ugeen.live Open in urlscan Pro
176.123.9.60 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ugeen.live/
Submission: On January 21 via manual (January 21st 2024, 1:56:40 pm UTC) from TN — Scanned from DE

Summary HTTP 160 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 36 IPs in 11 countries across 31 domains to perform 160 HTTP transactions. The main IP is 176.123.9.60, located in Moldova and belongs to ALEXHOST, MD. The main domain is ugeen.live.

This is the only time ugeen.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	176.123.9.60 176.123.9.60	200019 (ALEXHOST) (ALEXHOST)
18	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	69.48.143.108 69.48.143.108	55293 (A2HOSTING) (A2HOSTING)
4	2a02:ec80:300... 2a02:ec80:300:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1 1	2606:4700:303... 2606:4700:3030::6815:4947	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	20.233.72.28 20.233.72.28	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 11	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3 7	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
4	138.201.63.157 138.201.63.157	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.63.117 138.201.63.117	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
3	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
1	3.10.64.81 3.10.64.81	16509 (AMAZON-02) (AMAZON-02)
1	23.192.250.178 23.192.250.178	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:cc6c:4f79:2b51:3805	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.2.230 37.157.2.230	198622 (ADFORM) (ADFORM)
1	65.9.95.127 65.9.95.127	16509 (AMAZON-02) (AMAZON-02)
1	13.227.219.46 13.227.219.46	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	18.134.214.132 18.134.214.132	16509 (AMAZON-02) (AMAZON-02)
160	36

36 176.123.9.60 (Moldova)

ASN200019 (ALEXHOST, MD)

ugeen.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
176.123.9.60	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.48.143.108 (United States)

ASN55293 (A2HOSTING, US)

www.citypng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:ec80:300:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:4947 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.adsports.ae	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.233.72.28 (Dubai, United Arab Emirates)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adtv.ae	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.157 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.117 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de

hal90003.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.10.64.81 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-64-81.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.192.250.178 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-250-178.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:cc6c:4f79:2b51:3805 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.230 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-127.prg50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-46.ams54.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.134.214.132 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-214-132.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	ugeen.live ugeen.live	1 MB
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	423 KB
23	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 309589	96 KB
20	gstatic.com fonts.gstatic.com www.gstatic.com	789 KB
12	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 98	109 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 38309 hal90003.redintelligence.net — Cisco Umbrella Rank: 210216	57 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	3 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	4 KB
4	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 2907	119 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 28599 api.webgains.io — Cisco Umbrella Rank: 69568	19 KB
3	medialead.de pv.medialead.de — Cisco Umbrella Rank: 41332	1013 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	246 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 583	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 874 s.tribalfusion.com — Cisco Umbrella Rank: 2405	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	131 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 69384	3 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495	718 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 738	98 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3445	104 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	463 B
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 16092	702 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 55633	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 148117	924 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2029	250 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	5 KB
1	adtv.ae adtv.ae
1	adsports.ae 1 redirects www.adsports.ae	451 B
1	wp.com i0.wp.com — Cisco Umbrella Rank: 3696	4 KB
1	citypng.com www.citypng.com — Cisco Umbrella Rank: 663014	28 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
160	31

