i.eqla3.com Open in urlscan Pro
116.202.133.99 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://t.co/oKCEdZCK
Effective URL:
http://i.eqla3.com/
Submission: On June 14 via manual (June 14th 2020, 9:34:24 pm UTC) from US

Summary HTTP 52 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 52 HTTP transactions. The main IP is 116.202.133.99, located in Germany and belongs to HETZNER-AS, DE. The main domain is i.eqla3.com.

This is the only time i.eqla3.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
19	116.202.133.99 116.202.133.99	24940 (HETZNER-AS) (HETZNER-AS)
4	116.202.155.206 116.202.155.206	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	94.130.11.184 94.130.11.184	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
4	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
52	15

2 104.244.42.197 (United States) 1 redirects

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 116.202.133.99 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.99.133.202.116.clients.your-server.de

i.eqla3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hn.eqla3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 116.202.155.206 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.206.155.202.116.clients.your-server.de

demo.mexat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.130.11.184 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.184.11.130.94.clients.your-server.de

www.vb.eqla3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c1f9b4257881f7b80a244586de908d0c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	eqla3.com i.eqla3.com hn.eqla3.com www.vb.eqla3.com	503 KB
9	googlesyndication.com c1f9b4257881f7b80a244586de908d0c.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	159 KB
4	doubleclick.net securepubads.g.doubleclick.net	95 KB
4	gstatic.com fonts.gstatic.com	80 KB
4	mexat.com demo.mexat.com	98 KB
3	ampproject.org cdn.ampproject.org	92 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	t.co 1 redirects t.co	765 B
1	google.com adservice.google.com	168 B
1	google.de adservice.google.de	168 B
1	googletagservices.com www.googletagservices.com	15 KB
52	11

	Domain	Requested by
18	i.eqla3.com	t.co i.eqla3.com
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.vb.eqla3.com tpc.googlesyndication.com cdn.ampproject.org
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.vb.eqla3.com
4	fonts.gstatic.com	i.eqla3.com
4	demo.mexat.com	i.eqla3.com
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
3	cdn.ampproject.org	securepubads.g.doubleclick.net
3	fonts.googleapis.com	i.eqla3.com
2	www.vb.eqla3.com	i.eqla3.com www.vb.eqla3.com
2	t.co	1 redirects
1	c1f9b4257881f7b80a244586de908d0c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	www.googletagservices.com	www.vb.eqla3.com
1	hn.eqla3.com	i.eqla3.com
52	15

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
eqla3.com
www.tahmeel.com

Subject Issuer	Validity	Valid
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://i.eqla3.com/
Frame ID: A2E284020B56E79779AB0D1D1A0601C7
Requests: 32 HTTP requests in this frame

Frame: http://www.vb.eqla3.com/code/f612290b9ef2a8a9a8dd39c0a42f44ab.html
Frame ID: 8EFD7BB89C2B421966FA52C6E5FD9E97
Requests: 1 HTTP requests in this frame

Frame: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html
Frame ID: E47FCBBB566D0C06AC1C6C9DB795E91D
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js
Frame ID: CC33B0468A238EDAEE6247944EC22D71
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: B126C4BBE520E498B3A6E7ABCADA2B95
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://t.co/oKCEdZCK HTTP 301
https://t.co/oKCEdZCK Page URL
http://i.eqla3.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

UIKit (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+class="[^"]*(?:uk-container|uk-section)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

52
Requests

42 %
HTTPS

64 %
IPv6

11
Domains

15
Subdomains

15
IPs

2
Countries

1045 kB
Transfer

1494 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/pages/IEqlaa-Page/232541243502383?sk=info

Search URL Search Domain Scan URL

URL: https://twitter.com/#!/ieqla3

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/Eqla3Apple

Search URL Search Domain Scan URL

URL: http://eqla3.com/
Title: منتديات الاقلاع

Search URL Search Domain Scan URL

URL: http://www.tahmeel.com/
Title: تحميل دوت كوم

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://t.co/oKCEdZCK HTTP 301
https://t.co/oKCEdZCK Page URL
http://i.eqla3.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://t.co/oKCEdZCK HTTP 301
https://t.co/oKCEdZCK

52 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

oKCEdZCK Show response
t.co/
Redirect Chain

http://t.co/oKCEdZCK
https://t.co/oKCEdZCK

251 B
552 B

189ms
149ms

Document
text/html

104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/oKCEdZCK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

fe7e670a002926d47c2c738c9dbe70079c75a0f6a5bd2be20c1c538466f50b0d

Security Headers

Name	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

:method: GET
:authority: t.co
:scheme: https
:path: /oKCEdZCK
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: private,max-age=300
content-encoding: gzip
content-length: 189
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Sun, 14 Jun 2020 21:33:46 GMT
expires: Sun, 14 Jun 2020 21:38:46 GMT
referrer-policy: unsafe-url
server: tsa_o
set-cookie: muc=da77ec5b-0a2e-4908-bf39-ea26af67b66e; Max-Age=63072000; Expires=Tue, 14 Jun 2022 21:33:46 GMT; Domain=t.co; Secure; SameSite=None
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: dff3225810f7a96e75d82d05432b7059
x-response-time: 129
x-xss-protection: 0

Redirect headers

content-length: 0
date: Sun, 14 Jun 2020 21:33:46 GMT
location: https://t.co/oKCEdZCK
server: tsa_o
x-connection-hash: 3bc406c07c121286a0a5ae9ec1f92954
x-response-time: 107

GET
H/1.1 200
OK Primary Request / Show response
i.eqla3.com/ 14 KB
15 KB 188ms
163ms Document
text/html 116.202.133.99
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://i.eqla3.com/
Requested by: Host: t.co
URL: https://t.co/oKCEdZCK
Protocol: HTTP/1.1
Server: 116.202.133.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.99.133.202.116.clients.your-server.de
Software: Apache /
Resource Hash: d6f1a3740a4e4b84129d1c147434a68ee51e35f8d5c7bc6d492c28c8a3d080b5

