLXo53BKH2ex5a8x-n89p97k1p7_b4TG65X7fW_e3XJ4uk0X9x4cYruaSxWauWK3mitlslQAAAAAAAAAAljBn3gQAAADgNJDJcDVZLRcA4tZeFxgEAAAAAABg2E56_H7ddTb7-3XX2ezvd-xujWPuVmuMbo3p7FZL-GwJY89WS0htzWy5VqtFbLVaxOL3a57dYuSxjdyCiW_hFm0GK7fCt1yuZSuPYbKbrCa2mXPfL7H4_ZLL8zX9Df9-YzYarQaD0W6xY4x3-zyn18np97wlL5vT7rB7XD6_2WRlgAfMeebNnglirVbLGgAAQAAbAAAggFs3bwHnVRwAAECAHA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 13:41:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame EFBC
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1d1df53a-8a77-11ec-8f9a-180e33a50406&orig=video&us_privacy=1---gdpr=1&
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1d1df53a-8a77-11ec-8f9a-180e33a50406&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7VgkCFgPmq1iO469BoATmq1iO469BoAUAAAAGBuIHG7UZrFakFYW12SyWq-VstFgtl5PhZDIcDEGjNoPVirSisDabxXK1nG0my8FwMhiOJlM4Gbtb45i71RqjW2M6u9USPlvC2LPVElJbM1uu1WoRW60WsdgQh6bT4XPd6yUvm9PusHtcPr_ZZNf43X6x6_i6PN9ip83l1pyeZ5df9HLZHT6XW-e0nN1Cv-fwND3MTuvL5Jb4LQ636OVwSxxms-etMft9Pqfd59ac_m6Hx-iW-31v3d9yebpMdgAAAAB4AFiCb4H4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAoMO7UAIDiKGC_0e7yBwDAgwIIAIAABgnAAF9rCYCFbPMJAAAAAAAAAADL____fwzAXsWWDIDGYEgPwIMPwANRAWkRIwAAAIDc6k3To0mdUFlUAQAQpFsBXAEABPiNd1NHhgEAAAiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEo4ce0IAYUe7VfQACAtV9AAAA2dQMAeBOACzqCVgwGqzOg5WazWc0OAAAA4O7___9fD0RcloVvMpp5bB7jYmJZjgwb38hm2Zh2y4Vz4rFtj4SraT3Yrymp72Tsbo1j7lZrjG6N6exWS_hsCWPPVktIbc1suVarRWy1WsSi34QtRqvJZLMczpaLyWA4Go5G-xPI4QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFi5tvYJrvRWjUyDdaiyWrkVm5sjrVyYZmYLCbPcLOauUWvj-k4czknvuEWBQPk9iK4SCd6t89zep2cfs9b8rI57Q67x-Xzm00WsURzskgnssu-4rIsfJPRzGPzGBcTy3Jk2PhGNsvGtFsunBOPbd-Y-Ta2yW60Vo1Mg7Voshq5lRubY61cWCYmi8kz3KxmbtHrYzrOXM6Jb7hvzEaj1WAw2k32jdlotBoMRrvJvkNn-K4-Z6O5em54bNrQudqtzswHhctg8f4kpsW0OzuYTr6j0-UVJos6o-_6PXoNCs_Bo_r4ps-Mbdyw1nrPheNgUMQSwekinYhextNFLJE8LdKJcuNyWFY2i2E5Ms0Gu-FgNFwYZoblyLDxLGfLwUQsUZou0ole7Dq-Ls-32GlzuTWn59nlF71cdofP5dY5LWe30O85PE0Ps9P6MrklfovDLXo53BKH2ex5a8x-n89p97k1p7_b4TG65X7fW_e3XJ4uk0X9x4cYruaSxWauWK3mitlslQAAAAAAAAAAljBn3gQAAADgNJDJcDVZLRcA4tZeFxgEAAAAAABg2E56_H7ddTb7-3XX2ezvd-xujWPuVmuMbo3p7FZL-GwJY89WS0htzWy5VqtFbLVaxOL3a57dYuSxjdyCiW_hFm0GK7fCt1yuZSuPYbKbrCa2mXPfL7H4_ZLL8zX9Df9-YzYarQaD0W6xY4x3-zyn18np97wlL5vT7rB7XD6_2WRlgAfMeebNnglirVbLGgAAQAAbAAAggFs3bwHnVRwAAECAHA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13723

Redirect headers

Date
Thu, 10 Feb 2022 13:41:13 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1d1df53a-8a77-11ec-8f9a-180e33a50406&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
40
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame EFBC 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7VgkCFgPmq1iO469BoATmq1iO469BoAUAAAAGBuIHG7UZrFakFYW12SyWq-VstFgtl5PhZDIcDEGjNoPVirSisDabxXK1nG0my8FwMhiOJlM4Gbtb45i71RqjW2M6u9USPlvC2LPVElJbM1uu1WoRW60WsdgQh6bT4XPd6yUvm9PusHtcPr_ZZNf43X6x6_i6PN9ip83l1pyeZ5df9HLZHT6XW-e0nN1Cv-fwND3MTuvL5Jb4LQ636OVwSxxms-etMft9Pqfd59ac_m6Hx-iW-31v3d9yebpMdgAAAAB4AFiCb4H4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAoMO7UAIDiKGC_0e7yBwDAgwIIAIAABgnAAF9rCYCFbPMJAAAAAAAAAADL____fwzAXsWWDIDGYEgPwIMPwANRAWkRIwAAAIDc6k3To0mdUFlUAQAQpFsBXAEABPiNd1NHhgEAAAiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEo4ce0IAYUe7VfQACAtV9AAAA2dQMAeBOACzqCVgwGqzOg5WazWc0OAAAA4O7___9fD0RcloVvMpp5bB7jYmJZjgwb38hm2Zh2y4Vz4rFtj4SraT3Yrymp72Tsbo1j7lZrjG6N6exWS_hsCWPPVktIbc1suVarRWy1WsSi34QtRqvJZLMczpaLyWA4Go5G-xPI4QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFi5tvYJrvRWjUyDdaiyWrkVm5sjrVyYZmYLCbPcLOauUWvj-k4czknvuEWBQPk9iK4SCd6t89zep2cfs9b8rI57Q67x-Xzm00WsURzskgnssu-4rIsfJPRzGPzGBcTy3Jk2PhGNsvGtFsunBOPbd-Y-Ta2yW60Vo1Mg7Voshq5lRubY61cWCYmi8kz3KxmbtHrYzrOXM6Jb7hvzEaj1WAw2k32jdlotBoMRrvJvkNn-K4-Z6O5em54bNrQudqtzswHhctg8f4kpsW0OzuYTr6j0-UVJos6o-_6PXoNCs_Bo_r4ps-Mbdyw1nrPheNgUMQSwekinYhextNFLJE8LdKJcuNyWFY2i2E5Ms0Gu-FgNFwYZoblyLDxLGfLwUQsUZou0ole7Dq-Ls-32GlzuTWn59nlF71cdofP5dY5LWe30O85PE0Ps9P6MrklfovDLXo53BKH2ex5a8x-n89p97k1p7_b4TG65X7fW_e3XJ4uk0X9x4cYruaSxWauWK3mitlslQAAAAAAAAAAljBn3gQAAADgNJDJcDVZLRcA4tZeFxgEAAAAAABg2E56_H7ddTb7-3XX2ezvd-xujWPuVmuMbo3p7FZL-GwJY89WS0htzWy5VqtFbLVaxOL3a57dYuSxjdyCiW_hFm0GK7fCt1yuZSuPYbKbrCa2mXPfL7H4_ZLL8zX9Df9-YzYarQaD0W6xY4x3-zyn18np97wlL5vT7rB7XD6_2WRlgAfMeebNnglirVbLGgAAQAAbAAAggFs3bwHnVRwAAECAHA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.142.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-142-161.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 13:41:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/ Frame EFBC
Redirect Chain
  • https://cms.quantserve.com/pixel/p-FyWrHAMskJyru.gif?idmatch=0&us_privacy=1---&gdpr=1&&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fquantcastrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID%26orig%3...
  • https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=FoUr7hGCfeINgH29FIU27hHWKLoNhiniFYSEUZFP
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=FoUr7hGCfeINgH29FIU27hHWKLoNhiniFYSEUZFP
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7VgkCFgPmq1iO469BoATmq1iO469BoAUAAAAGBuIHG7UZrFakFYW12SyWq-VstFgtl5PhZDIcDEGjNoPVirSisDabxXK1nG0my8FwMhiOJlM4Gbtb45i71RqjW2M6u9USPlvC2LPVElJbM1uu1WoRW60WsdgQh6bT4XPd6yUvm9PusHtcPr_ZZNf43X6x6_i6PN9ip83l1pyeZ5df9HLZHT6XW-e0nN1Cv-fwND3MTuvL5Jb4LQ636OVwSxxms-etMft9Pqfd59ac_m6Hx-iW-31v3d9yebpMdgAAAAB4AFiCb4H4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAoMO7UAIDiKGC_0e7yBwDAgwIIAIAABgnAAF9rCYCFbPMJAAAAAAAAAADL____fwzAXsWWDIDGYEgPwIMPwANRAWkRIwAAAIDc6k3To0mdUFlUAQAQpFsBXAEABPiNd1NHhgEAAAiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEo4ce0IAYUe7VfQACAtV9AAAA2dQMAeBOACzqCVgwGqzOg5WazWc0OAAAA4O7___9fD0RcloVvMpp5bB7jYmJZjgwb38hm2Zh2y4Vz4rFtj4SraT3Yrymp72Tsbo1j7lZrjG6N6exWS_hsCWPPVktIbc1suVarRWy1WsSi34QtRqvJZLMczpaLyWA4Go5G-xPI4QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFi5tvYJrvRWjUyDdaiyWrkVm5sjrVyYZmYLCbPcLOauUWvj-k4czknvuEWBQPk9iK4SCd6t89zep2cfs9b8rI57Q67x-Xzm00WsURzskgnssu-4rIsfJPRzGPzGBcTy3Jk2PhGNsvGtFsunBOPbd-Y-Ta2yW60Vo1Mg7Voshq5lRubY61cWCYmi8kz3KxmbtHrYzrOXM6Jb7hvzEaj1WAw2k32jdlotBoMRrvJvkNn-K4-Z6O5em54bNrQudqtzswHhctg8f4kpsW0OzuYTr6j0-UVJos6o-_6PXoNCs_Bo_r4ps-Mbdyw1nrPheNgUMQSwekinYhextNFLJE8LdKJcuNyWFY2i2E5Ms0Gu-FgNFwYZoblyLDxLGfLwUQsUZou0ole7Dq-Ls-32GlzuTWn59nlF71cdofP5dY5LWe30O85PE0Ps9P6MrklfovDLXo53BKH2ex5a8x-n89p97k1p7_b4TG65X7fW_e3XJ4uk0X9x4cYruaSxWauWK3mitlslQAAAAAAAAAAljBn3gQAAADgNJDJcDVZLRcA4tZeFxgEAAAAAABg2E56_H7ddTb7-3XX2ezvd-xujWPuVmuMbo3p7FZL-GwJY89WS0htzWy5VqtFbLVaxOL3a57dYuSxjdyCiW_hFm0GK7fCt1yuZSuPYbKbrCa2mXPfL7H4_ZLL8zX9Df9-YzYarQaD0W6xY4x3-zyn18np97wlL5vT7rB7XD6_2WRlgAfMeebNnglirVbLGgAAQAAbAAAggFs3bwHnVRwAAECAHA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13753

Redirect headers

pragma
no-cache
date
Thu, 10 Feb 2022 13:41:13 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=FoUr7hGCfeINgH29FIU27hHWKLoNhiniFYSEUZFP
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cmTagWIDGET_ITEM.js
vidstat.taboola.com/vpaid/units/31_1_9/infra/ 		738 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/31_1_9/infra/cmTagWIDGET_ITEM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.0/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
a0edd2250d92e41e460bde20e1bc2770d7360aaa7520f5050a87cd2b8dbda217

Request headers

Referer
https://refinancegold.com/
Origin
https://refinancegold.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish
age
622012
x-amz-meta-mtime
1643878309
x-cache
HIT
x-amz-meta-ctime
1643878310
x-amz-meta-mode
33188
content-encoding
br
content-length
130304
x-amz-id-2
5ThOwGa9eFXPFzxfzfuIjj9JjH3DownAKipS95nG8XknGhjTEhgAUe1UaOeDqNj1GkAFhAYDBEk=
x-served-by
cache-hhn4075-HHN
accept-ranges
bytes
last-modified
Thu, 03 Feb 2022 08:51:51 GMT
server
AmazonS3-br
x-timer
S1644500474.576622,VS0,VE0
etag
"c06e5b85b173a39c7ea9666a62805a15"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
591QJS72PZKQ1EAX
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
4136
cmOsUnit.css
vidstat.taboola.com/vpaid/units/31_1_9/assets/css/ 		63 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/31_1_9/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.0/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
04c92da639b83f3954de1481055274f4dc6891364297dec15c0050a2e5c6dc13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish
age
622013
x-amz-meta-mtime
1643878363
x-cache
HIT
x-amz-meta-ctime
1643878364
x-amz-meta-mode
33188
content-encoding
br
content-length
8280
x-amz-id-2
N5Hpxln5wBbzI7Ga0cf4PneT8fblDjwLE4sFd3ybppE0E0MC3OOf87o7B7IZOhUgm+xA4MqJFWA=
x-served-by
cache-hhn4042-HHN
accept-ranges
bytes
last-modified
Thu, 03 Feb 2022 08:52:45 GMT
server
AmazonS3-br
x-timer
S1644500474.561559,VS0,VE0
etag
"19adad12972fe11c2c8a39a781625b6d"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
591VJV4458BA5VHZ
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
137873
content14_10_18m.js
vidstat.taboola.com/ 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content14_10_18m.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_1_9/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront), 1.1 varnish
age
4333851
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
7638
x-served-by
cache-hhn4042-HHN
last-modified
Sun, 14 Oct 2018 13:31:31 GMT
server
AmazonS3
x-timer
S1644500474.687254,VS0,VE0
etag
"d8d81221ec6e604811ce469d899c9c8b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
pKG4oNx3x3a6CA3o9mtSGNKksF7XtjHwgVqKbA-wlmrpXa-X4jGIlA==
x-cache-hits
1517062
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v13.5.5/ 		553 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v13.5.5/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_1_9/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9ae8bbf7f8b5f1d3bfbebd5593f718f867d7962e895dc47508735bab6bbc454d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 varnish
age
153010
x-amz-meta-mtime
1644347398
x-cache
HIT
x-amz-meta-ctime
1644347411
x-amz-meta-mode
33188
content-encoding
br
content-length
116114
x-amz-id-2
1CqoiCgmLtqpdC1dWJM1iYNztoAR/t/JOKB3d1u26V96HTfTLhgzdCIRRnuM5XhYmYm1e4dbdYM=
x-served-by
cache-hhn4042-HHN
accept-ranges
bytes
last-modified
Tue, 08 Feb 2022 19:10:12 GMT
server
AmazonS3-br
x-timer
S1644500474.706579,VS0,VE0
etag
"f1e77e853ec80fa583d681a35dc1cb54"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
VMBHFNWKE7W94GVF
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
36503
sync
am-match.taboola.com/ Frame 7CCC 		928 B
1013 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7VgkCFgPmq1iO469BoATmq1iO469BoAUAAAAGBuIHG7UZrFakFYW12SyWq-VstFgtl5PhZDIcDEGjNoPVirSisDabxXK1nG0my8FwMhiOJlM4Gbtb45i71RqjW2M6u9USPlvC2LPVElJbM1uu1WoRW60WsdgQh6bT4XPd6yUvm9PusHtcPr_ZZNf43X6x6_i6PN9ip83l1pyeZ5df9HLZHT6XW-e0nN1Cv-fwND3MTuvL5Jb4LQ636OVwSxxms-etMft9Pqfd59ac_m6Hx-iW-31v3d9yebpMdgAAAAB4AFiCb4H4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAoMO7UAIDiKGC_0e7yBwDAgwIIAIAABgnAAF9rCYCFbPMJAAAAAAAAAADL____fwzAXsWWDIDGYEgPwIMPwANRAWkRIwAAAIDc6k3To0mdUFlUAQAQpFsBXAEABPiNd1NHhgEAAAiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEo4ce0IAYUe7VfQACAtV9AAAA2dQMAeBOACzqCVgwGqzOg5WazWc0OAAAA4O7___9fD0RcloVvMpp5bB7jYmJZjgwb38hm2Zh2y4Vz4rFtj4SraT3Yrymp72Tsbo1j7lZrjG6N6exWS_hsCWPPVktIbc1suVarRWy1WsSi34QtRqvJZLMczpaLyWA4Go5G-xPI4QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFi5tvYJrvRWjUyDdaiyWrkVm5sjrVyYZmYLCbPcLOauUWvj-k4czknvuEWBQPk9iK4SCd6t89zep2cfs9b8rI57Q67x-Xzm00WsURzskgnssu-4rIsfJPRzGPzGBcTy3Jk2PhGNsvGtFsunBOPbd-Y-Ta2yW60Vo1Mg7Voshq5lRubY61cWCYmi8kz3KxmbtHrYzrOXM6Jb7hvzEaj1WAw2k32jdlotBoMRrvJvkNn-K4-Z6O5em54bNrQudqtzswHhctg8f4kpsW0OzuYTr6j0-UVJos6o-_6PXoNCs_Bo_r4ps-Mbdyw1nrPheNgUMQSwekinYhextNFLJE8LdKJcuNyWFY2i2E5Ms0Gu-FgNFwYZoblyLDxLGfLwUQsUZou0ole7Dq-Ls-32GlzuTWn59nlF71cdofP5dY5LWe30O85PE0Ps9P6MrklfovDLXo53BKH2ex5a8x-n89p97k1p7_b4TG65X7fW_e3XJ4uk0X9x4cYruaSxWauWK3mitlslQAAAAAAAAAAljBn3gQAAADgNJDJcDVZLRcA4tZeFxgEAAAAAABg2E56_H7ddTb7-3XX2ezvd-xujWPuVmuMbo3p7FZL-GwJY89WS0htzWy5VqtFbLVaxOL3a57dYuSxjdyCiW_hFm0GK7fCt1yuZSuPYbKbrCa2mXPfL7H4_ZLL8zX9Df9-YzYarQaD0W6xY4x3-zyn18np97wlL5vT7rB7XD6_2WRlgAfMeebNnglirVbLGgAAQAAbAAAggFs3bwHnVRwAAECAHA!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_1_9/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
8d7ce7d41f3939e38ce2b582b79dfe76ef3143ae9bf2870c5d4a530f037b148b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/