	Domain	Requested by
35	ugeen.live	ugeen.live
18	pagead2.googlesyndication.com	ugeen.live pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
13	tpc.googlesyndication.com	pagead2.googlesyndication.com ugeen.live googleads.g.doubleclick.net tpc.googlesyndication.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com ugeen.live googleads.g.doubleclick.net
11	www.gstatic.com	www.google.com www.gstatic.com ugeen.live googleads.g.doubleclick.net
11	www.google.com	1 redirects ugeen.live www.gstatic.com www.google.com tpc.googlesyndication.com googleads.g.doubleclick.net
9	fonts.gstatic.com	fonts.googleapis.com
7	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	hal90003.redintelligence.net	1 redirects googleads.g.doubleclick.net hal90003.redintelligence.net
4	hal9000.redintelligence.net	googleads.g.doubleclick.net hal90003.redintelligence.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	fonts.googleapis.com	ugeen.live googleads.g.doubleclick.net hal90003.redintelligence.net
4	upload.wikimedia.org	ugeen.live
3	pv.medialead.de	hal90003.redintelligence.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.googletagmanager.com	ugeen.live adv.office-partner.de www.googletagmanager.com
2	api.webgains.io	analytics.webgains.io
2	c1.adform.net	2 redirects
2	8019191.fls.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	www.googletagservices.com	ugeen.live googleads.g.doubleclick.net
1	adservice.google.com	8019191.fls.doubleclick.net
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	id.rlcdn.com	googleads.g.doubleclick.net
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.awin1.com	hal90003.redintelligence.net
1	track.webgains.com	ugeen.live
1	adv.office-partner.de	hal90003.redintelligence.net
1	ad.doubleclick.net	googleads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	ugeen.live
1	adtv.ae	ugeen.live
1	www.adsports.ae	1 redirects
1	i0.wp.com	ugeen.live
1	www.citypng.com	ugeen.live
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
160	40

This site contains links to these domains. Also see Links.

Domain
linkjust.com
www.youtube.com
alkaicer.live

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
citypng.com cPanel, Inc. Certification Authority	`2023-12-22` - `2024-03-21`	3 months	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-18` - `2024-10-16`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
redintelligence.net R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
adv.office-partner.de R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-10` - `2025-01-10`	a year	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh

This page contains 25 frames:

Primary Page: http://ugeen.live/
Frame ID: B05782B88517EE334832B0EC79D4E19B
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Frame ID: CCE9FBF4052105311E137B5668AC932A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&adk=1812271804&adf=3025194257&lmt=1694075615&plaf=7%3A2&plat=1%3A16777216%2C2%3A16777216%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fugeen.live%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1705845395293&bpp=2&bdt=152&idt=216&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1975614699967&frm=20&pv=2&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=224
Frame ID: DEE1323543BE2B53ADF2321F823C9193
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&h=280&slotname=2757320077&adk=3885174689&adf=2959314990&pi=t.ma~as.2757320077&w=1200&fwrn=4&fwrnh=100&lmt=1694075615&rafmt=1&format=1200x280&url=http%3A%2F%2Fugeen.live%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705845395382&bpp=1&bdt=242&idt=141&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1975614699967&frm=20&pv=1&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=144
Frame ID: B4183B62F7EC00271EC8B8C00D1DBB2B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&h=280&slotname=2757320077&adk=198555541&adf=2936418766&pi=t.ma~as.2757320077&w=1200&fwrn=4&fwrnh=100&lmt=1694075615&rafmt=1&format=1200x280&url=http%3A%2F%2Fugeen.live%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705845395391&bpp=18&bdt=251&idt=143&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1975614699967&frm=20&pv=1&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2997&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=145
Frame ID: 6DCC007556EC8DC3598E1D017ABB314E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&h=280&slotname=2757320077&adk=1987696420&adf=923060072&pi=t.ma~as.2757320077&w=1200&fwrn=4&fwrnh=100&lmt=1694075615&rafmt=1&format=1200x280&url=http%3A%2F%2Fugeen.live%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705845395418&bpp=6&bdt=278&idt=123&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=1975614699967&frm=20&pv=1&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=124
Frame ID: 40AB5C0B890B05001770785788C5211B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LexPvMgAAAAALN68SVJjCdXthMxNSs9Sp6Q4Pdr&co=aHR0cDovL3VnZWVuLmxpdmU6ODA.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=zbx2g4bv5on5
Frame ID: B936B399B862E91F4AEBCCE5D6F78DAF
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6LexPvMgAAAAALN68SVJjCdXthMxNSs9Sp6Q4Pdr
Frame ID: B6743BE4E9627D6D465EA470161DAC05
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&h=280&adk=1285909816&adf=3457087865&w=540&fwrn=4&fwrnh=100&lmt=1694075615&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5107688672&ad_type=text_image&format=540x280&url=http%3A%2F%2Fugeen.live%2F&fwr=0&pra=3&rh=135&rw=540&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1705845396158&bpp=1&bdt=1017&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ad64b83023ba042%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA&gpic=UID%3D00000d45b11ffab0%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=2&correlator=1975614699967&frm=20&pv=1&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=1377&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=2
Frame ID: 13A9EC7B85A345788146AB2DCD95F01E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&h=280&adk=1285909816&adf=1609839804&w=540&fwrn=4&fwrnh=100&lmt=1694075615&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5107688672&ad_type=text_image&format=540x280&url=http%3A%2F%2Fugeen.live%2F&fwr=0&pra=3&rh=135&rw=540&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1705845396158&bpp=1&bdt=1018&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ad64b83023ba042%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA&gpic=UID%3D00000d45b11ffab0%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C540x280&nras=3&correlator=1975614699967&frm=20&pv=1&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=815&ady=2012&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=5
Frame ID: 57EE0D05E56B7D511A773BF035458E2B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&h=280&adk=1285909816&adf=1541082835&w=540&fwrn=4&fwrnh=100&lmt=1694075615&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5107688672&ad_type=text_image&format=540x280&url=http%3A%2F%2Fugeen.live%2F&fwr=0&pra=3&rh=135&rw=540&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1705845396158&bpp=1&bdt=1018&idt=0&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ad64b83023ba042%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA&gpic=UID%3D00000d45b11ffab0%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C540x280%2C540x280&nras=4&correlator=1975614699967&frm=20&pv=1&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=2683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=9
Frame ID: 169BB67553CA0DA3A905D4DE63544CE3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: E75C698668AF3C937F33213A1F7B57B9
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 23061C6905CC09F15D7A346FFBE175E9
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1EBE1DAE6EF399F5F224088D81D9967C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3C490AE753F253F37858791C50B6B57F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 17D7695F0CEFCFCC1841B07B909C7DDE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Frame ID: 4A5E0C67FE691BA697E2659F79380024
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVBGNwoLsEIcA2ZOLVbKbC-aChsMFtcj2K_iSrNTb64aZIxjyYGGpy1azpbsuT-FDhvT2TiGK4fntWrXuoPuYkE921pnROjQnEC9xltftUH6-BYIQdgu0GaZOq_UwsHWNVFcoZGq2VwB8Cy-HtKUWXLLPkYRXYFoJVEcSQl269mqiTlnn0
Frame ID: 5C9BDC757706ED1CC9E1455EB6F43D3E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 63BF379BDEFBBDB6CFE7049875A6FB9A
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: BB9CA4334A5E55850336DF2DE94562F5
Requests: 3 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 97AB25B7630AE0D3E07D1FABC7CC5D7C
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=52379300067847604444994012576003&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 84B7A830C667E5EA4028EBB3DF4E72E5
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKjF46fR7oMDFYVGHgIdg9IItA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3707813311086.461
Frame ID: 545DAEC43B0093EDE9670A71A6966C33
Requests: 2 HTTP requests in this frame

Frame: https://hal90003.redintelligence.net/request_content.php?s=52379300067847604444994012576003&a=31486f8f
Frame ID: 2F7E99639DE7B9AE726148C01D08D12E
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AB96C2E254A1FAC50CCA660E40D41512
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ugeen TV

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

160
Requests

71 %
HTTPS

50 %
IPv6

31
Domains

40
Subdomains

36
IPs

11
Countries

3505 kB
Transfer

7475 kB
Size

26
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://linkjust.com/bwoV3zWPO0hyy9u14lVD0
Title: تحميل كود

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=wXPXB1P_AsQ

Search URL Search Domain Scan URL

URL: http://alkaicer.live/
Title: انقر هنا وحمله الان

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://www.adsports.ae/images/loader.gif HTTP 301
https://adtv.ae/ar/sports

Request Chain 98

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoWIiu0pNjRICyuFRZqfz8&google_cver=1