Request headers

Host: i.eqla3.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: https://t.co/oKCEdZCK
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://t.co/oKCEdZCK

Response headers

Date: Sun, 14 Jun 2020 21:33:46 GMT
Server: Apache
X-Pingback: http://i.eqla3.com/xmlrpc.php
Link: <http://i.eqla3.com/?p=544>; rel=shortlink
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK jquery.js Show response
i.eqla3.com/wp-includes/js/jquery/ 91 KB
91 KB 51ms
38ms Script
application/javascript 116.202.133.99
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://i.eqla3.com/wp-includes/js/jquery/jquery.js?ver=1.10.2
Requested by: Host: i.eqla3.com
URL: http://i.eqla3.com/
Protocol: HTTP/1.1
Server: 116.202.133.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.99.133.202.116.clients.your-server.de
Software: Apache /
Resource Hash: ac8e31ca027b7b2aca9fae073010b75af86df534c88fa3a6783b1c30c96e6caa

Request headers

Referer: http://i.eqla3.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Jun 2020 21:33:47 GMT
Last-Modified: Mon, 24 Mar 2014 13:17:44 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 93085

GET
H/1.1 200
OK jquery-migrate.min.js Show response
i.eqla3.com/wp-includes/js/jquery/ 7 KB
7 KB 50ms
37ms Script
application/javascript 116.202.133.99
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://i.eqla3.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
Requested by: Host: i.eqla3.com
URL: http://i.eqla3.com/
Protocol: HTTP/1.1
Server: 116.202.133.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.99.133.202.116.clients.your-server.de
Software: Apache /
Resource Hash: c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

Referer: http://i.eqla3.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Jun 2020 21:33:47 GMT
Last-Modified: Mon, 24 Mar 2014 13:17:55 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7200

GET
H/1.1 200
OK widgetkit-5503688f.css
i.eqla3.com/wp-content/plugins/widgetkit/cache/ 52 KB
53 KB 28ms
24ms Stylesheet
text/css 116.202.133.99
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://i.eqla3.com/wp-content/plugins/widgetkit/cache/widgetkit-5503688f.css
Requested by: Host: i.eqla3.com
URL: http://i.eqla3.com/
Protocol: HTTP/1.1
Server: 116.202.133.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.99.133.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 4fac9c4fad3d7074ea770c4d490708145dcb0f50f921325d90aec646bedaaf77

Request headers

Referer: http://i.eqla3.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Jun 2020 21:33:46 GMT
Last-Modified: Mon, 24 Mar 2014 20:21:15 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 53639

GET
H/1.1 200
OK widgetkit-2f0864e3.js Show response
i.eqla3.com/wp-content/plugins/widgetkit/cache/ 20 KB
21 KB 50ms
38ms Script
application/javascript 116.202.133.99
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://i.eqla3.com/wp-content/plugins/widgetkit/cache/widgetkit-2f0864e3.js
Requested by: Host: i.eqla3.com
URL: http://i.eqla3.com/
Protocol: HTTP/1.1
Server: 116.202.133.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.99.133.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 9715a78a0b603a207b7df5c6f0036d3a97719d1a9a26770dda70958f41b161af

Request headers

Referer: http://i.eqla3.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Jun 2020 21:33:47 GMT
Last-Modified: Mon, 24 Mar 2014 20:21:15 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 20974

GET
H/1.1 200
OK theme-6bb543c1.css
i.eqla3.com/wp-content/themes/yoo_square_wp/cache/ 88 KB
88 KB 50ms
38ms Stylesheet
text/css 116.202.133.99
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://i.eqla3.com/wp-content/themes/yoo_square_wp/cache/theme-6bb543c1.css
Requested by: Host: i.eqla3.com
URL: http://i.eqla3.com/
Protocol: HTTP/1.1
Server: 116.202.133.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.99.133.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 2652c2a4a20956a3e894ef7084802e81394c0d304d7563e0368d0354f2962841

Request headers

Referer: http://i.eqla3.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Jun 2020 21:33:47 GMT
Last-Modified: Wed, 02 Apr 2014 20:23:53 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 90327

GET
H/1.1 200
OK theme-bb112044.js Show response
i.eqla3.com/wp-content/themes/yoo_square_wp/cache/ 51 KB
51 KB 51ms
39ms Script
application/javascript 116.202.133.99
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://i.eqla3.com/wp-content/themes/yoo_square_wp/cache/theme-bb112044.js
Requested by: Host: i.eqla3.com
URL: http://i.eqla3.com/
Protocol: HTTP/1.1
Server: 116.202.133.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.99.133.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 9beeeac9bc177c779ac043af4ebe912672f04805afcde5fd5f43bd9711a392c1

Request headers

Referer: http://i.eqla3.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Jun 2020 21:33:47 GMT
Last-Modified: Wed, 02 Apr 2014 19:42:22 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 52289

GET
H/1.1 200
OK 1logo.png
hn.eqla3.com/ 22 KB
22 KB 50ms
37ms Image
image/png 116.202.133.99
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hn.eqla3.com/1logo.png
Requested by: Host: i.eqla3.com
URL: http://i.eqla3.com/
Protocol: HTTP/1.1
Server: 116.202.133.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.99.133.202.116.clients.your-server.de
Software: Apache /
Resource Hash: b692e7a4b4ca52017f9a2a98ccbd7231a9283c9701be6c7f064c6bf04f9e80a9

Request headers

Referer: http://i.eqla3.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Jun 2020 21:33:47 GMT
Last-Modified: Wed, 02 Apr 2014 12:42:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 22108