Response headers

server
nginx
date
Thu, 10 Feb 2022 13:41:13 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3401
sync
taboola-supply-partners.tremorhub.com/ Frame 3FA4 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8066395&crid=4976685&dast=V7VgkCFgPmq1iO469BoATmq1iO469BoAUAAAAGBuIHG7UZrFakFYW12SyWq-VstFgtl5PhZDIcDEGjNoPVirSisDabxXK1nG0my8FwMhiOJlM4Gbtb45i71RqjW2M6u9USPlvC2LPVElJbM1uu1WoRW60WsdgQh6bT4XPd6yUvm9PusHtcPr_ZZNf43X6x6_i6PN9ip83l1pyeZ5df9HLZHT6XW-e0nN1Cv-fwND3MTuvL5Jb4LQ636OVwSxxms-etMft9Pqfd59ac_m6Hx-iW-31v3d9yebpMdgAAAAB4AFiCb4H4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAoMO7UAIDiKGC_0e7yBwDAgwIIAIAABgnAAF9rCYCFbPMJAAAAAAAAAADL____fwzAXsWWDIDGYEgPwIMPwANRAWkRIwAAAIDc6k3To0mdUFlUAQAQpFsBXAEABPiNd1NHhgEAAAiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEo4ce0IAYUe7VfQACAtV9AAAA2dQMAeBOACzqCVgwGqzOg5WazWc0OAAAA4O7___9fD0RcloVvMpp5bB7jYmJZjgwb38hm2Zh2y4Vz4rFtj4SraT3Yrymp72Tsbo1j7lZrjG6N6exWS_hsCWPPVktIbc1suVarRWy1WsSi34QtRqvJZLMczpaLyWA4Go5G-xPI4QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFi5tvYJrvRWjUyDdaiyWrkVm5sjrVyYZmYLCbPcLOauUWvj-k4czknvuEWBQPk9iK4SCd6t89zep2cfs9b8rI57Q67x-Xzm00WsURzskgnssu-4rIsfJPRzGPzGBcTy3Jk2PhGNsvGtFsunBOPbd-Y-Ta2yW60Vo1Mg7Voshq5lRubY61cWCYmi8kz3KxmbtHrYzrOXM6Jb7hvzEaj1WAw2k32jdlotBoMRrvJvkNn-K4-Z6O5em54bNrQudqtzswHhctg8f4kpsW0OzuYTr6j0-UVJos6o-_6PXoNCs_Bo_r4ps-Mbdyw1nrPheNgUMQSwekinYhextNFLJE8LdKJcuNyWFY2i2E5Ms0Gu-FgNFwYZoblyLDxLGfLwUQsUZou0ole7Dq-Ls-32GlzuTWn59nlF71cdofP5dY5LWe30O85PE0Ps9P6MrklfovDLXo53BKH2ex5a8x-n89p97k1p7_b4TG65X7fW_e3XJ4uk0X9x4cYruaSxWauWK3mitlslQAAAAAAAAAAljBn3gQAAADgNJDJcDVZLRcA4tZeFxgEAAAAAABg2E56_H7ddTb7-3XX2ezvd-xujWPuVmuMbo3p7FZL-GwJY89WS0htzWy5VqtFbLVaxOL3a57dYuSxjdyCiW_hFm0GK7fCt1yuZSuPYbKbrCa2mXPfL7H4_ZLL8zX9Df9-YzYarQaD0W6xY4x3-zyn18np97wlL5vT7rB7XD6_2WRlgAfMeebNnglirVbLGgAAQAAbAAAggFs3bwHnVRwAAECAHA!&cmcv=&pix=undefined&cb=1644500473399&uv=3119&tms=1644500473399&abt=adh5c-1_vA!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!mprdctdt6_vA!pblc_vE!smbs!spa2_vA!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=5305E4EB5331959641599282280&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:9a2f:8341:7f9b:9de Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 3FA4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8066395&crid=4976685&dast=V7VgkCFgPmq1iO469BoATmq1iO469BoAUAAAAGBuIHG7UZrFakFYW12SyWq-VstFgtl5PhZDIcDEGjNoPVirSisDabxXK1nG0my8FwMhiOJlM4Gbtb45i71RqjW2M6u9USPlvC2LPVElJbM1uu1WoRW60WsdgQh6bT4XPd6yUvm9PusHtcPr_ZZNf43X6x6_i6PN9ip83l1pyeZ5df9HLZHT6XW-e0nN1Cv-fwND3MTuvL5Jb4LQ636OVwSxxms-etMft9Pqfd59ac_m6Hx-iW-31v3d9yebpMdgAAAAB4AFiCb4H4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAoMO7UAIDiKGC_0e7yBwDAgwIIAIAABgnAAF9rCYCFbPMJAAAAAAAAAADL____fwzAXsWWDIDGYEgPwIMPwANRAWkRIwAAAIDc6k3To0mdUFlUAQAQpFsBXAEABPiNd1NHhgEAAAiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEo4ce0IAYUe7VfQACAtV9AAAA2dQMAeBOACzqCVgwGqzOg5WazWc0OAAAA4O7___9fD0RcloVvMpp5bB7jYmJZjgwb38hm2Zh2y4Vz4rFtj4SraT3Yrymp72Tsbo1j7lZrjG6N6exWS_hsCWPPVktIbc1suVarRWy1WsSi34QtRqvJZLMczpaLyWA4Go5G-xPI4QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFi5tvYJrvRWjUyDdaiyWrkVm5sjrVyYZmYLCbPcLOauUWvj-k4czknvuEWBQPk9iK4SCd6t89zep2cfs9b8rI57Q67x-Xzm00WsURzskgnssu-4rIsfJPRzGPzGBcTy3Jk2PhGNsvGtFsunBOPbd-Y-Ta2yW60Vo1Mg7Voshq5lRubY61cWCYmi8kz3KxmbtHrYzrOXM6Jb7hvzEaj1WAw2k32jdlotBoMRrvJvkNn-K4-Z6O5em54bNrQudqtzswHhctg8f4kpsW0OzuYTr6j0-UVJos6o-_6PXoNCs_Bo_r4ps-Mbdyw1nrPheNgUMQSwekinYhextNFLJE8LdKJcuNyWFY2i2E5Ms0Gu-FgNFwYZoblyLDxLGfLwUQsUZou0ole7Dq-Ls-32GlzuTWn59nlF71cdofP5dY5LWe30O85PE0Ps9P6MrklfovDLXo53BKH2ex5a8x-n89p97k1p7_b4TG65X7fW_e3XJ4uk0X9x4cYruaSxWauWK3mitlslQAAAAAAAAAAljBn3gQAAADgNJDJcDVZLRcA4tZeFxgEAAAAAABg2E56_H7ddTb7-3XX2ezvd-xujWPuVmuMbo3p7FZL-GwJY89WS0htzWy5VqtFbLVaxOL3a57dYuSxjdyCiW_hFm0GK7fCt1yuZSuPYbKbrCa2mXPfL7H4_ZLL8zX9Df9-YzYarQaD0W6xY4x3-zyn18np97wlL5vT7rB7XD6_2WRlgAfMeebNnglirVbLGgAAQAAbAAAggFs3bwHnVRwAAECAHA!&cmcv=&pix=undefined&cb=1644500473399&uv=3119&tms=1644500473399&abt=adh5c-1_vA!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!mprdctdt6_vA!pblc_vE!smbs!spa2_vA!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=5305E4EB5331959641599282280&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 13:41:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 3FA4
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1d1df53a-8a77-11ec-8f9a-180e33a50406&orig=video&us_privacy=1---gdpr=1&
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1d1df53a-8a77-11ec-8f9a-180e33a50406&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8066395&crid=4976685&dast=V7VgkCFgPmq1iO469BoATmq1iO469BoAUAAAAGBuIHG7UZrFakFYW12SyWq-VstFgtl5PhZDIcDEGjNoPVirSisDabxXK1nG0my8FwMhiOJlM4Gbtb45i71RqjW2M6u9USPlvC2LPVElJbM1uu1WoRW60WsdgQh6bT4XPd6yUvm9PusHtcPr_ZZNf43X6x6_i6PN9ip83l1pyeZ5df9HLZHT6XW-e0nN1Cv-fwND3MTuvL5Jb4LQ636OVwSxxms-etMft9Pqfd59ac_m6Hx-iW-31v3d9yebpMdgAAAAB4AFiCb4H4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAoMO7UAIDiKGC_0e7yBwDAgwIIAIAABgnAAF9rCYCFbPMJAAAAAAAAAADL____fwzAXsWWDIDGYEgPwIMPwANRAWkRIwAAAIDc6k3To0mdUFlUAQAQpFsBXAEABPiNd1NHhgEAAAiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEo4ce0IAYUe7VfQACAtV9AAAA2dQMAeBOACzqCVgwGqzOg5WazWc0OAAAA4O7___9fD0RcloVvMpp5bB7jYmJZjgwb38hm2Zh2y4Vz4rFtj4SraT3Yrymp72Tsbo1j7lZrjG6N6exWS_hsCWPPVktIbc1suVarRWy1WsSi34QtRqvJZLMczpaLyWA4Go5G-xPI4QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFi5tvYJrvRWjUyDdaiyWrkVm5sjrVyYZmYLCbPcLOauUWvj-k4czknvuEWBQPk9iK4SCd6t89zep2cfs9b8rI57Q67x-Xzm00WsURzskgnssu-4rIsfJPRzGPzGBcTy3Jk2PhGNsvGtFsunBOPbd-Y-Ta2yW60Vo1Mg7Voshq5lRubY61cWCYmi8kz3KxmbtHrYzrOXM6Jb7hvzEaj1WAw2k32jdlotBoMRrvJvkNn-K4-Z6O5em54bNrQudqtzswHhctg8f4kpsW0OzuYTr6j0-UVJos6o-_6PXoNCs_Bo_r4ps-Mbdyw1nrPheNgUMQSwekinYhextNFLJE8LdKJcuNyWFY2i2E5Ms0Gu-FgNFwYZoblyLDxLGfLwUQsUZou0ole7Dq-Ls-32GlzuTWn59nlF71cdofP5dY5LWe30O85PE0Ps9P6MrklfovDLXo53BKH2ex5a8x-n89p97k1p7_b4TG65X7fW_e3XJ4uk0X9x4cYruaSxWauWK3mitlslQAAAAAAAAAAljBn3gQAAADgNJDJcDVZLRcA4tZeFxgEAAAAAABg2E56_H7ddTb7-3XX2ezvd-xujWPuVmuMbo3p7FZL-GwJY89WS0htzWy5VqtFbLVaxOL3a57dYuSxjdyCiW_hFm0GK7fCt1yuZSuPYbKbrCa2mXPfL7H4_ZLL8zX9Df9-YzYarQaD0W6xY4x3-zyn18np97wlL5vT7rB7XD6_2WRlgAfMeebNnglirVbLGgAAQAAbAAAggFs3bwHnVRwAAECAHA!&cmcv=&pix=undefined&cb=1644500473399&uv=3119&tms=1644500473399&abt=adh5c-1_vA!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!mprdctdt6_vA!pblc_vE!smbs!spa2_vA!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=5305E4EB5331959641599282280&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13708