Request Chain 117

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za0ilfe03t4IaX4B9fZ4sAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoWIiu0pNjRICyuFRZqfz8&google_cver=1

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHRmyyQUOPSStHELNaZBWSY&google_cver=1

Request Chain 119

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU4ODQwMTg3NTMxNjcxNjcyOA%3D%3D

Request Chain 124

https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0111a6e316&subid=&uid=7021ec7cb122f02d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCw6GplCKtZZK4FPD77OsP3cmzqAKm5b2gab2TnKfJD_AuEAEg3-2WjgFglYKAgKAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBOQBT9DPZS_n7HNjy4GX9U5Gn718s2R5TMxQOGg3rD4_TN7yD4gBG5kvpIoVAfOB4waVgGLyLb8EifcTzJsJIf2TdR98c84WFj5iHafNEgJu7uTgAOTpApjcZkPXvUMG7yK5N-rD_o34E4O1vk-1TZBcN12UiujPp1JT0BPpJYjzykzROY89KfSv0LdOeHvx6gOfD7ebFWsVrYr2TjkB4id4v47fEqMQdib2b-rx1q7DhSXlIG9WAw6L0QIxkWoDsn5aRxfiBlZruwR_NjoFd_Q3tOq-RU1SDdwj_hODEI2i_N7l3rVYwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIbhhqfR7oMDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_of3BIFI_D_Qhau0-8xBxfB0jZQRks0-9Mdp9SVnYE3is61a4s59jeGHRyrYtAK7G6-EfJu9uTBgB%26sig%3DAOD64_0Njv_Ydp369ZBTOnZbH1KXLbKT6Q%26client%3Dca-pub-3252277975094311%26dbm_c%3DAKAmf-AoV4tyzfPJeaSkVYTXtoDf9HQJsR7pb8A3C9xWlmfmQrnmcTnXeWyEQqPIelxmzo5y4i1hW7-WNSobi0vqRYVSAaatUCEq2wQ62QXs1FcBWS0BloxOutaF18IRMnvNq315VoaAlEwuZmCnovautgA-NgGMAs0fePQRk_yoO-3_VfqRx7c%26cry%3D1%26dbm_d%3DAKAmf-Ato433Idr8TGGajRIp8xqRXzHtH6qwUp1ILcUGCsDpAR0jZP-E_pjonxiHItwQmu3KMC--cbJxakG3AXeg-JV_-i4_Pn1AiRoCH_DNVFYgh7yr5v1lv5mJpVQfuXNYamn_tUHY2Re_Tu5PvkT8PKBMDa9QaKrfDrazZYNIqLSF5JlwXacnLSumodluPwOTWF5KYqCpHAUbawxSIEYWtHYGn-f_MJTwloxNauOKHX1npE16ivPbEAN1nzb-o9v1tvFODX-WFrJCeFVBQWXX-MAQFzlHYyyuEnXawUz5S6n_e6EV2APCz_Ijqyxe7yd7-NLZfl0PqolOH-qpfRUP1ciild1IQFSKsj6IPHV4s1-csVo11d_uXhFOovXpo6O3s9CbndzcrrYW0cfluvZddPe7UFJ1Awt_799K7ewEf6jLsr9jG140jUZqQKefARDhckLFBsTg35n5ctaieSEUF2e8XAzuWqovAnHo897OU8QitSz8E4YvHfdFsuPmg3aZ_ZiRf3e2hCYP3miiqWbn8LQMenpHY7K9T82YaXzSwGDU5ycMYBQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3252277975094311%26output%3Dhtml%26h%3D280%26adk%3D1285909816%26adf%3D1541082835%26w%3D540%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1694075615%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D5107688672%26ad_type%3Dtext_image%26format%3D540x280%26url%3Dhttp%253A%252F%252Fugeen.live%252F%26fwr%3D0%26pra%3D3%26rh%3D135%26rw%3D540%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D27%26dt%3D1705845396158%26bpp%3D1%26bdt%3D1018%26idt%3D0%26shv%3Dr20240118%26mjsv%3Dm202401170101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D8ad64b83023ba042%253AT%253D1705845395%253ART%253D1705845395%253AS%253DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA%26gpic%3DUID%253D00000d45b11ffab0%253AT%253D1705845395%253ART%253D1705845395%253AS%253DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw%26prev_fmts%3D0x0%252C1200x280%252C1200x280%252C1200x280%252C540x280%252C540x280%26nras%3D4%26correlator%3D1975614699967%26frm%3D20%26pv%3D1%26ga_vid%3D633736644.1705845395%26ga_sid%3D1705845396%26ga_hid%3D18600395%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D245%26ady%3D2683%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D95320239%252C44759875%252C44759926%252C31080443%252C44798934%252C44809004%252C31080557%252C42532361%252C95322329%252C95320868%252C95320888%252C95321626%252C95322165%26oid%3D2%26pvsid%3D2136157868204579%26tmod%3D1610003442%26uas%3D0%26nvt%3D1%26fc%3D1408%