GET
H/1.1 200
OK home-slideshow-slide1.svg
demo.mexat.com/wordpress/square/wp-content/uploads/yootheme/demo/purple/slideshow/ 30 KB
30 KB 85ms
66ms Image
image/svg+xml 116.202.155.206
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://demo.mexat.com/wordpress/square/wp-content/uploads/yootheme/demo/purple/slideshow/home-slideshow-slide1.svg
Requested by: Host: i.eqla3.com
URL: http://i.eqla3.com/
Protocol: HTTP/1.1
Server: 116.202.155.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.206.155.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 913a819009d8fe405d91d8f572d401a33c3a72d4b7f9a12c1dcb243c6d1559ef

Request headers

Referer: http://i.eqla3.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Jun 2020 21:33:47 GMT
Last-Modified: Sun, 23 Mar 2014 20:11:45 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 30673

GET
H/1.1 200
OK home_responsive.svg
demo.mexat.com/wordpress/square/wp-content/uploads/yootheme/demo/purple/content/ 2 KB
3 KB 51ms
39ms Image
image/svg+xml 116.202.155.206
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://demo.mexat.com/wordpress/square/wp-content/uploads/yootheme/demo/purple/content/home_responsive.svg
Requested by: Host: i.eqla3.com
URL: http://i.eqla3.com/
Protocol: HTTP/1.1
Server: 116.202.155.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.206.155.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 196615292b6b651ba6b64c332023a6f0bd422b44af215a8e62666dc7bd8f641b

Request headers

Referer: http://i.eqla3.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Jun 2020 21:33:47 GMT
Last-Modified: Sun, 23 Mar 2014 20:11:38 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2505

GET
H/1.1 200
OK lightbox.js Show response
i.eqla3.com/wp-content/plugins/widgetkit/widgets/lightbox/js/ 17 KB
17 KB 25ms
24ms XHR
application/javascript 116.202.133.99
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://i.eqla3.com/wp-content/plugins/widgetkit/widgets/lightbox/js/lightbox.js?wkv=1.4.6
Requested by: Host: i.eqla3.com
URL: http://i.eqla3.com/wp-includes/js/jquery/jquery.js?ver=1.10.2
Protocol: HTTP/1.1
Server: 116.202.133.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.99.133.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 3a7fb877256cd381979edcdbc16f0de1f1f1620b096dae68a333f9dbacd80c85

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: http://i.eqla3.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Jun 2020 21:33:47 GMT
Last-Modified: Mon, 24 Mar 2014 20:20:18 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 17068

GET
H/1.1 200
OK mediaelement-and-player.js Show response
i.eqla3.com/wp-content/plugins/widgetkit/widgets/mediaplayer/mediaelement/ 62 KB
62 KB 25ms
25ms XHR
application/javascript 116.202.133.99
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://i.eqla3.com/wp-content/plugins/widgetkit/widgets/mediaplayer/mediaelement/mediaelement-and-player.js?wkv=1.4.6
Requested by: Host: i.eqla3.com
URL: http://i.eqla3.com/wp-includes/js/jquery/jquery.js?ver=1.10.2
Protocol: HTTP/1.1
Server: 116.202.133.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.99.133.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 335bcfdce95b57f34709effb715c922545147d7f4f55e0314b67a53951708129

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: http://i.eqla3.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Jun 2020 21:33:47 GMT
Last-Modified: Mon, 24 Mar 2014 20:20:18 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 63289

GET
H/1.1 200
OK spotlight.js Show response
i.eqla3.com/wp-content/plugins/widgetkit/widgets/spotlight/js/ 2 KB
3 KB 24ms
24ms XHR
application/javascript 116.202.133.99
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://i.eqla3.com/wp-content/plugins/widgetkit/widgets/spotlight/js/spotlight.js?wkv=1.4.6
Requested by: Host: i.eqla3.com
URL: http://i.eqla3.com/wp-includes/js/jquery/jquery.js?ver=1.10.2
Protocol: HTTP/1.1
Server: 116.202.133.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.99.133.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 30d8a31b6d81b7640a80b4e4e121fcea8dd71d25967be4fb4d8f6d5be574d44a

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: http://i.eqla3.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Jun 2020 21:33:47 GMT
Last-Modified: Mon, 24 Mar 2014 20:20:17 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2462

GET
H2 200 css
fonts.googleapis.com/ 5 KB
776 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300

Requested by

Host: i.eqla3.com
URL: http://i.eqla3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bfa21901e87e44f386b8208764bc596acaaaa085e560bf989d40982eb0e5a7c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://i.eqla3.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 14 Jun 2020 21:09:51 GMT
server: ESF
date: Sun, 14 Jun 2020 21:33:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Jun 2020 21:33:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
606 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:300

Requested by

Host: i.eqla3.com
URL: http://i.eqla3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

23f791cd07f2f7a9039f2f226c3398fa1c530ebe41263dce0356ad19aed67f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://i.eqla3.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 14 Jun 2020 21:29:29 GMT
server: ESF
date: Sun, 14 Jun 2020 21:33:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Jun 2020 21:33:47 GMT

GET
H/1.1 200
OK droidarabickufi.css
fonts.googleapis.com/earlyaccess/ 1 KB
685 B 20ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/earlyaccess/droidarabickufi.css

Requested by

Host: i.eqla3.com
URL: http://i.eqla3.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

06eb9b648fd1429d0cef25265009259c35f053a76118194b4073c98e161812be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://i.eqla3.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Jun 2020 21:33:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400
Transfer-Encoding: chunked
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Sun, 14 Jun 2020 21:33:47 GMT

GET
H/1.1 200
OK f612290b9ef2a8a9a8dd39c0a42f44ab.html Show response
www.vb.eqla3.com/code/ Frame 8EFD 224 B
559 B 49ms
36ms Document
text/html 94.130.11.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.vb.eqla3.com/code/f612290b9ef2a8a9a8dd39c0a42f44ab.html