Redirect headers

Date
Thu, 10 Feb 2022 13:41:13 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1d1df53a-8a77-11ec-8f9a-180e33a50406&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
33
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 3FA4 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8066395&crid=4976685&dast=V7VgkCFgPmq1iO469BoATmq1iO469BoAUAAAAGBuIHG7UZrFakFYW12SyWq-VstFgtl5PhZDIcDEGjNoPVirSisDabxXK1nG0my8FwMhiOJlM4Gbtb45i71RqjW2M6u9USPlvC2LPVElJbM1uu1WoRW60WsdgQh6bT4XPd6yUvm9PusHtcPr_ZZNf43X6x6_i6PN9ip83l1pyeZ5df9HLZHT6XW-e0nN1Cv-fwND3MTuvL5Jb4LQ636OVwSxxms-etMft9Pqfd59ac_m6Hx-iW-31v3d9yebpMdgAAAAB4AFiCb4H4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAoMO7UAIDiKGC_0e7yBwDAgwIIAIAABgnAAF9rCYCFbPMJAAAAAAAAAADL____fwzAXsWWDIDGYEgPwIMPwANRAWkRIwAAAIDc6k3To0mdUFlUAQAQpFsBXAEABPiNd1NHhgEAAAiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEo4ce0IAYUe7VfQACAtV9AAAA2dQMAeBOACzqCVgwGqzOg5WazWc0OAAAA4O7___9fD0RcloVvMpp5bB7jYmJZjgwb38hm2Zh2y4Vz4rFtj4SraT3Yrymp72Tsbo1j7lZrjG6N6exWS_hsCWPPVktIbc1suVarRWy1WsSi34QtRqvJZLMczpaLyWA4Go5G-xPI4QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFi5tvYJrvRWjUyDdaiyWrkVm5sjrVyYZmYLCbPcLOauUWvj-k4czknvuEWBQPk9iK4SCd6t89zep2cfs9b8rI57Q67x-Xzm00WsURzskgnssu-4rIsfJPRzGPzGBcTy3Jk2PhGNsvGtFsunBOPbd-Y-Ta2yW60Vo1Mg7Voshq5lRubY61cWCYmi8kz3KxmbtHrYzrOXM6Jb7hvzEaj1WAw2k32jdlotBoMRrvJvkNn-K4-Z6O5em54bNrQudqtzswHhctg8f4kpsW0OzuYTr6j0-UVJos6o-_6PXoNCs_Bo_r4ps-Mbdyw1nrPheNgUMQSwekinYhextNFLJE8LdKJcuNyWFY2i2E5Ms0Gu-FgNFwYZoblyLDxLGfLwUQsUZou0ole7Dq-Ls-32GlzuTWn59nlF71cdofP5dY5LWe30O85PE0Ps9P6MrklfovDLXo53BKH2ex5a8x-n89p97k1p7_b4TG65X7fW_e3XJ4uk0X9x4cYruaSxWauWK3mitlslQAAAAAAAAAAljBn3gQAAADgNJDJcDVZLRcA4tZeFxgEAAAAAABg2E56_H7ddTb7-3XX2ezvd-xujWPuVmuMbo3p7FZL-GwJY89WS0htzWy5VqtFbLVaxOL3a57dYuSxjdyCiW_hFm0GK7fCt1yuZSuPYbKbrCa2mXPfL7H4_ZLL8zX9Df9-YzYarQaD0W6xY4x3-zyn18np97wlL5vT7rB7XD6_2WRlgAfMeebNnglirVbLGgAAQAAbAAAggFs3bwHnVRwAAECAHA!&cmcv=&pix=undefined&cb=1644500473399&uv=3119&tms=1644500473399&abt=adh5c-1_vA!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!mprdctdt6_vA!pblc_vE!smbs!spa2_vA!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=5305E4EB5331959641599282280&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.142.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-142-161.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 13:41:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 7CCC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7VgkCFgPmq1iO469BoATmq1iO469BoAUAAAAGBuIHG7UZrFakFYW12SyWq-VstFgtl5PhZDIcDEGjNoPVirSisDabxXK1nG0my8FwMhiOJlM4Gbtb45i71RqjW2M6u9USPlvC2LPVElJbM1uu1WoRW60WsdgQh6bT4XPd6yUvm9PusHtcPr_ZZNf43X6x6_i6PN9ip83l1pyeZ5df9HLZHT6XW-e0nN1Cv-fwND3MTuvL5Jb4LQ636OVwSxxms-etMft9Pqfd59ac_m6Hx-iW-31v3d9yebpMdgAAAAB4AFiCb4H4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAoMO7UAIDiKGC_0e7yBwDAgwIIAIAABgnAAF9rCYCFbPMJAAAAAAAAAADL____fwzAXsWWDIDGYEgPwIMPwANRAWkRIwAAAIDc6k3To0mdUFlUAQAQpFsBXAEABPiNd1NHhgEAAAiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEo4ce0IAYUe7VfQACAtV9AAAA2dQMAeBOACzqCVgwGqzOg5WazWc0OAAAA4O7___9fD0RcloVvMpp5bB7jYmJZjgwb38hm2Zh2y4Vz4rFtj4SraT3Yrymp72Tsbo1j7lZrjG6N6exWS_hsCWPPVktIbc1suVarRWy1WsSi34QtRqvJZLMczpaLyWA4Go5G-xPI4QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFi5tvYJrvRWjUyDdaiyWrkVm5sjrVyYZmYLCbPcLOauUWvj-k4czknvuEWBQPk9iK4SCd6t89zep2cfs9b8rI57Q67x-Xzm00WsURzskgnssu-4rIsfJPRzGPzGBcTy3Jk2PhGNsvGtFsunBOPbd-Y-Ta2yW60Vo1Mg7Voshq5lRubY61cWCYmi8kz3KxmbtHrYzrOXM6Jb7hvzEaj1WAw2k32jdlotBoMRrvJvkNn-K4-Z6O5em54bNrQudqtzswHhctg8f4kpsW0OzuYTr6j0-UVJos6o-_6PXoNCs_Bo_r4ps-Mbdyw1nrPheNgUMQSwekinYhextNFLJE8LdKJcuNyWFY2i2E5Ms0Gu-FgNFwYZoblyLDxLGfLwUQsUZou0ole7Dq-Ls-32GlzuTWn59nlF71cdofP5dY5LWe30O85PE0Ps9P6MrklfovDLXo53BKH2ex5a8x-n89p97k1p7_b4TG65X7fW_e3XJ4uk0X9x4cYruaSxWauWK3mitlslQAAAAAAAAAAljBn3gQAAADgNJDJcDVZLRcA4tZeFxgEAAAAAABg2E56_H7ddTb7-3XX2ezvd-xujWPuVmuMbo3p7FZL-GwJY89WS0htzWy5VqtFbLVaxOL3a57dYuSxjdyCiW_hFm0GK7fCt1yuZSuPYbKbrCa2mXPfL7H4_ZLL8zX9Df9-YzYarQaD0W6xY4x3-zyn18np97wlL5vT7rB7XD6_2WRlgAfMeebNnglirVbLGgAAQAAbAAAggFs3bwHnVRwAAECAHA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 13:41:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame 7CCC 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7VgkCFgPmq1iO469BoATmq1iO469BoAUAAAAGBuIHG7UZrFakFYW12SyWq-VstFgtl5PhZDIcDEGjNoPVirSisDabxXK1nG0my8FwMhiOJlM4Gbtb45i71RqjW2M6u9USPlvC2LPVElJbM1uu1WoRW60WsdgQh6bT4XPd6yUvm9PusHtcPr_ZZNf43X6x6_i6PN9ip83l1pyeZ5df9HLZHT6XW-e0nN1Cv-fwND3MTuvL5Jb4LQ636OVwSxxms-etMft9Pqfd59ac_m6Hx-iW-31v3d9yebpMdgAAAAB4AFiCb4H4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAoMO7UAIDiKGC_0e7yBwDAgwIIAIAABgnAAF9rCYCFbPMJAAAAAAAAAADL____fwzAXsWWDIDGYEgPwIMPwANRAWkRIwAAAIDc6k3To0mdUFlUAQAQpFsBXAEABPiNd1NHhgEAAAiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEo4ce0IAYUe7VfQACAtV9AAAA2dQMAeBOACzqCVgwGqzOg5WazWc0OAAAA4O7___9fD0RcloVvMpp5bB7jYmJZjgwb38hm2Zh2y4Vz4rFtj4SraT3Yrymp72Tsbo1j7lZrjG6N6exWS_hsCWPPVktIbc1suVarRWy1WsSi34QtRqvJZLMczpaLyWA4Go5G-xPI4QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFi5tvYJrvRWjUyDdaiyWrkVm5sjrVyYZmYLCbPcLOauUWvj-k4czknvuEWBQPk9iK4SCd6t89zep2cfs9b8rI57Q67x-Xzm00WsURzskgnssu-4rIsfJPRzGPzGBcTy3Jk2PhGNsvGtFsunBOPbd-Y-Ta2yW60Vo1Mg7Voshq5lRubY61cWCYmi8kz3KxmbtHrYzrOXM6Jb7hvzEaj1WAw2k32jdlotBoMRrvJvkNn-K4-Z6O5em54bNrQudqtzswHhctg8f4kpsW0OzuYTr6j0-UVJos6o-_6PXoNCs_Bo_r4ps-Mbdyw1nrPheNgUMQSwekinYhextNFLJE8LdKJcuNyWFY2i2E5Ms0Gu-FgNFwYZoblyLDxLGfLwUQsUZou0ole7Dq-Ls-32GlzuTWn59nlF71cdofP5dY5LWe30O85PE0Ps9P6MrklfovDLXo53BKH2ex5a8x-n89p97k1p7_b4TG65X7fW_e3XJ4uk0X9x4cYruaSxWauWK3mitlslQAAAAAAAAAAljBn3gQAAADgNJDJcDVZLRcA4tZeFxgEAAAAAABg2E56_H7ddTb7-3XX2ezvd-xujWPuVmuMbo3p7FZL-GwJY89WS0htzWy5VqtFbLVaxOL3a57dYuSxjdyCiW_hFm0GK7fCt1yuZSuPYbKbrCa2mXPfL7H4_ZLL8zX9Df9-YzYarQaD0W6xY4x3-zyn18np97wlL5vT7rB7XD6_2WRlgAfMeebNnglirVbLGgAAQAAbAAAggFs3bwHnVRwAAECAHA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:9a2f:8341:7f9b:9de Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 7CCC
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1d1df53a-8a77-11ec-8f9a-180e33a50406&orig=video&us_privacy=1---gdpr=1&
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1d1df53a-8a77-11ec-8f9a-180e33a50406&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7VgkCFgPmq1iO469BoATmq1iO469BoAUAAAAGBuIHG7UZrFakFYW12SyWq-VstFgtl5PhZDIcDEGjNoPVirSisDabxXK1nG0my8FwMhiOJlM4Gbtb45i71RqjW2M6u9USPlvC2LPVElJbM1uu1WoRW60WsdgQh6bT4XPd6yUvm9PusHtcPr_ZZNf43X6x6_i6PN9ip83l1pyeZ5df9HLZHT6XW-e0nN1Cv-fwND3MTuvL5Jb4LQ636OVwSxxms-etMft9Pqfd59ac_m6Hx-iW-31v3d9yebpMdgAAAAB4AFiCb4H4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAoMO7UAIDiKGC_0e7yBwDAgwIIAIAABgnAAF9rCYCFbPMJAAAAAAAAAADL____fwzAXsWWDIDGYEgPwIMPwANRAWkRIwAAAIDc6k3To0mdUFlUAQAQpFsBXAEABPiNd1NHhgEAAAiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEo4ce0IAYUe7VfQACAtV9AAAA2dQMAeBOACzqCVgwGqzOg5WazWc0OAAAA4O7___9fD0RcloVvMpp5bB7jYmJZjgwb38hm2Zh2y4Vz4rFtj4SraT3Yrymp72Tsbo1j7lZrjG6N6exWS_hsCWPPVktIbc1suVarRWy1WsSi34QtRqvJZLMczpaLyWA4Go5G-xPI4QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFi5tvYJrvRWjUyDdaiyWrkVm5sjrVyYZmYLCbPcLOauUWvj-k4czknvuEWBQPk9iK4SCd6t89zep2cfs9b8rI57Q67x-Xzm00WsURzskgnssu-4rIsfJPRzGPzGBcTy3Jk2PhGNsvGtFsunBOPbd-Y-Ta2yW60Vo1Mg7Voshq5lRubY61cWCYmi8kz3KxmbtHrYzrOXM6Jb7hvzEaj1WAw2k32jdlotBoMRrvJvkNn-K4-Z6O5em54bNrQudqtzswHhctg8f4kpsW0OzuYTr6j0-UVJos6o-_6PXoNCs_Bo_r4ps-Mbdyw1nrPheNgUMQSwekinYhextNFLJE8LdKJcuNyWFY2i2E5Ms0Gu-FgNFwYZoblyLDxLGfLwUQsUZou0ole7Dq-Ls-32GlzuTWn59nlF71cdofP5dY5LWe30O85PE0Ps9P6MrklfovDLXo53BKH2ex5a8x-n89p97k1p7_b4TG65X7fW_e3XJ4uk0X9x4cYruaSxWauWK3mitlslQAAAAAAAAAAljBn3gQAAADgNJDJcDVZLRcA4tZeFxgEAAAAAABg2E56_H7ddTb7-3XX2ezvd-xujWPuVmuMbo3p7FZL-GwJY89WS0htzWy5VqtFbLVaxOL3a57dYuSxjdyCiW_hFm0GK7fCt1yuZSuPYbKbrCa2mXPfL7H4_ZLL8zX9Df9-YzYarQaD0W6xY4x3-zyn18np97wlL5vT7rB7XD6_2WRlgAfMeebNnglirVbLGgAAQAAbAAAggFs3bwHnVRwAAECAHA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13708

Redirect headers

Date
Thu, 10 Feb 2022 13:41:13 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1d1df53a-8a77-11ec-8f9a-180e33a50406&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
47
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 7CCC 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7VgkCFgPmq1iO469BoATmq1iO469BoAUAAAAGBuIHG7UZrFakFYW12SyWq-VstFgtl5PhZDIcDEGjNoPVirSisDabxXK1nG0my8FwMhiOJlM4Gbtb45i71RqjW2M6u9USPlvC2LPVElJbM1uu1WoRW60WsdgQh6bT4XPd6yUvm9PusHtcPr_ZZNf43X6x6_i6PN9ip83l1pyeZ5df9HLZHT6XW-e0nN1Cv-fwND3MTuvL5Jb4LQ636OVwSxxms-etMft9Pqfd59ac_m6Hx-iW-31v3d9yebpMdgAAAAB4AFiCb4H4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAoMO7UAIDiKGC_0e7yBwDAgwIIAIAABgnAAF9rCYCFbPMJAAAAAAAAAADL____fwzAXsWWDIDGYEgPwIMPwANRAWkRIwAAAIDc6k3To0mdUFlUAQAQpFsBXAEABPiNd1NHhgEAAAiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEo4ce0IAYUe7VfQACAtV9AAAA2dQMAeBOACzqCVgwGqzOg5WazWc0OAAAA4O7___9fD0RcloVvMpp5bB7jYmJZjgwb38hm2Zh2y4Vz4rFtj4SraT3Yrymp72Tsbo1j7lZrjG6N6exWS_hsCWPPVktIbc1suVarRWy1WsSi34QtRqvJZLMczpaLyWA4Go5G-xPI4QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFi5tvYJrvRWjUyDdaiyWrkVm5sjrVyYZmYLCbPcLOauUWvj-k4czknvuEWBQPk9iK4SCd6t89zep2cfs9b8rI57Q67x-Xzm00WsURzskgnssu-4rIsfJPRzGPzGBcTy3Jk2PhGNsvGtFsunBOPbd-Y-Ta2yW60Vo1Mg7Voshq5lRubY61cWCYmi8kz3KxmbtHrYzrOXM6Jb7hvzEaj1WAw2k32jdlotBoMRrvJvkNn-K4-Z6O5em54bNrQudqtzswHhctg8f4kpsW0OzuYTr6j0-UVJos6o-_6PXoNCs_Bo_r4ps-Mbdyw1nrPheNgUMQSwekinYhextNFLJE8LdKJcuNyWFY2i2E5Ms0Gu-FgNFwYZoblyLDxLGfLwUQsUZou0ole7Dq-Ls-32GlzuTWn59nlF71cdofP5dY5LWe30O85PE0Ps9P6MrklfovDLXo53BKH2ex5a8x-n89p97k1p7_b4TG65X7fW_e3XJ4uk0X9x4cYruaSxWauWK3mitlslQAAAAAAAAAAljBn3gQAAADgNJDJcDVZLRcA4tZeFxgEAAAAAABg2E56_H7ddTb7-3XX2ezvd-xujWPuVmuMbo3p7FZL-GwJY89WS0htzWy5VqtFbLVaxOL3a57dYuSxjdyCiW_hFm0GK7fCt1yuZSuPYbKbrCa2mXPfL7H4_ZLL8zX9Df9-YzYarQaD0W6xY4x3-zyn18np97wlL5vT7rB7XD6_2WRlgAfMeebNnglirVbLGgAAQAAbAAAggFs3bwHnVRwAAECAHA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.142.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-142-161.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 13:41:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 7CCC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58534/occ
  • https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-xlu7G5VE2uHMhWVx0N_5dLVna0vF3RV2CQJq_HU-~A
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-xlu7G5VE2uHMhWVx0N_5dLVna0vF3RV2CQJq_HU-~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7VgkCFgPmq1iO469BoATmq1iO469BoAUAAAAGBuIHG7UZrFakFYW12SyWq-VstFgtl5PhZDIcDEGjNoPVirSisDabxXK1nG0my8FwMhiOJlM4Gbtb45i71RqjW2M6u9USPlvC2LPVElJbM1uu1WoRW60WsdgQh6bT4XPd6yUvm9PusHtcPr_ZZNf43X6x6_i6PN9ip83l1pyeZ5df9HLZHT6XW-e0nN1Cv-fwND3MTuvL5Jb4LQ636OVwSxxms-etMft9Pqfd59ac_m6Hx-iW-31v3d9yebpMdgAAAAB4AFiCb4H4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAoMO7UAIDiKGC_0e7yBwDAgwIIAIAABgnAAF9rCYCFbPMJAAAAAAAAAADL____fwzAXsWWDIDGYEgPwIMPwANRAWkRIwAAAIDc6k3To0mdUFlUAQAQpFsBXAEABPiNd1NHhgEAAAiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEo4ce0IAYUe7VfQACAtV9AAAA2dQMAeBOACzqCVgwGqzOg5WazWc0OAAAA4O7___9fD0RcloVvMpp5bB7jYmJZjgwb38hm2Zh2y4Vz4rFtj4SraT3Yrymp72Tsbo1j7lZrjG6N6exWS_hsCWPPVktIbc1suVarRWy1WsSi34QtRqvJZLMczpaLyWA4Go5G-xPI4QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFi5tvYJrvRWjUyDdaiyWrkVm5sjrVyYZmYLCbPcLOauUWvj-k4czknvuEWBQPk9iK4SCd6t89zep2cfs9b8rI57Q67x-Xzm00WsURzskgnssu-4rIsfJPRzGPzGBcTy3Jk2PhGNsvGtFsunBOPbd-Y-Ta2yW60Vo1Mg7Voshq5lRubY61cWCYmi8kz3KxmbtHrYzrOXM6Jb7hvzEaj1WAw2k32jdlotBoMRrvJvkNn-K4-Z6O5em54bNrQudqtzswHhctg8f4kpsW0OzuYTr6j0-UVJos6o-_6PXoNCs_Bo_r4ps-Mbdyw1nrPheNgUMQSwekinYhextNFLJE8LdKJcuNyWFY2i2E5Ms0Gu-FgNFwYZoblyLDxLGfLwUQsUZou0ole7Dq-Ls-32GlzuTWn59nlF71cdofP5dY5LWe30O85PE0Ps9P6MrklfovDLXo53BKH2ex5a8x-n89p97k1p7_b4TG65X7fW_e3XJ4uk0X9x4cYruaSxWauWK3mitlslQAAAAAAAAAAljBn3gQAAADgNJDJcDVZLRcA4tZeFxgEAAAAAABg2E56_H7ddTb7-3XX2ezvd-xujWPuVmuMbo3p7FZL-GwJY89WS0htzWy5VqtFbLVaxOL3a57dYuSxjdyCiW_hFm0GK7fCt1yuZSuPYbKbrCa2mXPfL7H4_ZLL8zX9Df9-YzYarQaD0W6xY4x3-zyn18np97wlL5vT7rB7XD6_2WRlgAfMeebNnglirVbLGgAAQAAbAAAggFs3bwHnVRwAAECAHA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13690