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D8%26uci%3Da!8%26btvi%3D5%26fsb%3D1%26dtd%3D9&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fugeen.live&random=8812204725401&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0111a6e316&subid=&uid=7021ec7cb122f02d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCw6GplCKtZZK4FPD77OsP3cmzqAKm5b2gab2TnKfJD_AuEAEg3-2WjgFglYKAgKAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBOQBT9DPZS_n7HNjy4GX9U5Gn718s2R5TMxQOGg3rD4_TN7yD4gBG5kvpIoVAfOB4waVgGLyLb8EifcTzJsJIf2TdR98c84WFj5iHafNEgJu7uTgAOTpApjcZkPXvUMG7yK5N-rD_o34E4O1vk-1TZBcN12UiujPp1JT0BPpJYjzykzROY89KfSv0LdOeHvx6gOfD7ebFWsVrYr2TjkB4id4v47fEqMQdib2b-rx1q7DhSXlIG9WAw6L0QIxkWoDsn5aRxfiBlZruwR_NjoFd_Q3tOq-RU1SDdwj_hODEI2i_N7l3rVYwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIbhhqfR7oMDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_of3BIFI_D_Qhau0-8xBxfB0jZQRks0-9Mdp9SVnYE3is61a4s59jeGHRyrYtAK7G6-EfJu9uTBgB%26sig%3DAOD64_0Njv_Ydp369ZBTOnZbH1KXLbKT6Q%26client%3Dca-pub-3252277975094311%26dbm_c%3DAKAmf-AoV4tyzfPJeaSkVYTXtoDf9HQJsR7pb8A3C9xWlmfmQrnmcTnXeWyEQqPIelxmzo5y4i1hW7-WNSobi0vqRYVSAaatUCEq2wQ62QXs1FcBWS0BloxOutaF18IRMnvNq315VoaAlEwuZmCnovautgA-NgGMAs0fePQRk_yoO-3_VfqRx7c%26cry%3D1%26dbm_d%3DAKAmf-Ato433Idr8TGGajRIp8xqRXzHtH6qwUp1ILcUGCsDpAR0jZP-E_pjonxiHItwQmu3KMC--cbJxakG3AXeg-JV_-i4_Pn1AiRoCH_DNVFYgh7yr5v1lv5mJpVQfuXNYamn_tUHY2Re_Tu5PvkT8PKBMDa9QaKrfDrazZYNIqLSF5JlwXacnLSumodluPwOTWF5KYqCpHAUbawxSIEYWtHYGn-f_MJTwloxNauOKHX1npE16ivPbEAN1nzb-o9v1tvFODX-WFrJCeFVBQWXX-MAQFzlHYyyuEnXawUz5S6n_e6EV2APCz_Ijqyxe7yd7-NLZfl0PqolOH-qpfRUP1ciild1IQFSKsj6IPHV4s1-csVo11d_uXhFOovXpo6O3s9CbndzcrrYW0cfluvZddPe7UFJ1Awt_799K7ewEf6jLsr9jG140jUZqQKefARDhckLFBsTg35n5ctaieSEUF2e8XAzuWqovAnHo897OU8QitSz8E4YvHfdFsuPmg3aZ_ZiRf3e2hCYP3miiqWbn8LQMenpHY7K9T82YaXzSwGDU5ycMYBQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3252277975094311%26output%3Dhtml%26h%3D280%26adk%3D1285909816%26adf%3D1541082835%26w%3D540%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1694075615%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D5107688672%26ad_type%3Dtext_image%26format%3D540x280%26url%3Dhttp%253A%252F%252Fugeen.live%252F%26fwr%3D0%26pra%3D3%26rh%3D135%26rw%3D540%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D27%26dt%3D1705845396158%26bpp%3D1%26bdt%3D1018%26idt%3D0%26shv%3Dr20240118%26mjsv%3Dm202401170101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D8ad64b83023ba042%253AT%253D1705845395%253ART%253D1705845395%253AS%253DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA%26gpic%3DUID%253D00000d45b11ffab0%253AT%253D1705845395%253ART%253D1705845395%253AS%253DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw%26prev_fmts%3D0x0%252C1200x280%252C1200x280%252C1200x280%252C540x280%252C540x280%26nras%3D4%26correlator%3D1975614699967%26frm%3D20%26pv%3D1%26ga_vid%3D633736644.1705845395%26ga_sid%3D1705845396%26ga_hid%3D18600395%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D245%26ady%3D2683%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D95320239%252C44759875%252C44759926%252C31080443%252C44798934%252C44809004%252C31080557%252C42532361%252C95322329%252C95320868%252C95320888%252C95321626%252C95322165%26oid%3D2%26pvsid%3D2136157868204579%26tmod%3D1610003442%26uas%3D0%26nvt%3D1%26fc%3D1408%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D8%26uci%3Da!8%26btvi%3D5%26fsb%3D1%26dtd%3D9&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fugeen.live&random=8812204725401&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 134