Requested by

Host: i.eqla3.com
URL: http://i.eqla3.com/

Protocol

HTTP/1.1

Server

94.130.11.184 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.184.11.130.94.clients.your-server.de

Software

nginx /

Resource Hash

212355c2a147bc463e4ba9e2670a9c820801447b73a67559b5b3437532845c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.vb.eqla3.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://i.eqla3.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://i.eqla3.com/

Response headers

Server: nginx
Date: Sun, 14 Jun 2020 21:33:47 GMT
Content-Type: text/html
Content-Length: 224
Connection: keep-alive
Last-Modified: Mon, 06 Jan 2014 08:40:48 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: MISS
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

GET
H/1.1 200
OK blue.svg
i.eqla3.com/wp-content/themes/yoo_square_wp/images/background/purple/ 1 KB
2 KB 26ms
24ms Image
image/svg+xml 116.202.133.99
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.eqla3.com/wp-content/themes/yoo_square_wp/images/background/purple/blue.svg
Requested by: Host: i.eqla3.com
URL: http://i.eqla3.com/wp-includes/js/jquery/jquery.js?ver=1.10.2
Protocol: HTTP/1.1
Server: 116.202.133.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.99.133.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 92aabf10fcb132d07c2457f948324f99cbca991b5bd402f1b7c13fe06d12b931

Request headers

Referer: http://i.eqla3.com/wp-content/themes/yoo_square_wp/cache/theme-6bb543c1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Jun 2020 21:33:47 GMT
Last-Modified: Mon, 24 Mar 2014 12:55:07 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1396

GET
H/1.1 200
OK top.svg
i.eqla3.com/wp-content/themes/yoo_square_wp/images/background/purple/ 1 KB
2 KB 26ms
24ms Image
image/svg+xml 116.202.133.99
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.eqla3.com/wp-content/themes/yoo_square_wp/images/background/purple/top.svg
Requested by: Host: i.eqla3.com
URL: http://i.eqla3.com/wp-includes/js/jquery/jquery.js?ver=1.10.2
Protocol: HTTP/1.1
Server: 116.202.133.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.99.133.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 80fa43b6d0a6279d28711cb744c3d7a7ea288322ffb4afc7570d6ef5c888625c

Request headers

Referer: http://i.eqla3.com/wp-content/themes/yoo_square_wp/cache/theme-6bb543c1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Jun 2020 21:33:47 GMT
Last-Modified: Mon, 24 Mar 2014 12:55:11 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1412

GET
H/1.1 200
OK light.svg
i.eqla3.com/wp-content/themes/yoo_square_wp/images/background/purple/ 938 B
1 KB 26ms
24ms Image
image/svg+xml 116.202.133.99
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.eqla3.com/wp-content/themes/yoo_square_wp/images/background/purple/light.svg
Requested by: Host: i.eqla3.com
URL: http://i.eqla3.com/wp-includes/js/jquery/jquery.js?ver=1.10.2
Protocol: HTTP/1.1
Server: 116.202.133.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.99.133.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 390b441391475fab40a3c34e328085cbb803a8b03596129116aa8a918d081fc1

Request headers

Referer: http://i.eqla3.com/wp-content/themes/yoo_square_wp/cache/theme-6bb543c1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Jun 2020 21:33:47 GMT
Last-Modified: Mon, 24 Mar 2014 12:55:10 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 938

GET
H/1.1 200
OK left.svg
i.eqla3.com/wp-content/themes/yoo_square_wp/images/background/purple/ 968 B
1 KB 26ms
25ms Image
image/svg+xml 116.202.133.99
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.eqla3.com/wp-content/themes/yoo_square_wp/images/background/purple/left.svg
Requested by: Host: i.eqla3.com
URL: http://i.eqla3.com/wp-includes/js/jquery/jquery.js?ver=1.10.2
Protocol: HTTP/1.1
Server: 116.202.133.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.99.133.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 07c26cc4eaa6cc7ed3642c374dbb913d5c58dae51373b62901b61a01b065a2c8

Request headers

Referer: http://i.eqla3.com/wp-content/themes/yoo_square_wp/cache/theme-6bb543c1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Jun 2020 21:33:47 GMT
Last-Modified: Mon, 24 Mar 2014 12:55:09 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 968

GET
H/1.1 200
OK center.svg
i.eqla3.com/wp-content/themes/yoo_square_wp/images/background/purple/ 881 B
1 KB 26ms
25ms Image
image/svg+xml 116.202.133.99
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.eqla3.com/wp-content/themes/yoo_square_wp/images/background/purple/center.svg
Requested by: Host: i.eqla3.com
URL: http://i.eqla3.com/wp-includes/js/jquery/jquery.js?ver=1.10.2
Protocol: HTTP/1.1
Server: 116.202.133.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.99.133.202.116.clients.your-server.de
Software: Apache /
Resource Hash: b9056673aa7a28e7de214fecb513f1db81cd59cb6ef8e43fd8dd5c62415e3871

Request headers

Referer: http://i.eqla3.com/wp-content/themes/yoo_square_wp/cache/theme-6bb543c1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Jun 2020 21:33:47 GMT
Last-Modified: Mon, 24 Mar 2014 12:55:08 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 881

GET
H/1.1 200
OK DroidKufi-Regular.woff2
fonts.gstatic.com/ea/droidarabickufi/v6/ 31 KB
31 KB 11ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Regular.woff2

Requested by

Host: i.eqla3.com
URL: http://i.eqla3.com/wp-includes/js/jquery/jquery.js?ver=1.10.2

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://fonts.googleapis.com/earlyaccess/droidarabickufi.css
Origin: http://i.eqla3.com

Response headers

Date: Fri, 12 Jun 2020 00:08:06 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 13 Aug 2014 16:50:04 GMT
Server: sffe
Age: 249941
Vary: Accept-Encoding
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 31248
X-XSS-Protection: 0
Expires: Sat, 12 Jun 2021 00:08:06 GMT