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-xlu7G5VE2uHMhWVx0N_5dLVna0vF3RV2CQJq_HU-~A
date
Thu, 10 Feb 2022 13:41:13 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
external-players-manager.js
vidstat.taboola.com/external-players-manager/3.0.0/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/external-players-manager/3.0.0/external-players-manager.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.5.5/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ae47b7003ee7b66b76e53a63ba32dba1ebc0d0379bab7e8b24cba5ac6ceab6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront), 1.1 varnish
age
654729
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
5132
x-served-by
cache-hhn4042-HHN
last-modified
Tue, 23 Nov 2021 10:19:31 GMT
server
AmazonS3
x-timer
S1644500474.798114,VS0,VE0
etag
"281102991bbf5226e1d65d16926b2caf"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
ekx75bT14hh-Kpi1YHjrDzrEbpEiCv3bRLHziNTfRJDBFHhGLnEYPA==
x-cache-hits
13451
generate_204
tpc.googlesyndication.com/ Frame 8488 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?SR0DFg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
usync.html
eus.rubiconproject.com/ Frame CD02
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8066395&crid=4976685&dast=V7VgkCFgPmq1iO469BoATmq1iO469BoAUAAAAGBuIHG7UZrFakFYW12SyWq-VstFgtl5PhZDIcDEGjNoPVirSisDabxXK1nG0my8FwMhiOJlM4Gbtb45i71RqjW2M6u9USPlvC2LPVElJbM1uu1WoRW60WsdgQh6bT4XPd6yUvm9PusHtcPr_ZZNf43X6x6_i6PN9ip83l1pyeZ5df9HLZHT6XW-e0nN1Cv-fwND3MTuvL5Jb4LQ636OVwSxxms-etMft9Pqfd59ac_m6Hx-iW-31v3d9yebpMdgAAAAB4AFiCb4H4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAoMO7UAIDiKGC_0e7yBwDAgwIIAIAABgnAAF9rCYCFbPMJAAAAAAAAAADL____fwzAXsWWDIDGYEgPwIMPwANRAWkRIwAAAIDc6k3To0mdUFlUAQAQpFsBXAEABPiNd1NHhgEAAAiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEo4ce0IAYUe7VfQACAtV9AAAA2dQMAeBOACzqCVgwGqzOg5WazWc0OAAAA4O7___9fD0RcloVvMpp5bB7jYmJZjgwb38hm2Zh2y4Vz4rFtj4SraT3Yrymp72Tsbo1j7lZrjG6N6exWS_hsCWPPVktIbc1suVarRWy1WsSi34QtRqvJZLMczpaLyWA4Go5G-xPI4QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFi5tvYJrvRWjUyDdaiyWrkVm5sjrVyYZmYLCbPcLOauUWvj-k4czknvuEWBQPk9iK4SCd6t89zep2cfs9b8rI57Q67x-Xzm00WsURzskgnssu-4rIsfJPRzGPzGBcTy3Jk2PhGNsvGtFsunBOPbd-Y-Ta2yW60Vo1Mg7Voshq5lRubY61cWCYmi8kz3KxmbtHrYzrOXM6Jb7hvzEaj1WAw2k32jdlotBoMRrvJvkNn-K4-Z6O5em54bNrQudqtzswHhctg8f4kpsW0OzuYTr6j0-UVJos6o-_6PXoNCs_Bo_r4ps-Mbdyw1nrPheNgUMQSwekinYhextNFLJE8LdKJcuNyWFY2i2E5Ms0Gu-FgNFwYZoblyLDxLGfLwUQsUZou0ole7Dq-Ls-32GlzuTWn59nlF71cdofP5dY5LWe30O85PE0Ps9P6MrklfovDLXo53BKH2ex5a8x-n89p97k1p7_b4TG65X7fW_e3XJ4uk0X9x4cYruaSxWauWK3mitlslQAAAAAAAAAAljBn3gQAAADgNJDJcDVZLRcA4tZeFxgEAAAAAABg2E56_H7ddTb7-3XX2ezvd-xujWPuVmuMbo3p7FZL-GwJY89WS0htzWy5VqtFbLVaxOL3a57dYuSxjdyCiW_hFm0GK7fCt1yuZSuPYbKbrCa2mXPfL7H4_ZLL8zX9Df9-YzYarQaD0W6xY4x3-zyn18np97wlL5vT7rB7XD6_2WRlgAfMeebNnglirVbLGgAAQAAbAAAggFs3bwHnVRwAAECAHA!&cmcv=&pix=undefined&cb=1644500473399&uv=3119&tms=1644500473399&abt=adh5c-1_vA!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!mprdctdt6_vA!pblc_vE!smbs!spa2_vA!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=5305E4EB5331959641599282280&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 10 Feb 2022 13:41:13 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
date
Thu, 10 Feb 2022 13:41:13 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
vwpts.js
static.vidazoo.com/basev/ 		185 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/vwpts.js
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7a2 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93b6af29c5e05a12b43632d6287214a3fe302d429a8f674a7e1e8aefe1027f8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:14 GMT
content-encoding
gzip
x-amz-request-id
TAJRCFG30AG5FKH1
content-length
46644
x-amz-id-2
5qkntPftSp2/5cYeG3RB78RHEk31yHbcZGdm8+YX/3861T4nwrXgRD68xZg+OLNRgDt2AoAa6LM=
last-modified
Sun, 20 Jun 2021 08:37:44 GMT
server
AmazonS3
etag
"6a52cb8e90c53c72c659d6344c978dbd"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
max-age=64762
accept-ranges
bytes
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Fri, 11 Feb 2022 07:40:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020301&jk=2785550943752486&bg=!Y2ClYCTNAAbS3PJy0tw7ACkAdvg8WgbZQ-k8EKwleehkxNIsQIPiaCe9ZdHkJvF8Tc4cGCtml9lRTgIAAAEoUgAAAAJoAQcKALZpqlu0DKfCtM_t20vn3Savv26jopvO6m27SMP6A_7jRnkxvgLgVe4LEx6Gub9kEuuYYa5Mxa_MRgq4O_MAv8HNVflnoGBSo0YsgjG-s4o22V7hz-JXxcvOWHqb0-wULWt_sNkTH0kutFg_XvqZmZQZ1W6_5Hrsu-oOVxS8DsJwlMTxt2VuLC8sekRnHMeO5kAlGjB21ZBbnCfsNn-iU3CL5Idq7b8ohGV4yMnVCftvZh9249HmuZkCe6Muq-58YEIvkMN_q62s-8BsZ7UO-0fAJFb0LsLb2wQvm-yntYDjw6ElBFr7heGzZVas85zTv6odeFw0LJnnwL5BH11aT4i1VBpu6Wf0nfx9gO6mSAfXkJqfwEB1YGzftb0bLR6tH7XDMo4Zv7frDHqJGVMvZft-jTAgQDRtSPX-Pm1_VgcJsgiL75T0CbBjyPWl4WKzSHD4lsaLAstkpU3DkYIwu8x-uSJQUV2KtHG1K5y2JQOqRSH_Y0PhsNsLym68O_I8E0Pp7NfOBZOVy-I0jOjs_YW_3oyT40LmCb7KUjaRo8a_T5nOYKNDgDqqvsTE1hyNlW9OQA5j9zYEhDjP-TejiGVxqOjUTHPpb4SIbeHTCL6GFp-KaZrrXTCHYriVSmY_nRMVPu-S1G7n1b0aJ_nYNQjbWbCjI11uYQXvwUruOEEKbWoGPuwwIR-eeBGsghJeDG92gBTuEGfa1akX6mbOvg9htYY4BTC_BNszuJ-DzTtREDuLksrvusd3I5Ub755FDELtj4BHn6C9xwr6yF1NhCd2w-zXnSZxx91qrZVJc8mWyQe95s9Z05-sNF5nEqSut3ZdCpxTiEGtV45nIXxj0kElgKk6t8E2TMlvOFz6gtw00jEF1RwbEjFNjT1a3U8WwcVDhEbNDGBFFhRthKbSY5sFhFhRqbZVdxz8aR5VVE1AXJ4kSeCp3ZeuoqGXsuhlddtSAn7dhBajEtLIKS3K5M95wdYs8YJqV1Ca-CvN7pLhccJUaGAesKyOeGATsRJlwIsUE1MDeDm9MwQ6_FidvxsjFahmBEFh9c8UwUfAbFOfCjosKhIEoH2-bbyTgtNUSWuU2Nn6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 13:41:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame CD02 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7aa3de3cbeaac194729834621c09a127dfba2d7fc731a0807e81219a6f69b079

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 13:41:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27251
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Thu, 10 Feb 2022 21:15:24 GMT
khaos.jpg
token.rubiconproject.com/ Frame CD02 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/jpg
sync.php
pixel.rubiconproject.com/exchange/ Frame CD02 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif
bulk
trc.taboola.com/omgstudios-refinancegold/log/3/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/omgstudios-refinancegold/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=13
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://refinancegold.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
14
pragma
no-cache
date
Thu, 10 Feb 2022 13:41:14 GMT
via
1.1 varnish
server
nginx
x-timer
S1644500474.022984,VS0,VE14
x-served-by
cache-hhn4042-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://refinancegold.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
23229
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
yeuhtSaIHTRzn5Sb/BhoRbmorY6jlIGKTN3jBjNJ2gjscig6jQv3GZOmCUvDSqzUCzHWH69H00k=
x-served-by
cache-hhn4042-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1644500474.097355,VS0,VE0
date
Thu, 10 Feb 2022 13:41:14 GMT
x-amz-request-id
DM4PBFJ9QH08DD7N
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
45
x-cache-hits
9763
extend
bisdr.vidazoo.com/event/ 		0
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bisdr.vidazoo.com/event/extend
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.221.46 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://refinancegold.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 10 Feb 2022 13:41:14 GMT
Server
nginx
Access-Control-Allow-Headers
*
Content-Length
0
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
extend
bisdr.vidazoo.com/event/ 		0
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bisdr.vidazoo.com/event/extend
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.221.46 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://refinancegold.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 10 Feb 2022 13:41:14 GMT
Server
nginx
Access-Control-Allow-Headers
*
Content-Length
0
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vptm.js
static.vidazoo.com/basev/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/vptm.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7a2 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3cc00dba6427450ca398d496b6d4d5ae385c893d1470754f1fba733c2a54d04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:14 GMT
content-encoding
gzip
x-amz-request-id
JWM8D1K9FKEX47QZ
content-length
10371
x-amz-id-2
nyqIIxXpJ7RhiUVEjaY7QwNn+ObG53qV5QIMJPM+0DpzNLa6S9IBP2n8lU6xyoa1OecY7uncXx8=
last-modified
Wed, 21 Apr 2021 09:37:00 GMT
server
AmazonS3
etag
"21a2c9567e39057710d15b53f8cc270a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
max-age=17783
accept-ranges
bytes
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Thu, 10 Feb 2022 18:37:37 GMT
5f75c0622bf8460004da7166
wserversa1.vidazoo.com/api/ 		33 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wserversa1.vidazoo.com/api/5f75c0622bf8460004da7166?userId=551424a21b1b1f08006fb6f9&loadFrequentlyTime=60000&parallel=true&unique=false&allowFrame=false&vdzwLocalCache=true&paralle=true&ready=onScriptReady&parse=true&cdn=static.vidazoo.com&url=https%253A%252F%252Frefinancegold.com%252Fluxury-life-style%252Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&screenSize=1600x1200&innerSize=481x271&outerSize=1600x900&layout=infinity&referrer=undefined&scrollHeight=6057&maxTouchPoints=0&encodeCms=true&vwptVersion=1.0.1
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.220.52 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d4e5a87b0e7c72196b5479154265612e54c91153629cc5a22bf4432eceaae60c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 13:41:14 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://refinancegold.com
Cache-Control
max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
Content-Length
14699
5f75c0622bf8460004da7166
wserversa1.vidazoo.com/api/ 		33 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wserversa1.vidazoo.com/api/5f75c0622bf8460004da7166?userId=551424a21b1b1f08006fb6f9&loadFrequentlyTime=60000&parallel=true&unique=false&allowFrame=false&vdzwLocalCache=true&userGdpr=1&consentStr=&usPrivacy=1---&schain=%257B%2522ver%2522%253A%25221.0%2522%252C%2522complete%2522%253A1%252C%2522nodes%2522%253A%255B%257B%2522asi%2522%253A%2522taboola.com%2522%252C%2522sid%2522%253A%25221095670%2522%252C%2522rid%2522%253A%2522777569952%2522%252C%2522hp%2522%253A1%257D%255D%257D&ready=onScriptReady&parse=true&cdn=static.vidazoo.com&url=https%253A%252F%252Frefinancegold.com%252Fluxury-life-style%252Fteenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried&screenSize=1600x1200&innerSize=481x271&outerSize=1600x900&layout=gallery&referrer=undefined&scrollHeight=6057&maxTouchPoints=0&encodeCms=true&vwptVersion=1.0.1
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.220.52 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e6debe55d88f60f310b3ae5b6c55c812dacb61f6166413f740dd75c26006d276

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 13:41:14 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://refinancegold.com
Cache-Control
max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
Content-Length
14672
sbt.js
static.vidazoo.com/basev/1.0.660/ 		611 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/1.0.660/sbt.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7a2 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0784e3e7d817e5b0ab6f6349b2377d0d570d1492806fe1143d2061ec78bcc74c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:14 GMT
content-encoding
gzip
x-amz-request-id
V9FMMH7P59P3S4V7
content-length
131495
x-amz-id-2
3Vc8g4MbniU8QKh0y9Reelcl+USX5+OWPH/PEEpoL9AfAqLlkKum9dxccZsXbUqMlS0Y7ijc3Hw=
last-modified
Wed, 09 Feb 2022 13:44:28 GMT
server
AmazonS3
etag
"e4859d72aa9c6f1d3486756fa300a367"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
max-age=78108
accept-ranges
bytes
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Fri, 11 Feb 2022 11:23:02 GMT
5f75c0622bf8460004da7166.min.js
static.vidazoo.com/basev/wgt/dynamic/5f75c0622bf8460004da7166/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/wgt/dynamic/5f75c0622bf8460004da7166/5f75c0622bf8460004da7166.min.js?jsonp=__vdzw_5f75c0622bf8460004da7166_gruA_jsonp_
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7a2 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3005fecc32bdffce7a7fd3ec7f938b29ca875aad4abb92ac6eecb4b3a983f9e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:14 GMT
content-encoding
gzip
x-amz-request-id
7ED467EF69D63365
content-length
2210
x-amz-id-2
XiSgAAqaF29Z8x6YslDB/LY/7trj98qTLL8d3Gj2x/PhYY9SSrE2MZcAZZxA3eVa4T/P4p2YzNg=
last-modified
Sun, 21 Feb 2021 20:22:52 GMT
server
AmazonS3
etag
"0c6b9f7a2a172673cb2a5c16df133e17"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
max-age=20609
accept-ranges
bytes
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Thu, 10 Feb 2022 19:24:43 GMT
stdlibs.js
static.vidazoo.com/basev/ 		60 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/stdlibs.js?jsonp=__vidazoo_stdlib_5f75c0622bf8460004da7166__
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7a2 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ed7fb4a1903f0cab8f9ef87be2815bc39ca73088f7dd1642039793c789524ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:14 GMT
content-encoding
gzip
x-amz-request-id
TAJGJY50MKHDBJXE
content-length
17401
x-amz-id-2
lNn06KfP8+3q3kWTU0cxmKKSufQBvgQUNcE7X3stLs3+Qekc2N/sj0ywfCmtkCTCGfn2yEDdTrE=
last-modified
Sun, 20 Jun 2021 08:37:43 GMT
server
AmazonS3
etag
"f43cee36f40af9f9b56a16dd27f8f253"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
max-age=64584
accept-ranges
bytes
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Fri, 11 Feb 2022 07:37:38 GMT
5f75c0622bf8460004da7166.min.js
static.vidazoo.com/basev/wgt/dynamic/5f75c0622bf8460004da7166/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/wgt/dynamic/5f75c0622bf8460004da7166/5f75c0622bf8460004da7166.min.js?jsonp=__vdzw_5f75c0622bf8460004da7166_5Oox_jsonp_
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7a2 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3005fecc32bdffce7a7fd3ec7f938b29ca875aad4abb92ac6eecb4b3a983f9e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:14 GMT
content-encoding
gzip
x-amz-request-id
7ED467EF69D63365
content-length
2210
x-amz-id-2
XiSgAAqaF29Z8x6YslDB/LY/7trj98qTLL8d3Gj2x/PhYY9SSrE2MZcAZZxA3eVa4T/P4p2YzNg=
last-modified
Sun, 21 Feb 2021 20:22:52 GMT
server
AmazonS3
etag
"0c6b9f7a2a172673cb2a5c16df133e17"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
max-age=20609
accept-ranges
bytes
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Thu, 10 Feb 2022 19:24:43 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
3032
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
d2c+S+ILbil9YoWV0pdRt5sw8P0XC/NhHYbhmL4aRwQla6EAzDzo1EmADmZOYSNh2V3J9hbip1I=
x-served-by
cache-hhn4042-HHN
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1644500475.943902,VS0,VE0
date
Thu, 10 Feb 2022 13:41:14 GMT
vary
Accept-Encoding
x-amz-request-id
6CY1FG8Q11T7G8KE
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
45
x-cache-hits
4274
eid.js
cdn.taboola.com/scripts/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding
gzip
etag
"f7917ed1eb799a729725a7db50d1f828"
age
15914
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5258
x-amz-id-2
Rhh0WCO+nH/zCfz3jMuRc6c0XnxbSs+HWO0GK9r2x4mf5YFhPlfQqTSv3iCD1wQHcZnxVg9CFQU=
x-served-by
cache-hhn4042-HHN
last-modified
Tue, 28 Dec 2021 08:10:40 GMT
server
AmazonS3
x-timer
S1644500475.944086,VS0,VE0
date
Thu, 10 Feb 2022 13:41:14 GMT
vary
Accept-Encoding
x-amz-request-id
4QYNQ0077R21PYSA
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
45
x-cache-hits
27987
/
pips.taboola.com/ 		4 B
123 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:14 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-hhn4075-HHN
access-control-allow-methods
GET
access-control-allow-origin
https://refinancegold.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=1f7c6274-5d40-425d-9cf1-9a2bdbd3835f-tuct8fe9b78
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 10 Feb 2022 13:41:15 GMT
Cache-Control
no-store
Server
nginx
Connection
close
milkshake_default.js
static.vidazoo.com/basev/skins/milkshake_default/1.0.2/ 		56 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/skins/milkshake_default/1.0.2/milkshake_default.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.660/sbt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7a2 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66d171eac3ab5190b2f57fd70164aa357235d5847524d456fb2881edcf6918de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:15 GMT
content-encoding
gzip
x-amz-request-id
C43F73CACE27653E
content-length
14096
x-amz-id-2
KeKRxsLVamMQJ9jDCp0S91CiX8v4BlAbtEBck6TPy/ZV2Rnyki/60gZGDlf/Z6dd6kxAzbIzXa8=
last-modified
Wed, 14 Oct 2020 16:09:30 GMT
server
AmazonS3
etag
"f3ba5fdd5187cff25f1556546b5915b7"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
max-age=27503
accept-ranges
bytes
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Thu, 10 Feb 2022 21:19:38 GMT
blank.mp4
static.vidazoo.com/basev/ 		891 B
2 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/blank.mp4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7a2 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c957adaf4326a8636ad68fc78acb194b96b34bbeba09daf6b36c74975ac37d21

Request headers

Referer
https://refinancegold.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 10 Feb 2022 13:41:15 GMT
x-amz-request-id
CDEFACD382F06CDC
Content-Range
bytes 0-890/891
Content-Length
891
x-amz-id-2
gWTxCwV5N+L4aja6ziU9GmefqnvaqFFVb1ZJjtBBbrTHaGQaerKzKlJjRVEfy0pS8fnclauDM9M=
last-modified
Mon, 06 Apr 2020 12:07:11 GMT
server
AmazonS3
etag
"86ec3fbb73842f6c776555cfb7f1950d"
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
max-age=20362
accept-ranges
bytes
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Thu, 10 Feb 2022 19:20:37 GMT
5f75bf50a23bf100042b55b5.jpg
inventory.vidazoo.com/5f75bdb18707cf0004d69509/5f75bf50a23bf100042b55b5/ 		889 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inventory.vidazoo.com/5f75bdb18707cf0004d69509/5f75bf50a23bf100042b55b5/5f75bf50a23bf100042b55b5.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7a1 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b8f7a10014da0162ae21ce5bb95cc25913a802f616cec6cbe1276e87892bfa4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:15 GMT
last-modified
Thu, 01 Oct 2020 11:37:47 GMT
server
AmazonS3
x-amz-request-id
89F2928225B10B19
etag
"4c9f09d9adacb2d7185f55c84b129432"
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=20335
accept-ranges
bytes
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
content-length
889
x-amz-id-2
L0Js33V60gTo3RImev4mziyk2/zICxS3atzo5kIiF1enlwHM0CNud9qSyP1B+6cnUrxamtc/Rmo=
expires
Thu, 10 Feb 2022 19:20:10 GMT
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e38335b8da3a11b4a278e7572f99a3990da81b9764b7526bd7b69ec0c6a57c84

Request headers

Referer
Origin
https://refinancegold.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
prebid.js
static.vidazoo.com/basev/1.0.660/prebid/ Frame 8596 		630 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/1.0.660/prebid/prebid.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.660/sbt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7a2 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a31a0048fca1e5e746eb79126c3522fc8bc55d520f61421ab28764c3c1c9337

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:15 GMT
content-encoding
gzip
x-amz-request-id
NBF7Y92QWENDZ3SC
content-length
189694
x-amz-id-2
j7hxOOB0h5dpnsyTGr+ZW0BV5RqBzvsxxqI69SoQP7j98RUVaFUFZDwVsUlbFdv4xAw3bIdNZKs=
last-modified
Wed, 09 Feb 2022 13:44:28 GMT
server
AmazonS3
etag
"11418c3f5b20c07b22ca674825a81242"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
max-age=78161
accept-ranges
bytes
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Fri, 11 Feb 2022 11:23:56 GMT
aggregate
bisdr.vidazoo.com/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bisdr.vidazoo.com/aggregate?_=1644500475270
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.660/sbt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.221.46 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://refinancegold.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 10 Feb 2022 13:41:15 GMT
Server
nginx
Content-Type
text/plain
Access-Control-Allow-Headers
*
Content-Length
0
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
OpportunityServlet
am-vid-events.taboola.com/ 		1 B
121 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_1_9/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://refinancegold.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://refinancegold.com
date
Thu, 10 Feb 2022 13:41:18 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=481&height=270&pubid=169497&tagid=953497&crid=4976685&noaop=5&sortOrderType=0&cb=1644500478775&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1355&pt=-662140631&tz=0&viewable=true&ddast=V7VgkCFgPmq1iO469BoATmq1iO469BoAUAAAAGBuIHG7UZrFakFYW12SyWq-VstFgtl5PhZDIcDEGjNoPVirSisDabxXK1nG0my8FwMhiOJlM4Gbtb45i71RqjW2M6u9USPlvC2LPVElJbM1uu1WoRW60WsdgQh6bT4XPd6yUvm9PusHtcPr_ZZNf43X6x6_i6PN9ip83l1pyeZ5df9HLZHT6XW-e0nN1Cv-fwND3MTuvL5Jb4LQ636OVwSxxms-etMft9Pqfd59ac_m6Hx-iW-31v3d9yebpMdgAAAAB4AFiCb4H4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAoMO7UAIDiKGC_0e7yBwDAgwIIAIAABgnAAF9rCYCFbPMJAAAAAAAAAADL____fwzAXsWWDIDGYEgPwIMPwANRAWkRIwAAAIDc6k3To0mdUFlUAQAQpFsBXAEABPiNd1NHhgEAAAiMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCEo4ce0IAYUe7VfQACAtV9AAAA2dQMAeBOACzqCVgwGqzOg5WazWc0OAAAA4O7___9fD0RcloVvMpp5bB7jYmJZjgwb38hm2Zh2y4Vz4rFtj4SraT3Yrymp72Tsbo1j7lZrjG6N6exWS_hsCWPPVktIbc1suVarRWy1WsSi34QtRqvJZLMczpaLyWA4Go5G-xPI4QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFi5tvYJrvRWjUyDdaiyWrkVm5sjrVyYZmYLCbPcLOauUWvj-k4czknvuEWBQPk9iK4SCd6t89zep2cfs9b8rI57Q67x-Xzm00WsURzskgnssu-4rIsfJPRzGPzGBcTy3Jk2PhGNsvGtFsunBOPbd-Y-Ta2yW60Vo1Mg7Voshq5lRubY61cWCYmi8kz3KxmbtHrYzrOXM6Jb7hvzEaj1WAw2k32jdlotBoMRrvJvkNn-K4-Z6O5em54bNrQudqtzswHhctg8f4kpsW0OzuYTr6j0-UVJos6o-_6PXoNCs_Bo_r4ps-Mbdyw1nrPheNgUMQSwekinYhextNFLJE8LdKJcuNyWFY2i2E5Ms0Gu-FgNFwYZoblyLDxLGfLwUQsUZou0ole7Dq-Ls-32GlzuTWn59nlF71cdofP5dY5LWe30O85PE0Ps9P6MrklfovDLXo53BKH2ex5a8x-n89p97k1p7_b4TG65X7fW_e3XJ4uk0X9x4cYruaSxWauWK3mitlslQAAAAAAAAAAljBn3gQAAADgNJDJcDVZLRcA4tZeFxgEAAAAAABg2E56_H7ddTb7-3XX2ezvd-xujWPuVmuMbo3p7FZL-GwJY89WS0htzWy5VqtFbLVaxOL3a57dYuSxjdyCiW_hFm0GK7fCt1yuZSuPYbKbrCa2mXPfL7H4_ZLL8zX9Df9-YzYarQaD0W6xY4x3-zyn18np97wlL5vT7rB7XD6_2WRlgAfMeebNnglirVbLGgAAQAAbAAAggFs3bwHnVRwAAECAHA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1487565&dpubid=228525&abtst=adh5c-1_vA!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!mprdctdt6_vA!pblc_vE!smbs!spa2_vA!t45!t45!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Frefinancegold.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.5.5/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6eb5bb5158e2bd639b52325d569fdf6f71f87769b6e9d67151d46f11e469801f

Request headers

Referer
https://refinancegold.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 10 Feb 2022 13:41:19 GMT
content-encoding
gzip
access-control-allow-origin
https://refinancegold.com
machineid
1469
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4042-HHN
pragma
no-cache
server
nginx
x-timer
S1644500479.781178,VS0,VE240
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
9906c8a0d96f8ba81c66f52b015afb43.png
cdn.taboola.com/libtrc/static/thumbnails/ 		618 KB
619 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/9906c8a0d96f8ba81c66f52b015afb43.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9584f5bd7b51708daf97a03046b474694c868e920a5047463a98c3889c586de4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
xg.x7SLAELCYUKkj1m7UNbAZUHMhJyZh
via
1.1 varnish
etag
"c5f0ca61851a818bf03999793a19009c"
age
175
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
632849
x-amz-id-2
6dF5hMBuyZjU9H8VaUyU9PpIuMZAayrr3VGSYaRpHqDM1/9zGWk2hN2njr5BeY8anA9nYlO4jWQ=
x-served-by
cache-hhn4042-HHN
last-modified
Fri, 27 Aug 2021 10:51:06 GMT
server
AmazonS3
x-timer
S1644500479.046197,VS0,VE2
date
Thu, 10 Feb 2022 13:41:19 GMT
x-amz-request-id
W6507R26QABYM4MD
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
45
x-cache-hits
1
tbp
15.taboola.com/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback5
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a7c20976bb04ef6e0a02acd3cfacde830442230b525864250ab74b113453794f

Request headers

Referer
https://refinancegold.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Feb 2022 13:41:19 GMT
content-encoding
gzip
access-control-allow-origin
https://refinancegold.com
machineid
1424
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4042-HHN
pragma
no-cache
server
nginx
x-timer
S1644500479.046876,VS0,VE24
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
89b0cdb807051aefd6c92260e0d9867a.jpeg
cdn.taboola.com/libtrc/static/thumbnails/ 		267 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/89b0cdb807051aefd6c92260e0d9867a.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19c95241da04bdb340817796e0d57952a6c00c5a69ef9cf752a2eb16f6aaf395

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
mxN9UD7xpqoJzaiPH22aVOYgz.4UfjMo
via
1.1 varnish
etag
"d8c8b8c02c42bc315c65aff0ef00fbec"
age
116
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
273776
x-amz-id-2
ojr54+n5momqjgYdZ2z7NitrGJ0NWfo3QurpMmE5Y60THvptz64hsceB3M2+Hx4RJlc4kpRfZTA=
x-served-by
cache-hhn4042-HHN
last-modified
Thu, 13 Jan 2022 07:36:27 GMT
server
AmazonS3
x-timer
S1644500479.046935,VS0,VE2
date
Thu, 10 Feb 2022 13:41:19 GMT
x-amz-request-id
S8G0A7YX2S5K1CAA
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
abp
45
x-cache-hits
1
027f07e04f3a032733ddb0b1696cc31a.jpg
cdn.taboola.com/libtrc/static/thumbnails/ 		528 KB
529 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/027f07e04f3a032733ddb0b1696cc31a.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb6a3eed349395864a8975b51270650f0fdf16db39e04318a8a00284f3a72290