GET
H/1.1 200
OK nav.png
i.eqla3.com/wp-content/plugins/widgetkit/widgets/slideshow/styles/default/images/ 2 KB
2 KB 24ms
24ms Image
image/png 116.202.133.99
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.eqla3.com/wp-content/plugins/widgetkit/widgets/slideshow/styles/default/images/nav.png
Requested by: Host: i.eqla3.com
URL: http://i.eqla3.com/wp-includes/js/jquery/jquery.js?ver=1.10.2
Protocol: HTTP/1.1
Server: 116.202.133.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.99.133.202.116.clients.your-server.de
Software: Apache /
Resource Hash: f714603b6690fa987c4c4d4011a12978ab3ec1a0cf902fdf3d6576de7421f0a4

Request headers

Referer: http://i.eqla3.com/wp-content/plugins/widgetkit/cache/widgetkit-5503688f.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Jun 2020 21:33:47 GMT
Last-Modified: Mon, 24 Mar 2014 20:20:18 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1881

GET
H/1.1 200
OK fontawesome-webfont.woff
i.eqla3.com/wp-content/themes/yoo_square_wp/warp/vendor/uikit/fonts/ 43 KB
44 KB 41ms
24ms Font
font/woff 116.202.133.99
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://i.eqla3.com/wp-content/themes/yoo_square_wp/warp/vendor/uikit/fonts/fontawesome-webfont.woff
Requested by: Host: i.eqla3.com
URL: http://i.eqla3.com/wp-includes/js/jquery/jquery.js?ver=1.10.2
Protocol: HTTP/1.1
Server: 116.202.133.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.99.133.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://i.eqla3.com/wp-content/themes/yoo_square_wp/cache/theme-6bb543c1.css
Origin: http://i.eqla3.com

Response headers

Date: Sun, 14 Jun 2020 21:33:47 GMT
Last-Modified: Mon, 24 Mar 2014 13:03:27 GMT
Server: Apache
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 44432

GET
H/1.1 200
OK DroidKufi-Bold.woff2
fonts.gstatic.com/ea/droidarabickufi/v6/ 31 KB
31 KB 11ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Bold.woff2

Requested by

Host: i.eqla3.com
URL: http://i.eqla3.com/wp-includes/js/jquery/jquery.js?ver=1.10.2

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31f02fb9a8ae77e5d8bb229bf73f473f783e8155042655926cafca211cd11c98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://fonts.googleapis.com/earlyaccess/droidarabickufi.css
Origin: http://i.eqla3.com

Response headers

Date: Thu, 11 Jun 2020 13:10:01 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 13 Aug 2014 16:50:04 GMT
Server: sffe
Age: 289426
Vary: Accept-Encoding
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 31544
X-XSS-Protection: 0
Expires: Fri, 11 Jun 2021 13:10:01 GMT

GET
H/1.1 200
OK slideshow.js Show response
i.eqla3.com/wp-content/plugins/widgetkit/widgets/slideshow/js/ 20 KB
20 KB 25ms
25ms XHR
application/javascript 116.202.133.99
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://i.eqla3.com/wp-content/plugins/widgetkit/widgets/slideshow/js/slideshow.js?wkv=1.4.6
Requested by: Host: i.eqla3.com
URL: http://i.eqla3.com/wp-includes/js/jquery/jquery.js?ver=1.10.2
Protocol: HTTP/1.1
Server: 116.202.133.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.99.133.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 57999a424a01afd7cd49468f0d2c5679874a355d393e85726936658c40cce8f6

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: http://i.eqla3.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Jun 2020 21:33:47 GMT
Last-Modified: Mon, 24 Mar 2014 20:20:18 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 20160

GET
DATA 200
OK truncated
/ 15 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c7a772b6a3f31c6af3cacded6c81342985451195e0d4c8e6352abe0a3ecabfb

Request headers

Referer: http://i.eqla3.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: i.eqla3.com
URL: http://i.eqla3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,300
Origin: http://i.eqla3.com

Response headers

date: Thu, 11 Jun 2020 05:11:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 318143
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Fri, 11 Jun 2021 05:11:24 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: i.eqla3.com
URL: http://i.eqla3.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,300
Origin: http://i.eqla3.com

Response headers

date: Tue, 09 Jun 2020 22:05:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 430075
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Wed, 09 Jun 2021 22:05:52 GMT

GET
H/1.1 200
OK home-slideshow-slide2.svg
demo.mexat.com/wordpress/square/wp-content/uploads/yootheme/demo/purple/slideshow/ 57 KB
57 KB 28ms
28ms Image
image/svg+xml 116.202.155.206
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://demo.mexat.com/wordpress/square/wp-content/uploads/yootheme/demo/purple/slideshow/home-slideshow-slide2.svg
Requested by: Host: i.eqla3.com
URL: http://i.eqla3.com/
Protocol: HTTP/1.1
Server: 116.202.155.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.206.155.202.116.clients.your-server.de
Software: Apache /
Resource Hash: d06529c80c2a9a2c001c77713d21d81c5aac33e9f0c5564a725d851f5b097a8b

Request headers

Referer: http://i.eqla3.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Jun 2020 21:33:47 GMT
Last-Modified: Sun, 23 Mar 2014 20:11:48 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 58459

GET
H/1.1 200
OK home-slideshow-slide3.svg
demo.mexat.com/wordpress/square/wp-content/uploads/yootheme/demo/purple/slideshow/ 8 KB
8 KB 27ms
27ms Image
image/svg+xml 116.202.155.206
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://demo.mexat.com/wordpress/square/wp-content/uploads/yootheme/demo/purple/slideshow/home-slideshow-slide3.svg
Requested by: Host: i.eqla3.com
URL: http://i.eqla3.com/
Protocol: HTTP/1.1
Server: 116.202.155.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.206.155.202.116.clients.your-server.de
Software: Apache /
Resource Hash: c006122d913148b0ad5932760c74ef6132930547c583631bc41b5a26a6ff27ba

Request headers

Referer: http://i.eqla3.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Jun 2020 21:33:47 GMT
Last-Modified: Sun, 23 Mar 2014 20:11:51 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 8097

GET
H/1.1 200
OK 63390ae73e1bb12810813fee86602f11.html Show response
www.vb.eqla3.com/code/ Frame E47F 1 KB
989 B 27ms
26ms Document
text/html 94.130.11.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html

Requested by

Host: www.vb.eqla3.com
URL: http://www.vb.eqla3.com/code/f612290b9ef2a8a9a8dd39c0a42f44ab.html

Protocol

HTTP/1.1

Server

94.130.11.184 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.184.11.130.94.clients.your-server.de

Software

nginx /

Resource Hash

ea272992f93e6298576dbe6965d667d184f11ad3eb4a343e3c704d589510342c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.vb.eqla3.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.vb.eqla3.com/code/f612290b9ef2a8a9a8dd39c0a42f44ab.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.vb.eqla3.com/code/f612290b9ef2a8a9a8dd39c0a42f44ab.html

Response headers

Server: nginx
Date: Sun, 14 Jun 2020 21:33:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 06 Dec 2015 09:42:07 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame E47F 44 KB
15 KB 109ms
102ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.vb.eqla3.com
URL: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d1e177d6238548d0bda8a126b686d81af4f47348a31522d1a48f8ba38863500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Jun 2020 21:33:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "543 / 878 of 1000 / last-modified: 1591996377"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 14523
X-XSS-Protection: 0
Expires: Sun, 14 Jun 2020 21:33:47 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame E47F 109 B
168 B 14ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.vb.eqla3.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Jun 2020 21:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame E47F 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.vb.eqla3.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Jun 2020 21:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020060103.js Show response
securepubads.g.doubleclick.net/gpt/ Frame E47F 246 KB
88 KB 69ms
29ms Script
text/javascript 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

7281df0fc37f02952ecbff4b9f47640a7f193aac19c97f89e3e276b20d47e454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Jun 2020 21:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Jun 2020 18:46:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90085
x-xss-protection: 0
expires: Sun, 14 Jun 2020 21:33:47 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E47F 17 KB
6 KB 57ms
57ms XHR
text/plain 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4260609492054976&correlator=4450781316186610&output=ldjh&impl=fifs&adsid=NT&eid=21066347&vrg=2020060103&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200614&iu_parts=429840032%2C728_90_A&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&cdm=www.vb.eqla3.com&bc=23&abxe=1&lmt=1449394927&dt=1592170427633&dlt=1592170427368&idt=245&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=728&ish=90&oid=3&adxs=0&adys=0&adks=3201932012&ucis=66wuqmy9wwfe&ifi=1&ifk=1117539008&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=12&url=http%3A%2F%2Fwww.vb.eqla3.com%2Fcode%2F63390ae73e1bb12810813fee86602f11.html&ref=http%3A%2F%2Fwww.vb.eqla3.com%2Fcode%2Ff612290b9ef2a8a9a8dd39c0a42f44ab.html&top=http%3A%2F%2Fi.eqla3.com%2F&dssz=7&icsg=170&std=0&vis=1&scr_x=-12245933&scr_y=-12245933&psz=728x90&msz=728x-1&ga_vid=1504846812.1592170428&ga_sid=1592170428&ga_hid=985654513&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

338e605bb7712e7886ebf9ced93045d6f9954f8e9baaa81ae21354d2eda99195

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Jun 2020 21:33:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5415
x-xss-protection: 0
google-lineitem-id: 70705432
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 59029964632
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.vb.eqla3.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
c1f9b4257881f7b80a244586de908d0c.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame E47F 0
0 57ms
41ms Other
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c1f9b4257881f7b80a244586de908d0c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame E47F 0
0 6ms
6ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005262159000/ Frame CC33 202 KB
55 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b009637beabb9f494ef15cf6c4303652428789993effe3911dbac52d55d516b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 23716
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56265
x-xss-protection: 0
server: sffe
date: Sun, 14 Jun 2020 14:58:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9b3afaa85c48c2d0"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Jun 2021 14:58:31 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame CC33 97 KB
29 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f48155f11a2ab68fe1544f625c5692d20863eedb6ae86b09d68503c7181e213b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 23762
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29929
x-xss-protection: 0
server: sffe
date: Sun, 14 Jun 2020 14:57:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22e1efecde29c9e4"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Jun 2021 14:57:45 GMT

GET
DATA 200
OK truncated
/ Frame CC33 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 992be56b686e88701668ffe067b0c4ef9ef7ecd03e4178854dae1789b771b486

Request headers

Referer: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012005262159000/ Frame E47F 20 KB
8 KB 17ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b72dd7e2a01859f433e7aee18008c9b522f0b2e0396d5656edd9fb29a305cdb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2351
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7224
x-xss-protection: 0
server: sffe
date: Sun, 14 Jun 2020 20:54:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f6cfa2ba62463627"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Jun 2021 20:54:36 GMT

GET
H2 200 3064911820710370317
tpc.googlesyndication.com/simgad/ Frame CC33 74 KB
74 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3064911820710370317