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
C0jId9EJlvbJUBW3_pTheymS6Wtuexlc
via
1.1 varnish
etag
"d42409e4b43980b54074639932e150cf"
age
0
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
541082
x-amz-id-2
GOrTH/usBfyrPW5V75LG518wxAL6PzFd46hUtfOBG4DGbvQStd8A+q//C2Jg9W2UyDSGM4GfH84=
x-served-by
cache-hhn4042-HHN
last-modified
Mon, 07 Feb 2022 12:37:25 GMT
server
AmazonS3
x-timer
S1644500479.047100,VS0,VE101
date
Thu, 10 Feb 2022 13:41:19 GMT
x-amz-request-id
KG3HQVD2JSKNTMZW
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
abp
45
x-cache-hits
1
tbp
15.taboola.com/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback6
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f3ec08680b11c8e7e62e3f58f6de8850ada5e7b39d5a50f0dcd134b1014e0600

Request headers

Referer
https://refinancegold.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Feb 2022 13:41:19 GMT
content-encoding
gzip
access-control-allow-origin
https://refinancegold.com
machineid
1414
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4042-HHN
pragma
no-cache
server
nginx
x-timer
S1644500479.049042,VS0,VE18
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
3b35c7d8b8442cc5db116628e7988f34.png
cdn.taboola.com/libtrc/static/thumbnails/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/3b35c7d8b8442cc5db116628e7988f34.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e2f0b1f4d6ed1ed3a0918cdd43a258b235cb05bd1a5875c2b334bdf9c062824

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
33woUHKexKQE6AnaGIB5KxXz_11d8bVy
via
1.1 varnish
etag
"964644810790ab634208da095a538a46"
age
15
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1256575
x-amz-id-2
WfONEBjJTbUofvpXiAn12uOqY4AWRB2a759h9jQtg9quc4TdQD7D1ktXORcFuhmk3OcmddCkuT8=
x-served-by
cache-hhn4042-HHN
last-modified
Wed, 14 Jul 2021 10:27:16 GMT
server
AmazonS3
x-timer
S1644500479.049110,VS0,VE2
date
Thu, 10 Feb 2022 13:41:19 GMT
x-amz-request-id
53QF9WMDBMP0K5SJ
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
45
x-cache-hits
1
7a195214717e77641aaf024e1eb139bf.jpg
cdn.taboola.com/libtrc/static/thumbnails/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/7a195214717e77641aaf024e1eb139bf.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a810cd88e69dff1b9a110d459a08d67ccccf528367578a95a039fb5d329281f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
.DELAcZrzqqMxgC2tUMpfj3T5JVY8iWX
via
1.1 varnish
etag
"340d129001ceffee95a2c844726edb97"
age
112
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
79675
x-amz-id-2
uQuIXvDJjBGcnOCd4eQHN91nf/H0x+Z9E35Z3GWGnuuK/DwtqepOYovQGLXHVBUvM4buOE8DU/E=
x-served-by
cache-hhn4042-HHN
last-modified
Mon, 11 Oct 2021 19:05:46 GMT
server
AmazonS3
x-timer
S1644500479.049440,VS0,VE1
date
Thu, 10 Feb 2022 13:41:19 GMT
x-amz-request-id
HSGM7354F1KX7C94
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
abp
45
x-cache-hits
1
513d2f0a7c0b395806e7f7bb8d1b820e.png
cdn.taboola.com/libtrc/static/thumbnails/ 		870 KB
871 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/513d2f0a7c0b395806e7f7bb8d1b820e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93278eaf4de30fef550048be5a947995230229af06c1e0a42c914bc275a0e919

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
4QFqztOwrtiIDHH3UYQasrMoyI.o6CE7
via
1.1 varnish
etag
"25b45710b39ba53349b481901a84ca79"
age
11807
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
891120
x-amz-id-2
woWBDn7fHsvt34HH9G4FcOTr16YYSuqTrFDXqfFTGjqzJarGPeZjeDfcBM2260PmuMNyQLuFBfc=
x-served-by
cache-hhn4042-HHN
last-modified
Mon, 29 Nov 2021 11:07:54 GMT
server
AmazonS3
x-timer
S1644500479.049450,VS0,VE2
date
Thu, 10 Feb 2022 13:41:19 GMT
x-amz-request-id
F15QXNFQ8S2FN0Q9
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
45
x-cache-hits
1
75ee705ab4fa6ee67626c451e4461e0d.jpg
cdn.taboola.com/libtrc/static/thumbnails/ 		741 KB
742 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/75ee705ab4fa6ee67626c451e4461e0d.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6884beffbeb4ca2d4cd08ed27c4e8962764a4aa89094213ee4d3127cbb2199d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
tFJFuLGqBNMTOOhRJLsSe3tTNE_ZnIIp
via
1.1 varnish
etag
"b83853070c0182dfe88a8db6a402263e"
age
2938
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
759064
x-amz-id-2
aCCVPtSwV4OrBOHCNqZnClx/jQI4TUPz0ZfVpfEqZSRzklJAi2LcK/sh7ravtbXEZqoeeBCr/Z1iz5Zumh4KvQ==
x-served-by
cache-hhn4042-HHN
last-modified
Mon, 07 Feb 2022 17:53:14 GMT
server
AmazonS3
x-timer
S1644500479.049455,VS0,VE6
date
Thu, 10 Feb 2022 13:41:19 GMT
x-amz-request-id
TECCYFBA07FSB6C6
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
abp
45
x-cache-hits
1
2bbc292f2dca78cb15a2a555c827aeb6.jpg
cdn.taboola.com/libtrc/static/thumbnails/ 		137 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/2bbc292f2dca78cb15a2a555c827aeb6.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
mzIvqLsReoI.fAV0c1oENqj6HzQG.Bes
via
1.1 varnish
etag
"a967204e7a72de34db52b0ceeff0a1be"
age
0
x-cache
MISS
x-amz-replication-status
COMPLETED
content-length
140729
x-amz-id-2
XpXMI2Hxe0kpOaxXswrMHwIBdhyW+v5bJoP2t3wXlZ6xx7TG010oXtrbw8cpuffIFLRRP24L/C0=
x-served-by
cache-hhn4042-HHN
last-modified
Tue, 28 Dec 2021 10:18:15 GMT
server
AmazonS3
x-timer
S1644500479.050734,VS0,VE332
date
Thu, 10 Feb 2022 13:41:19 GMT
x-amz-request-id
390ERW5PSZS8PEHE
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
abp
45
x-cache-hits
0
Ali-MacGraw.jpg
refinancegold.com/wp-content/uploads/2018/05/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2018/05/Ali-MacGraw.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f3cc43ee4366176b4fc1bae428729787c4f7aedc7bd41f6fb13215c365b802a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:19 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=90268
content-disposition
inline; filename="Ali-MacGraw.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
84272
last-modified
Thu, 13 Jun 2019 11:15:29 GMT
server
cloudflare
etag
"5d023051-1609c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUH6GSa8d9cLMpFsmSHf0yFfd7DgQ1spFdJ%2FIUwBg2mcCyGB7yEOlfQUj8QvDugE%2Fzj5BgBL3gJHJMPh7%2Fn6XbhSA%2F9cPkEJtY2b3ybpDFcV8i2AUtfGA1UprnxK0BxhG4HFfSVijGPH4OcJKWrH"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:51:19 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c11a1ab3910c-FRA
cf-bgj
imgq:85,h2pri
1-1.jpg
refinancegold.com/wp-content/uploads/2019/07/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2019/07/1-1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f86294c6a574519df6e9a633cb757fe721cece155ed0d2f0556ed7492ec4d45d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=56611
content-disposition
inline; filename="1-1.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51728
last-modified
Tue, 16 Jul 2019 05:56:09 GMT
server
cloudflare
etag
"5d2d66f9-dd23"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kADre%2Bg6bwaYCje506TbwylhxqMd54DYrrCSba5u6hRTG9GalllleTN2ryYpQxicS4AS6zgog0AP%2B71jj4gEsc42ATu2Pl7J2eDb56s%2FPJKKPL7sN4gsDiOsGMiJkCj0PfDQ4BJgfbjs4ZW8CEOl"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:44:03 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c11a1aba910c-FRA
cf-bgj
imgq:85,h2pri
2-10.jpg
refinancegold.com/wp-content/uploads/2018/03/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2018/03/2-10.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
679a4d74c91d37058764933792a378fa49110716914f40e4988b8a69a2923c1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=420603
content-disposition
inline; filename="2-10.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
53834
last-modified
Wed, 01 Jul 2020 08:44:34 GMT
server
cloudflare
etag
"5efc4cf2-66afb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MFxk66USl%2BCaIkxPp4mI5D3%2F%2BsPMA0WOJFN%2F%2Buw4Oi8t7BvUg7lgK40ctfkC76Mm9yyXHolTJli4D5OkbaQBH55DKGzJnKNg2nJkw6aQxDKZyAvL0IUiStyK%2ByfV8MYjMvli5VKaKqf1gYGVbol"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:49:08 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c11a1abd910c-FRA
cf-bgj
imgq:85,h2pri
Eddie-Fisher.jpg
refinancegold.com/wp-content/uploads/2018/03/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2018/03/Eddie-Fisher.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04fd3b29b75ab7eb27ab2bb0c53e69b0947e3ce95ef43a559804454aacb3ff9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=76211
content-disposition
inline; filename="Eddie-Fisher.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
67280
last-modified
Thu, 13 Jun 2019 11:19:08 GMT
server
cloudflare
etag
"5d02312c-129b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAaPqm9BjnKhpfhThBUfCwPgFytOzQOVbOeQmw7PiqoU%2F%2FIudVU1cPiip3ZwPCRZ%2BR6ATWL5bK45dgdO30eZwgZo%2BkjNzW%2FWY6PS2EX8hX67LVoAYnVKGTqk7%2BlKKuW%2BhTu%2BqEEQHRiXvO7VzSUp"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:48:44 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c11a1ac0910c-FRA
cf-bgj
imgq:85,h2pri
01.jpg
refinancegold.com/wp-content/uploads/2019/05/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refinancegold.com/wp-content/uploads/2019/05/01.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81df33b8ec3364e1fc2779f7a668888a7d3efadd5b1c5628932e10dd32db77bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:19 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=78571
content-disposition
inline; filename="01.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
67228
last-modified
Thu, 13 Jun 2019 11:10:44 GMT
server
cloudflare
etag
"5d022f34-132eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02DYwhHQN7KYriliwUVbz%2FsoP0nDWdfIEyuBIinQWq9%2BzmsHkd1YHnURs2J0cTGMvDsHKlpZAXTjrmrIdSQ2CmsyZqflhLS5aamerCZYBFSR06IcuQg5KCvZnegOC8T5xy%2Fw3EQ1r61a9IiC7NxZ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 10 Feb 2022 13:51:19 GMT
cache-control
max-age=600, public
accept-ranges
bytes
cf-ray
6db5c11a1ac4910c-FRA
cf-bgj
imgq:85,h2pri
creative_js.js
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:19 GMT
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront), 1.1 varnish
age
4146090
x-amz-meta-mtime
1580720676
x-cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1580720957
x-amz-meta-mode
33188
content-encoding
gzip
content-length
1904
x-served-by
cache-hhn4042-HHN
last-modified
Mon, 03 Feb 2020 09:09:18 GMT
server
AmazonS3
x-timer
S1644500479.109266,VS0,VE0
etag
"d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
weURnwUwOHgFt6bTo3Iz_wVjW8GmAzFabBY2qdh0wOmhvZi_Ab2wtQ==
x-cache-hits
795872
st
imprammp.taboola.com/ Frame 8C98 		0
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=D98CA950535023729118539830&cicmp=1337627&cijs=1&dast=V7MJACFgNp71jlBvbagQRp71jlBvbagQUAAAAGBugHG8QcbhjM1WC1WQ0mm91kuFjudsPdZDRaTsFgC5_T3d0GDTSdDp_rXi952Zx2h93j8vnNJrvG7_bLAQAAAOABgKglGmLHt6E9AgAAAECCZ-RagSKg4t9C4AIAAAAAA4BALFwDAIqjgP1Gu8sfAAAPCiAAAAIYJAACiYUlAA53iycAAAAHdTJP2yz_____MQB5700yABRpGzcGPQAPPgAPQgAAAB9DeBVGulx0acFEBZBFjAAAAAByqzdNjyZ1QmVR9f___28FcAUAEOA33s2elXVzUswaBgAAADC2QA-L32922DV-t8v-_________83-zwDQhKCEH9OCGFDs1XhGrhXWfgEBANjeDQDgTQAu5gDsAAAAAO7-____8wAAAE72KNleq_HsUdb7DLbwOd3d9ZuwxWg1mWyWw9lyMRkMR8PRaH8CORzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiJMLEarxczkWQsni91aNLFt1hLjcLFWGVeOyXI1mG0ms7Xo9TEdZy7nxLec4sF8XM597cHHhxiu5pLFZq5YreaK2WyVAAAAAAAAAACWMGXeBAAAAOA0iNlsstutuPFmzwSxVqtlDQAAAMCtGzk!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/

Response headers

server
nginx
accept-ranges
bytes
date
Thu, 10 Feb 2022 13:41:19 GMT
via
1.1 varnish
x-served-by
cache-hhn4042-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1644500479.119264,VS0,VE10
content-length
0
cmTagCUSTOM.js
vidstat.taboola.com/vpaid/units/30_3_6010/infra/ 		604 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f11884de40899d47234c1cf86074c4e1daf2adf2b83ecff07996dba83044fa47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:19 GMT
via
1.1 varnish
age
1648860
x-amz-meta-mtime
1637665336
x-cache
HIT
x-amz-meta-ctime
1637665337
x-amz-meta-mode
33188
content-encoding
br
content-length
114684
x-amz-id-2
0nGhQyYL6JJMNrNtgN9DZ54Xe47FlcMytbRNYowkLHISIE+ayuuCG0l+V0ZSZ+siOhY7wKkivBg=
x-served-by
cache-hhn4042-HHN
accept-ranges
bytes
last-modified
Tue, 23 Nov 2021 11:02:18 GMT
server
AmazonS3-br
x-timer
S1644500479.119347,VS0,VE0
etag
"c85616763ae0c5c14b78b36594bb92db"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
1BJTM91JQABF5B1D
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
189834
cmOsUnit.css
vidstat.taboola.com/vpaid/units/30_3_6010/assets/css/ 		61 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/30_3_6010/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
e811e414f4376d969d84db459974e258fbea5cb9aaa9fc90049c18946eb2a6e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 13:41:19 GMT
via
1.1 varnish
age
1649695
x-amz-meta-mtime
1637665346
x-cache
HIT
x-amz-meta-ctime
1637665346
x-amz-meta-mode
33188
content-encoding
br
content-length
8011
x-amz-id-2
DorYSe3tYgOl1kHh+s4QSJZ4EV7e6QatR1h0Kst7losPnxWoI5OXRUDbs44/HPvWpI9TzqPsi28=
x-served-by
cache-hhn4042-HHN
accept-ranges
bytes
last-modified
Tue, 23 Nov 2021 11:02:27 GMT
server
AmazonS3-br
x-timer
S1644500479.119492,VS0,VE0
etag
"35d592e602402e62e13fc963c20298fc"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
QF5WB9J15028EQTS
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
178356
st
imprammp.taboola.com/ Frame 42C8 		0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=38A4EAB73B356512481301518731&cicmp=1337627&cijs=1&dast=V7N2oCFgNp71jlBvbagQRp71jlBvbagQUAAAAGBugHHDNckFYMCm8z4axmq8VktJssRqPdaLYYbaZgsIXP6e5ugwaaTofPda-XvGxOu8Pucfn8ZpNd43f75QAAAADwAEDUEg2x49vQHgEAAAAgwTNyrUARUPFvIXABAAAAgAFAIBauAQDFUcB-o93lDwCABwUQAAABDBIAgcTCEgCHu8UTAACAgzqZp22W_____xiAvPcmGQCKtI0bgx6ABx-AByEAAICPoUyDnrAKdN9NogLDIkYAAAAAudWbpkeTOqGyqPr___-3ArgCAAjwG-9mp8q6OSlmDQMAAAAYW6CHxe83O-wav9tl__________9m_2cAaEJQwo9pQQwo9mo8I9cKa7-AAABs7wYA8CYAF3MAdgAAAAB3_____3kAAAA9e5Rsr9V49ijrfQZb-Jzu7vpN2GK0mkw2y-FsuZgMhqPhaLQ_gRwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0RJhaj1WJm8qyFk8VuLZrYNmuJcbhYq4wrx2S5Gsw2k9la9PqYjjOXc-JbTvFgPi7nvvbg40MMV3PJYjNXrFZzxWy2SgAAAAAAAAAAS5gybwIAAABwGsRsNtntVtx4s2eCWKvVsgYAAADg1o0c!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: refinancegold.com
URL: https://refinancegold.com/luxury-life-style/teenage-girl-hospitalized-boba-tea-balls-clogging-stomach-now-worried
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/