Requested by

Host: www.vb.eqla3.com
URL: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78fb7cf1df2da246ce8f6ceaada05bb8160624602c3afae62049cf5fa589b56f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:00:38 GMT
x-content-type-options: nosniff
age: 419589
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75266
x-xss-protection: 0
last-modified: Thu, 04 Jun 2020 02:57:25 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jun 2021 01:00:38 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame CC33 0
291 B 31ms
30ms Image
image/gif 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8QLHT8ljmGhok6GhzC5O6qrD5yqv6OglLwZJ4kygOh9-0H2jPfqa6pNdaH7lQamFv017TUc1LLDgJm-ULLdQ0J0Q5rwlHgGZHliGrjukLPBgOMD-jlcrvvYhpWc2-I8fzzp3vdEo8YoD0MnP0EhydmLAFPcVadPOVhb5zOPOh-SLS6v9sFJ0qcQrICdvOPErTKz4C-5XTZ780fiu6HSN8S3xIsRqMUapSZde7XPd8kfcYVDQRWUk8FbcsaFyfN-Q9&sai=AMfl-YTvlKfw8Ag1Mn4K9cNc1qG2tKyO_EkHbyJbgZhMLE-pEoBKdY2wOHSURtuchZ2pqtjNQZkaO6JITtWQHiHAvApF4qKq6kUIs3NoJfbN5Q&sig=Cg0ArKJSzKsPPzVo-o10EAE&adurl=

Requested by

Host: www.vb.eqla3.com
URL: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Jun 2020 21:33:47 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 14 Jun 2020 21:33:47 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E47F 7 KB
6 KB 26ms
26ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020060103&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

222e5dc5ccd40b177600eb0e1e60236810f317ef25ee139d409529632de2f6e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Jun 2020 21:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5685
x-xss-protection: 0

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E47F 14 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 14 Jun 2020 21:33:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1591403518460474"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 5540
X-XSS-Protection: 0
Expires: Sun, 14 Jun 2020 21:33:47 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame B126 0
0 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Sun, 14 Jun 2020 20:40:40 GMT
expires: Mon, 14 Jun 2021 20:40:40 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3187
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 3064911820710370317
tpc.googlesyndication.com/simgad/ Frame CC33 74 KB
74 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3064911820710370317