Response headers

server
nginx
accept-ranges
bytes
date
Thu, 10 Feb 2022 13:41:19 GMT
via
1.1 varnish
x-served-by
cache-hhn4042-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1644500479.121289,VS0,VE10
content-length
0
d39b2129-5db9-467c-8fe8-f3c69e3f0d11
https://refinancegold.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://refinancegold.com/d39b2129-5db9-467c-8fe8-f3c69e3f0d11
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
333d75c6-626a-4b70-9324-99c155e1a936
https://refinancegold.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://refinancegold.com/333d75c6-626a-4b70-9324-99c155e1a936
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
3b35c7d8b8442cc5db116628e7988f34.png
cdn.taboola.com/libtrc/static/thumbnails/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/3b35c7d8b8442cc5db116628e7988f34.png
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e2f0b1f4d6ed1ed3a0918cdd43a258b235cb05bd1a5875c2b334bdf9c062824

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
33woUHKexKQE6AnaGIB5KxXz_11d8bVy
via
1.1 varnish
etag
"964644810790ab634208da095a538a46"
age
15
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1256575
x-amz-id-2
WfONEBjJTbUofvpXiAn12uOqY4AWRB2a759h9jQtg9quc4TdQD7D1ktXORcFuhmk3OcmddCkuT8=
x-served-by
cache-hhn4042-HHN
last-modified
Wed, 14 Jul 2021 10:27:16 GMT
server
AmazonS3
x-timer
S1644500479.271441,VS0,VE0
date
Thu, 10 Feb 2022 13:41:19 GMT
x-amz-request-id
53QF9WMDBMP0K5SJ
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
45
x-cache-hits
2
89b0cdb807051aefd6c92260e0d9867a.jpeg
cdn.taboola.com/libtrc/static/thumbnails/ 		267 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/89b0cdb807051aefd6c92260e0d9867a.jpeg
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19c95241da04bdb340817796e0d57952a6c00c5a69ef9cf752a2eb16f6aaf395

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refinancegold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
mxN9UD7xpqoJzaiPH22aVOYgz.4UfjMo
via
1.1 varnish
etag
"d8c8b8c02c42bc315c65aff0ef00fbec"
age
116
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
273776
x-amz-id-2
ojr54+n5momqjgYdZ2z7NitrGJ0NWfo3QurpMmE5Y60THvptz64hsceB3M2+Hx4RJlc4kpRfZTA=
x-served-by
cache-hhn4042-HHN
last-modified
Thu, 13 Jan 2022 07:36:27 GMT
server
AmazonS3
x-timer
S1644500479.277474,VS0,VE0
date
Thu, 10 Feb 2022 13:41:19 GMT
x-amz-request-id
S8G0A7YX2S5K1CAA
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
abp
45
x-cache-hits
2
op9jrpvd6so63qdaahct.mp4
cdn.taboola.com/libtrc/static/video/v1634648368/ 		88 KB
88 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1634648368/op9jrpvd6so63qdaahct.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c9152a0157f06e7af13f18766e0774c01a093b5e2194360ed5d18760ef431e7

Request headers

Referer
https://refinancegold.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
xKpCuSr6TrYWoJ8TEdDSoOGgtfGLYe4T
via
1.1 varnish
etag
"19a9fab8b54310d154b752b9f93ba940"
age
98
x-cache
HIT
Content-Range
bytes 0-89641/89642
x-amz-replication-status
COMPLETED
Content-Length
89642
x-amz-id-2
8qnlvDdtLFz3rwiGejwHjXHIw3l4tT5KmAz6WiaBcLEgJ8o7sgKmaHogh/3jiH1K5YrzrF2REcQ=
x-served-by
cache-hhn4042-HHN
last-modified
Tue, 19 Oct 2021 12:59:34 GMT
server
AmazonS3
x-timer
S1644500479.283843,VS0,VE1
date
Thu, 10 Feb 2022 13:41:19 GMT
x-amz-request-id
JHRG75GZEB67J7V4
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
45
x-cache-hits
0
mvvgetnjuyfdhmcejca4.mp4
cdn.taboola.com/libtrc/static/video/v1641975373/ 		709 KB
710 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1641975373/mvvgetnjuyfdhmcejca4.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://refinancegold.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
7PdW5fBRtgLlSv0buyJJ4KpH8ai4MK4Z
via
1.1 varnish
etag
"c543adb0d4eaa7db8cdf2e5075880e49"
age
101
x-cache
HIT
Content-Range
bytes 0-726491/726492
x-amz-replication-status
COMPLETED
Content-Length
726492
x-amz-id-2
5Us3SaXig4oODblIP4+5CZfTlhVcRJemLWtFWcV4BrL6eWLkIje9WvKkaEG2OZdbmTNzUTqFe7Y=
x-served-by
cache-hhn4042-HHN
last-modified
Wed, 12 Jan 2022 08:16:20 GMT
server
AmazonS3
x-timer
S1644500479.285230,VS0,VE1
date
Thu, 10 Feb 2022 13:41:19 GMT
x-amz-request-id
PR5ATRN9KS8Q276E
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
45
x-cache-hits
0

Verdicts & Comments Add Verdict or Comment

305 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 function| structuredClone object| omg_ads object| _wpemojiSettings function| advanced_ads_ready undefined| $ function| jQuery object| advads object| advanced_ads_responsive number| advanced_ads_resizetimeout number| advanced_ads_cookieexpires number| advanced_ads_browser_width function| advanced_ads_resize_window function| advanced_ads_save_width function| advads_resize_delay function| advanced_ads_get_browser_width function| set_cookie function| getCookie function| build_ab_test object| advanced_ads_pro_ajax_object object| advanced_ads_pro object| advads_pro_utils object| Advads_passive_cb_Conditions object| advanced_ads_group_refresh function| Advads_passive_cb_Placement function| Advads_passive_cb_Ad function| Advads_passive_cb_Group function| postscribe function| htmlParser object| advadsCfpQueue number| advadsCfpExpHours number| advadsCfpClickLimit string| advadsCfpPath string| advadsCfpDomain function| advadsCfpAd number| numpages number| pagenumber object| settings object| a0_0x433e function| a0_0x3d7e object| params string| user_key object| dataLayer function| vidazooCpm object| googletag object| regeneratorRuntime object| pbjs object| apstag string| advanced_ads_ga_UID boolean| advanced_ads_ga_anonymIP function| advanced_ads_check_adblocker object| addComment object| _wpcf7 object| advanced_ads_sticky_settings function| advanced_ads_sticky_check_position_fixed string| cok_val object| exp_title object| exp_content string| exp_id function| display_winner object| NiceScroll object| wp object| advads_placement_tests object| advads_passive_ads object| advads_passive_groups object| advads_passive_placements object| advads_ajax_queries object| advads_has_ads object| __CF$cv$params object| jQuery1124008113112479293805 object| advadsProCfp object| _taboola object| adsElements boolean| apstagLOADED object| google_tag_manager object| TRC object| _tblConsole undefined| msg object| _comscore object| __bt_tag_d object| __bt_intrnl boolean| __bt_already_invoked function| pbjsChunk object| _pbjsGlobals object| mnet object| ggeac object| google_js_reporting_queue function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id string| prop function| udm_ object| ns_p object| COMSCORE object| google_tag_data string| GoogleAnalyticsObject function| ga undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| gaplugins object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| __tcfapi function| __uspapi object| ampInaboxIframes object| ampInaboxPendingMessages object| _qevents function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| __tcfapiui function| BezierClass number| a object| placementData object| GoogleGcLKhOms string| nam object| cmTag object| scCGSHMRCache function| webpackHotUpdate function| startCMTagMain object| _cm_wfCounters string| lastWfUrl string| category function| shuffle object| arrToUse object| travel object| news object| mobilecontent1 object| mobilecontent1_new object| travelmuted object| movietrailersHD object| movietrailersHDmuted object| widescreen object| movietrailerslight object| landscapeHD object| landscapeHDmuted object| blank object| blankblack object| blankblack7 object| blankblack5 object| blankblack_mob object| blankwhiteHDmpg object| blankblack10 object| blankwhite object| blankwhiteHD object| black_loader object| lightweight object| lightweight_single object| lightweight300600 object| bonnier object| home object| lipstick object| shoes object| art object| infiltrator object| glass object| lemurs object| NBAshoes object| Sunglasses object| Hummus object| Short_food object| Short_swim object| Euro_news object| Automoto_TV object| Uzoo object| SmartDuvet object| Tiger object| Chocolate object| Logan object| Jacket object| Bike object| Kanye object| Cancun object| Smartwatch object| Helicopter object| dogshampoo object| icetea object| charger object| blueysmoothie object| ShortContent object| carbsandwich object| pisatower object| Food1 object| Food2 object| Food3 object| Food4 object| Food5 object| Food6 object| Food7 object| Fashion object| Lifestyle1 object| Lifestyle2 object| Technology1 object| Technology2 object| Technology3 object| Entertainment object| Scrambledeggs object| Spinach object| Bub1 object| Pokemon object| style_hacks object| Motorcycle object| IceCracking object| Manatees object| Daiving object| Fishing_Lure object| Shark object| HundredsManatees object| TigerShark object| MandelaPrize object| Bertram35 object| bushfire object| Snow object| Delta object| Wheels object| Yellowfin object| Grip object| Kawasaki object| Yoga object| Cat object| Chickens object| RZR object| bitcoin object| bmw object| wombat object| koala object| Marsupial object| puppy object| bitcoinMuted object| bmwMuted object| Wallabies object| Bunny object| Pumpkins object| Dogs_Stress object| Dogs_Stress_image object| lightweight300600_short object| playlist string| vpaidId function| OvaMediaPlayer function| onScriptReady object| google_image_requests object| v_0x564b function| v_0x28f1 object| _vdzwgt_ object| vdz function| ownKeys function| _objectSpread function| _slicedToArray function| _nonIterableRest function| _unsupportedIterableToArray function| _arrayLikeToArray function| _iterableToArrayLimit function| _arrayWithHoles function| _defineProperty function| webpackJsonpbw0ph11vhhli function| setImmediate function| clearImmediate object| __vidazooPlayer__ object| vidazoo object| v_0x439b function| v_0x2d0f

34 Cookies

Domain/Path Name / Value
refinancegold.com/luxury-life-style Name: ab_experiment
Value: 28
refinancegold.com/ Name: IsEurope
Value: Yes
refinancegold.com/ Name: Ucountry
Value: DE
refinancegold.com/ Name: advanced_ads_browser_width
Value: 1600
refinancegold.com/ Name: fs_campaign
Value: %7B%22utm_source%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_medium%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22utm_term%22%3A%22%22%2C%22org_source%22%3A%22%22%7D
refinancegold.com/ Name: sessionVal
Value: 47
refinancegold.com/ Name: tb_push__test
Value: active
refinancegold.com/ Name: cn__test
Value: c1n
refinancegold.com/ Name: cmpoct__test
Value: cmpagg
refinancegold.com/ Name: pbtol__test
Value: pb3900
refinancegold.com/ Name: ch__test
Value: ctl
refinancegold.com/ Name: amztam__test
Value: high
refinancegold.com/ Name: BO__test
Value: B1O
refinancegold.com/ Name: user_groups
Value: no_match
refinancegold.com/ Name: cg
Value: e30%3D
refinancegold.com/ Name: cpc_event_sent
Value: 1
refinancegold.com/ Name: sessionUUID
Value: b81910a4-cc70-4b65-9f45-9adfa6ff807a
refinancegold.com/ Name: sessionTimestamp-null
Value: 1644500471
.refinancegold.com/ Name: __cf_bm
Value: WBqUJMrGaq8VU_vYEIYpIVQ_odetYRAKPEaHmnGL_mw-1644500471-0-AdecUSs/BtMrksVkvPKhUZPL5Hj9Gn0FtJNBZnomBuFepKJXu6NdAiwR5qqt6RzbUTllNbA58DOAGqsI/jqlObMl3FgEC5SZ3vSbAGekS5CLWq+LphDrlUGYTs0hw7sr2w==
.scorecardresearch.com/ Name: UID
Value: 11C85b77d27b3d636274ca71644500472
.refinancegold.com/ Name: _gcl_au
Value: 1.1.1779077260.1644500472
refinancegold.com/ Name: pixel_fired_
Value: 1644500472189
.refinancegold.com/ Name: _ga
Value: GA1.2.2117191649.1644500472
.refinancegold.com/ Name: _gid
Value: GA1.2.929710620.1644500472
.refinancegold.com/ Name: _gat_gtag_UA_162150449_1
Value: 1
.refinancegold.com/ Name: __gads
Value: ID=cc606d60050158f3-224caf4b3ccd007b:T=1644500472:S=ALNI_MaX2fF7OZQ_CHgYRlh7Y5LvResVxQ
.doubleclick.net/ Name: IDE
Value: AHWqTUl5F5x6TmcxLT9Ov5pG1duIm6D_TZVAQtoRtPGmouGBOHoJVV2BjPb29PksgGE
refinancegold.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D1f7c6274-5d40-425d-9cf1-9a2bdbd3835f-tuct8fe9b78
.quantserve.com/ Name: d
Value: EFoBDQG0Jbn8kwA
.quantserve.com/ Name: mc
Value: 620515f9-7ff42-51a3a-12953
.taboola.com/ Name: t_gid
Value: 11451fd3-8217-4b63-b881-e8e129506326-tuct8fe9b79
.spotxchange.com/ Name: audience
Value: 1d1df53a-8a77-11ec-8f9a-180e33a50406
.yahoo.com/ Name: A3
Value: d=AQABBPkVBWICEBhtFSBkT85p57qfJ8qvoDEFEgEBAQFnBmIOYgAAAAAA_eMAAA&S=AQAAAkU2LPsFOrhpGloHvRMAvSY
.analytics.yahoo.com/ Name: IDSYNC
Value: 195y~235p