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78fb7cf1df2da246ce8f6ceaada05bb8160624602c3afae62049cf5fa589b56f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:00:38 GMT
x-content-type-options: nosniff
age: 419589
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75266
x-xss-protection: 0
last-modified: Thu, 04 Jun 2020 02:57:25 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jun 2021 01:00:38 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame CC33 0
54 B 31ms
31ms Image
image/gif 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfaJuiZck0_Z8j0EsC9JdvlprFrrvpLnMYL7dWJXA4MkoE1GLnkQ4CbnQrAlRxyFuF6tcjP78NaokNgxFh10OW7aiLCk4lBM_5UBLxCGMtXCKNycTJ9o5f6Zh6geN4BEQDSSJXY5KupXeRMPvJ08LE8nNFD6yRHuIOiTp87RZ2kHDNrrUlBX-K3kF57oMYvgUjv09E_J21Oed-31ZxU2QYC86GXVWw9oQe_viRHWVgfF8D9bYPXTgajVwyF5TCfBE2WTw&sai=AMfl-YQXqEe6P-5Jww95VK2RTwhtK6DLCokw-QQKXaX95SRgt4A1HNn50tZlCl-4wCEt0kxYYQUF4jbiix1UkVDDNlUWGtlbCo7tGfQT5PQdHw&sig=Cg0ArKJSzFId7QmhHbY8EAE&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Jun 2020 21:33:47 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E47F 0
63 B 15ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020060103&jk=4260609492054976&bg=!qKulq7NYvi-nxKFH_q4CAAAAPlIAAAAOmQGk6b6Nt8tVH2gWuAJjCMHlGac12f16knJ3RhqnDENnx9F6_xxx-GPvYw1o9chOiOVBwvhk6aHC31-B8Kroed1mmhOid39CA05NhxQC9ftnoiFlruHGvzjJv1VhVTX_t3ri1SvknQL7VDkJeWjyhLB7jlASnoPPV2mX-0YOstjr-z6dYdJ1d0a58rWqEDPZBD_KQAsCCz_f3GPtL04n_VFPeJVguTnybqhW0Nr4hbLbzyigJSZrniV4dug3Jb5xeNXtbvwW1LEj8RqUnjWz7Rg880a6o7BleNEcfwyf2N6SZ-fpfiFKsy_YS8278Z48ZVVY51Nhb4kRJ26XHw_DodvUSG_CZ8T8TeO5i7JPrQpk0BvdMrK1UzgCJy8zVSwupp3Kdtl-2F-ePKK6apcDgSdbIsMBS3ClZvHN0S-_7TRL-PETtHdIl5QT95QUOx_mgDaFT3ny2JoGHqnuvmqkSLW7xBjTLLxAeo-I7IYmd6gfN0CLSD8rG79i3GIbiqazwjVDffR3MaPKfQLU8XYo0DcW0GjZghpJ5O5UsFd7Tpk0wZYB1PAG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jun 2020 21:33:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame CC33 42 B
115 B 14ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnT4mwPV5bVtdkpwOiKMrkOqZSJDc-FrsZ1zrc3D22wrk2OPc61-0hP2BiUHYU0AcKt85QxTOctte82JcEW7Jo-3HbXgD0BNErhOBygKk&sig=Cg0ArKJSzBifumTVcmkkEAE&id=ampim&o=0,0&d=728,90&ss=1600,1200&bs=728,90&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=102&tls=1102&g=100&h=100&tt=1102&r=v&avms=ampa&adk=3201932012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jun 2020 21:33:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005262159000 http://www.vb.eqla3.com/code/63390ae73e1bb12810813fee86602f11.html
console-api	warning	URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js(Line 21) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfaJuiZck0_Z8j0EsC9JdvlprFrrvpLnMYL7dWJXA4MkoE1GLnkQ4CbnQrAlRxyFuF6tcjP78NaokNgxFh10OW7aiLCk4lBM_5UBLxCGMtXCKNycTJ9o5f6Zh6geN4BEQDSSJXY5KupXeRMPvJ08LE8nNFD6yRHuIOiTp87RZ2kHDNrrUlBX-K3kF57oMYvgUjv09E_J21Oed-31ZxU2QYC86GXVWw9oQe_viRHWVgfF8D9bYPXTgajVwyF5TCfBE2WTw&sai=AMfl-YQXqEe6P-5Jww95VK2RTwhtK6DLCokw-QQKXaX95SRgt4A1HNn50tZlCl-4wCEt0kxYYQUF4jbiix1UkVDDNlUWGtlbCo7tGfQT5PQdHw&sig=Cg0ArKJSzFId7QmhHbY8EAE&adurl=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c1f9b4257881f7b80a244586de908d0c.safeframe.googlesyndication.com
cdn.ampproject.org
demo.mexat.com
fonts.googleapis.com
fonts.gstatic.com
hn.eqla3.com
i.eqla3.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
t.co
tpc.googlesyndication.com
www.googletagservices.com
www.vb.eqla3.com
104.244.42.197
116.202.133.99
116.202.155.206
216.58.210.2
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:802::2001
2a00:1450:4001:802::200a
2a00:1450:4001:808::2001
2a00:1450:4001:81a::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:81f::2003
2a00:1450:4001:820::2001
94.130.11.184
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06eb9b648fd1429d0cef25265009259c35f053a76118194b4073c98e161812be
07c26cc4eaa6cc7ed3642c374dbb913d5c58dae51373b62901b61a01b065a2c8
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
196615292b6b651ba6b64c332023a6f0bd422b44af215a8e62666dc7bd8f641b
1d1e177d6238548d0bda8a126b686d81af4f47348a31522d1a48f8ba38863500
212355c2a147bc463e4ba9e2670a9c820801447b73a67559b5b3437532845c94
222e5dc5ccd40b177600eb0e1e60236810f317ef25ee139d409529632de2f6e9
23f791cd07f2f7a9039f2f226c3398fa1c530ebe41263dce0356ad19aed67f6f
2652c2a4a20956a3e894ef7084802e81394c0d304d7563e0368d0354f2962841
30d8a31b6d81b7640a80b4e4e121fcea8dd71d25967be4fb4d8f6d5be574d44a
31f02fb9a8ae77e5d8bb229bf73f473f783e8155042655926cafca211cd11c98
335bcfdce95b57f34709effb715c922545147d7f4f55e0314b67a53951708129
338e605bb7712e7886ebf9ced93045d6f9954f8e9baaa81ae21354d2eda99195
390b441391475fab40a3c34e328085cbb803a8b03596129116aa8a918d081fc1
3a7fb877256cd381979edcdbc16f0de1f1f1620b096dae68a333f9dbacd80c85
3c7a772b6a3f31c6af3cacded6c81342985451195e0d4c8e6352abe0a3ecabfb
4fac9c4fad3d7074ea770c4d490708145dcb0f50f921325d90aec646bedaaf77
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
57999a424a01afd7cd49468f0d2c5679874a355d393e85726936658c40cce8f6
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
6b009637beabb9f494ef15cf6c4303652428789993effe3911dbac52d55d516b
7281df0fc37f02952ecbff4b9f47640a7f193aac19c97f89e3e276b20d47e454
78fb7cf1df2da246ce8f6ceaada05bb8160624602c3afae62049cf5fa589b56f
80fa43b6d0a6279d28711cb744c3d7a7ea288322ffb4afc7570d6ef5c888625c
913a819009d8fe405d91d8f572d401a33c3a72d4b7f9a12c1dcb243c6d1559ef
92aabf10fcb132d07c2457f948324f99cbca991b5bd402f1b7c13fe06d12b931
9715a78a0b603a207b7df5c6f0036d3a97719d1a9a26770dda70958f41b161af
992be56b686e88701668ffe067b0c4ef9ef7ecd03e4178854dae1789b771b486
9b72dd7e2a01859f433e7aee18008c9b522f0b2e0396d5656edd9fb29a305cdb
9beeeac9bc177c779ac043af4ebe912672f04805afcde5fd5f43bd9711a392c1
a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2
ac8e31ca027b7b2aca9fae073010b75af86df534c88fa3a6783b1c30c96e6caa
b692e7a4b4ca52017f9a2a98ccbd7231a9283c9701be6c7f064c6bf04f9e80a9
b9056673aa7a28e7de214fecb513f1db81cd59cb6ef8e43fd8dd5c62415e3871
bfa21901e87e44f386b8208764bc596acaaaa085e560bf989d40982eb0e5a7c8
c006122d913148b0ad5932760c74ef6132930547c583631bc41b5a26a6ff27ba
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
d06529c80c2a9a2c001c77713d21d81c5aac33e9f0c5564a725d851f5b097a8b
d6f1a3740a4e4b84129d1c147434a68ee51e35f8d5c7bc6d492c28c8a3d080b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea272992f93e6298576dbe6965d667d184f11ad3eb4a343e3c704d589510342c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f48155f11a2ab68fe1544f625c5692d20863eedb6ae86b09d68503c7181e213b
f714603b6690fa987c4c4d4011a12978ab3ec1a0cf902fdf3d6576de7421f0a4
fe7e670a002926d47c2c738c9dbe70079c75a0f6a5bd2be20c1c538466f50b0d

i.eqla3.com Open in urlscan Pro 116.202.133.99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

42 %HTTPS

64 %IPv6

11 Domains

15 Subdomains

15 IPs

2 Countries

1045 kBTransfer

1494 kBSize

0 Cookies

5 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

i.eqla3.com Open in urlscan Pro
116.202.133.99 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

42 %
HTTPS

64 %
IPv6

11
Domains

15
Subdomains

15
IPs

2
Countries

1045 kB
Transfer

1494 kB
Size

0
Cookies

52 HTTP transactions
2 data transactions