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
98ecca07078037d40793578d91284b17.safeframe.googlesyndication.com
ad-delivery.net
ad.doubleclick.net
adservice.google.com
adservice.google.de
am-match.taboola.com
am-vid-events.taboola.com
api.btloader.com
audit-tcfv2.quantcast.mgr.consensu.org
bisdr.vidazoo.com
btloader.com
c.amazon-adsystem.com
cdn.taboola.com
cds.taboola.com
cms.quantserve.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.taboola.com
imprammp.taboola.com
inventory.vidazoo.com
match.adsrvr.org
mrb.upapi.net
netdna.bootstrapcdn.com
pagead2.googlesyndication.com
pips.taboola.com
pixel.rubiconproject.com
quantcast.mgr.consensu.org
refinancegold.com
rules.quantcount.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.vidazoo.com
sync-t1.taboola.com
sync.search.spotxchange.com
sync.taboola.com
taboola-supply-partners.tremorhub.com
test.quantcast.mgr.consensu.org
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
trk.profitor.com
ups.analytics.yahoo.com
vidstat.taboola.com
wf.taboola.com
wserversa1.vidazoo.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
13.32.99.105
130.211.23.194
134.209.221.46
141.226.224.32
141.226.228.48
142.250.181.226
142.250.184.226
142.250.74.198
15.197.193.217
151.101.1.44
151.101.193.44
157.230.220.52
18.156.0.31
18.195.142.161
185.94.180.126
23.37.42.132
23.79.143.124
2600:1f18:612b:4200:9a2f:8341:7f9b:9de
2600:9000:225d:7600:9:46dc:4700:93a1
2600:9000:225e:3200:3:a4cd:8380:93a1
2600:9000:2315:6c00:6:44e3:f8c0:93a1
2606:4700:20::681a:78b
2606:4700:20::ac43:4513
2606:4700:20::ac43:464d
2606:4700:20::ac43:4802
2606:4700::6812:bcf
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1450:4001:801::2002
2a00:1450:4001:808::2001
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2004
2a00:1450:4001:831::2008
2a03:5f80:a::b212:e7a1
2a03:5f80:a::b212:e7a2
3.70.102.167
52.0.49.135
52.222.210.175
69.173.144.165
04c92da639b83f3954de1481055274f4dc6891364297dec15c0050a2e5c6dc13
057dbd3f0bcfa9b23000d30f3360d1dfe60a1ac970dd81a8a724131600b5a344
05ed7424c6f3c3d2aec5dfe7fa92e5f617afe58a01666c1c584d342a8b57a0e7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0784e3e7d817e5b0ab6f6349b2377d0d570d1492806fe1143d2061ec78bcc74c
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
0b8f7a10014da0162ae21ce5bb95cc25913a802f616cec6cbe1276e87892bfa4
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0be9211b41f489aa09762ea85360380e77c912c46a3ffb53a58f5b02ac7f3236
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0fc4119707275d9baa26949bee0f7b404c9bdaa81542c9bd465bddb1fe6f45de
120ff362af44e4d2257f81ca571b596caffa4c8aa68f214a4cdae0a2338d407a
182c6449ab3c711cdceece663f9a65c75f65b6137fb0e38a5581f1216c8da29b
187c8af628c9ca69d44762a1df5c3f41bd2fb741b11201b3d1c3ef5ce84c6192
19402e76616ff18ec8182bf839fe4271507b0038588e4d51d20126440f100cdb
19c95241da04bdb340817796e0d57952a6c00c5a69ef9cf752a2eb16f6aaf395
1a31a0048fca1e5e746eb79126c3522fc8bc55d520f61421ab28764c3c1c9337
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
1f3cc43ee4366176b4fc1bae428729787c4f7aedc7bd41f6fb13215c365b802a
1f6b712be72df9f2667186c7786093498dc8f924cceb9c5199d8981edb4d48e1
20e460bb7b4adb017e216b3eb9f419687014ce7eb8aae022f3dfc333aa02516d
25db276f514822906922fbfedd6557c9418afbf1d9d51d69c4f9dacd722a4baa
2753e0e038c24b88e3153cd4d3b06d63d964b20babda1c60655dc234999e3d82
2b03554cc1a00a1538184d608decf92cc122b8377bd6080ad92f9aba273c0710
2d247fc2f8aed1c05c0973e8d5a0bfd9b08a3175af85f1b50c99536ee81d3c39
2f7a6adfb2f4b02d205597d8ad96aa05bf4270632d43e81df6c8e56385a12f01
3005fecc32bdffce7a7fd3ec7f938b29ca875aad4abb92ac6eecb4b3a983f9e6
329c449ba1129a531b0a8fe41e82729efcb3069507a549f9b9ebc23645de5659
3a8fc8f4c655dc90976df1e9468777a2091842aae6d1eccb3f5cf5ef4a68566b
3b850b5f71a170e618493679f8994bdd376ed18f5a2d57f3127df1a911776649
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3ec79a18c63bd2ed41948b7a6216790adb95fd28e1738e01f81b8f8d35442446
3ed7fb4a1903f0cab8f9ef87be2815bc39ca73088f7dd1642039793c789524ba
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40a1977ad68585c2b2fdc265842ca215eaef9467ef4da186d08acc5dd023371f
439e045c378c7d54667caaf7101d85ddc4b292dd9a7517ee301f065874ee6c22
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4632873c3450cce9db388b030d144e33d3f7e3b8175aaf837008f2cb20acf670
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49e597ca5ae080fe66075e6c7511e0890130973ed45c3c6b94b5d58c48a82bf1
4c5c321ce68ecff97486f9007394261921f053eba300549f701e785365dc862d
519d9c9330d40554134cf461fce2b4e7e3037317599aeb3bff683f500a656733
53b8a0abb2811d9c8571c147fe2cde461bd4fef533cdcfdece26478161ad697d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
551a4a808579c7378031adf0db69216f283b918c1ad8121a2537aea2de752975
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
575ab71dae401859fe7ddea238d466f62c5c994f7394c26cb8b69c45f06305a9
5841eb6d1895c740317d98a4cd9e5aeced865f5c50182647401afc3d303367e1
584c87f4d3c4456eea6e4ca2343ad9a20df70080281c917f615652a3770d5ffa
5a78d686f9f2df6cf037bd2f8d264f7fe20e0d44e686f61cdd1a2edc377519ec
5ae47b7003ee7b66b76e53a63ba32dba1ebc0d0379bab7e8b24cba5ac6ceab6e
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5c716b541f4ddccc7b9be7e11b956c77edb05261ac160e4abdc9d72a32f13f2f
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0
6309c4a5cc3463b9b7180a7b7c4cd233492052104119f23b6fbc1d79bd99e7ad
66d171eac3ab5190b2f57fd70164aa357235d5847524d456fb2881edcf6918de
679a4d74c91d37058764933792a378fa49110716914f40e4988b8a69a2923c1e
6907fdf9af3c8425a96c3377a64d5433f40a096a18e5905c7644acc91ea36a8a
6a46038f38ed947bd05566d4f8db7340927644407163807e36256b2490a63a6f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e2f0b1f4d6ed1ed3a0918cdd43a258b235cb05bd1a5875c2b334bdf9c062824
6eb5bb5158e2bd639b52325d569fdf6f71f87769b6e9d67151d46f11e469801f
703583b9f92f590726e22e91067c24565b1a57b308b8f7de33eed86a21b2fd55
704f212551e7e23fe504966ee5279640610d073a2236b476d94976ecb840c034
72d5172dfe30305a71cf5d32d9c10d5e0b2f20c894e8ad8f07cfd4427cd00f74
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
754970eaac11fed3c9d4af1cd0c433507dc6886aa484c4530d17b3d6c73d1b1d
75a04fe8bdb3b73b144726ea123f85d4e7b123ecb947985934ae37e672724db4
79e19ced4ea473154f6ced4ec56a9ee7b57333dbd4b4dc8949adb6c9cc2e9d8e
7aa3de3cbeaac194729834621c09a127dfba2d7fc731a0807e81219a6f69b079
7b4d3fa19b312a0d55da7421d6c87e6d600042cfcbabc51902c0d91af4328606
7cee7189ffb889724036983eeced509e2b6a4d4419597c255b070b2ae1e9197d
7d4f4cde1c12b9a863c4d926bfdec83c3454e9cc289421b0b54dec9e29ce02c5
7ef00d90ceb3fab734be8e89e300e1ad0665ff11070ddb201ad3472439bb06fd
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
7ff00b7a94c1f985573dd018a80379acb2808a71433e651aa032408cb1213c64
8039035a60f95ba4f1e3e5eb1ea3cb5387a974ceb91c73b2be12cfda5e7a8d04
81df33b8ec3364e1fc2779f7a668888a7d3efadd5b1c5628932e10dd32db77bf
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ea2a9d9e3c396128b36dc836e591a8c6d37cc1070ce0ad8b538a3289ffeb19
8783e8fbce8682e675da8fd7ab26635ccfcffd6191c934cfd89d6f79b5378e59
8847cc60ae38e9ee058fe1c1ead1cd834995c605c5d940437078419e622ce933
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8a54aa073969ffbe33ba7386333d486519ef597b7b5e657252d30fe3a569efdf
8a810cd88e69dff1b9a110d459a08d67ccccf528367578a95a039fb5d329281f
8b89493dea8f626d5c54909f4cee2d5d8f79a6450647347f776b9e5f52c7c45c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7ce7d41f3939e38ce2b582b79dfe76ef3143ae9bf2870c5d4a530f037b148b
8e17416059f9e1ada9694ae457d869c6c2941d9da66c9e9ac5d725ab45b50d81
8f53d29d769856c8bbfeaa102e900b1c07840f9415dbb1e9088a3acad824276a
90f9937f4c37c8ed81eeffbd82bd38a619aacda6bf44ffb4aa7e4d1e2e0470d0
91f8ecf969595c1e4e577b1e011140608fdc73abdc655726e4ae5b2ff5d3b7fb
93278eaf4de30fef550048be5a947995230229af06c1e0a42c914bc275a0e919
93b6af29c5e05a12b43632d6287214a3fe302d429a8f674a7e1e8aefe1027f8f
9584f5bd7b51708daf97a03046b474694c868e920a5047463a98c3889c586de4
97152508df33871d78e6d8595480ac6c5cf8f2feb1fc1ef7fd2ef7a0517810c7
97fcd8f33c72953a67247b628d12ca40d4df2572e08ef5ce1b04d310298dc7c9
9a5102012bb51c0aebff9a62452465fb242d5a175e17bdce5862622087a78cc1
9ae8bbf7f8b5f1d3bfbebd5593f718f867d7962e895dc47508735bab6bbc454d
9c9152a0157f06e7af13f18766e0774c01a093b5e2194360ed5d18760ef431e7
9d6ce42d326385a78bc33983ad259f2a8fffcd6c2cfd3c53f5eb924bed4514b8
9f0053c6e34d063e7fdef12f2060608d6fa828a24cbb02e54e824ae79dafd9e8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0edd2250d92e41e460bde20e1bc2770d7360aaa7520f5050a87cd2b8dbda217
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a217093482f8f267d7b2687f71cb07e0d1d54f2006e6895e78b94e3b390721bb
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5628efbf02460d323fd28c0a5cbaabb6097a924c158db1523a18292809691e5
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7c20976bb04ef6e0a02acd3cfacde830442230b525864250ab74b113453794f
a7e10dbfb0283c0817331b260e5d431bf49b969e3ff862292752c747bdf39e1d
a829de87d087e2ed0fd6212afdef1ffba129570de8a57ce6023458aafee7d2d0
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201
aa957210d3a01bd32ad1ac8204388de01f6266522f955e740ddacb63cb7efe1e
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
ac1536aea35ab05c539a51b3a46d50931a2970ec90e881b2fe3d0dbd02b80ba7
aca2f54c99f924c83be63bc175e2b50ae9242bafbed4958a3d27769461f70b2b
b1bc0fed6c324550790d139c639f94e110ea5212259150f3d2d21be25ec33c53
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b2810c25d2c5bb556a47609c0869ddc92d7df222eb58b5260bacd8ab798569ee
b4eacf23bb8c23e212ad8a0091f45803f7ada6430ff997f13a22c66d4bc8faec
b6b9161ef29e0f0ee30be59cd9f34b072d5164070dc7b2c23ca0d4bb51826af6
bb9154b6e7ad2be43ab97ad68b5f365b180820af1d4c2175fec328e3fc48ff14
bbf8f32d4b79c203421092b55c46980b034523a07466f67bd2e5bc82aa28d3b6
bc2b13f80a4d2aebe8552dc439aa5c0f2322ba9d1db1e861ddcd378650c08fbb
bcea7032be69dd43fb201d37e7430992109855891f6a0341d23f340f53c00d39
c0cbf891a3296c09c83f2c9ed876ef25bb40da30f61f6ae4acfb76908e9b786d
c374557595201904da5bc03efc1315bd96b586ce9b601ed9a1eddf7410da5895
c3b5e51a25ec089ff57c04dde8201ebd6339d41bab9775a662ee33b5556370c9
c3cc00dba6427450ca398d496b6d4d5ae385c893d1470754f1fba733c2a54d04
c3f2ca3c3c53fd03c471250fb65377ec3c775aa398e3a08c16dcc4efc3659cd4
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
c8c142eac1ae9a9f7cce24a20edafe60fa26307439e2409ee9393b1a550292af
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8
c957adaf4326a8636ad68fc78acb194b96b34bbeba09daf6b36c74975ac37d21
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d212518bc7e09285d2ed0142c582cf781f9169b22c622cb9f1fd9d5fcf38e1cb
d287da709652059aee8af366398fb5597fa3bf2e9cbe53b7c8ffe3da44f19ff8
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
d3b46d2cc0f52beeead64060dc8453a7fa787b730d1f8b35b6c290225bbfb28a
d441e5b0248e45e84fcd6773f562d0848f632bf0e30285b7b0a18accf57edfed
d4e5a87b0e7c72196b5479154265612e54c91153629cc5a22bf4432eceaae60c
d57977eb4dce878622263a6b26a0656d995c2ed7020341bff8f69ce1e5c82d0f
d685fd45aa5f5e3cf9f47ca7853bc5c96ffb52136800c85f98ac11085b520663
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da7c0db2b45a67050b4479f6da5fad15117887c0cfa5a7541829dfd14a05624e
dc04a85f9560e201c04132fdf529308820fbd630c6cf85c21e638ed9760b50f3
dc5a268159727297ac6b538d38d33f487dd9f3d0f19cdc9bf5fe65d96aba693c
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
df140d8382fe2904fb0d1fd74b41836e9b93755542a9266b5b04194908ac870b
e38335b8da3a11b4a278e7572f99a3990da81b9764b7526bd7b69ec0c6a57c84
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53e3225dd38555910d735fb00b46096a8145722c7ecb55c6ed60774470f54ac
e6884beffbeb4ca2d4cd08ed27c4e8962764a4aa89094213ee4d3127cbb2199d
e6debe55d88f60f310b3ae5b6c55c812dacb61f6166413f740dd75c26006d276
e751e56a80eafc3eae652801cd95947a621fa19d13b51e8ae2ba8ca92809b824
e811e414f4376d969d84db459974e258fbea5cb9aaa9fc90049c18946eb2a6e7
e85e63b826a38be8463c806740cca67a0eb50772eda0c551a7cde5cb3270a41f
e8d41b29fc9583d50152269f161f17fdf6f291a69a045c830f852bcc9c6c0f20
ea2cfd052397a2a777ace87690d76dc8caa81d75a37d35639401e7e995bff377
eda8bc7915a253408ab7ac580b71c54e0a3dceda2377ebd966eb418f0d8ea3ea
ee6700679f12efb4bede0842985cfda0b26eac03eaba5b03cddb64829f23e992
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff5a93ff9fd70a1bd514db7f78bd81e96a79773f250a780682e6f82307f9642
f04fd3b29b75ab7eb27ab2bb0c53e69b0947e3ce95ef43a559804454aacb3ff9
f117756a981f0a57be016c03d2d727a14f9fbc0b003133d5126790d11a2a0470
f11884de40899d47234c1cf86074c4e1daf2adf2b83ecff07996dba83044fa47
f226fac24eddb7ea232ccb727ac1395dadf83f3873441f5ff124598b4e681c82
f27408b033a0195d0f29b0ecbc143f470c4fbb0807472a688b2f9e66403651e0
f27987d359c2f8b5d3beb675dc857ae32f1d36031fdbf1ba3e505392a032af15
f3ec08680b11c8e7e62e3f58f6de8850ada5e7b39d5a50f0dcd134b1014e0600
f3fe183cf65f19ad2ed6494c6cbc3bd50bd86a9b6c7ccbff95143fa6c26bacb8
f485a249bbefbd76b90c2e8ad5b2d3cf300b2596b846bc38164e3d2aa7f5a730
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6b3aeb908aaf9e30b9255421ef98ad57b86c05cdd78dd8167c84e29d2d21e5c
f71d2b3f8f68673bf3703b008fc6fd52fd1967171ce89b98ff6e68c824387dc6
f814909edd91c7ce87ce39c5f4ede78a2df74ebd3632b1c262ed6489f27a3ead
f82f91be376838eac98e0c16c2435a50537b748bcf054b73ab7a385457733b5e
f86294c6a574519df6e9a633cb757fe721cece155ed0d2f0556ed7492ec4d45d
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb6a3eed349395864a8975b51270650f0fdf16db39e04318a8a00284f3a72290
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
ff465494895c140fd64990db088bc91035c73c5a35fd77d97f7530004d65fda6