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3707813311086.461 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CKjF46fR7oMDFYVGHgIdg9IItA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3707813311086.461

Request Chain 140

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHHV0Kck8oTbWipNdGuYu-w&google_cver=1&google_push=AXcoOmQP9XXKolvIe_b8gIqqe_J011bvUI0FRK-KSilK3ia6_WzoHB9bCecXOgJMC1-Gj_vizAZ0Lq85AkQKXHRAJkLEbBs0OTnzlff8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQP9XXKolvIe_b8gIqqe_J011bvUI0FRK-KSilK3ia6_WzoHB9bCecXOgJMC1-Gj_vizAZ0Lq85AkQKXHRAJkLEbBs0OTnzlff8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHHV0Kck8oTbWipNdGuYu-w&google_cver=1&google_push=AXcoOmQP9XXKolvIe_b8gIqqe_J011bvUI0FRK-KSilK3ia6_WzoHB9bCecXOgJMC1-Gj_vizAZ0Lq85AkQKXHRAJkLEbBs0OTnzlff8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQP9XXKolvIe_b8gIqqe_J011bvUI0FRK-KSilK3ia6_WzoHB9bCecXOgJMC1-Gj_vizAZ0Lq85AkQKXHRAJkLEbBs0OTnzlff8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 142

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEI40B3n2bL7hUeGAgVqEuc&google_cver=1&google_push=AXcoOmSQIBEgw2tqd7uyXpcQkDZSpY2ElzBSNjXMLwdBLP_nZ5LJDICqlKMqOO5_lAaJ38SGFWkB1j3y0ctReFkk3nS9mV3TeT0FWMoX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSQIBEgw2tqd7uyXpcQkDZSpY2ElzBSNjXMLwdBLP_nZ5LJDICqlKMqOO5_lAaJ38SGFWkB1j3y0ctReFkk3nS9mV3TeT0FWMoX&google_hm=eS1rQkxaTFRKRTJwSFByQzhiUkVXZmZVTTRsVi5UeG9MbH5B

Request Chain 143

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECJkYc5LpnSFro6b-JmE_0g&google_cver=1&google_push=AXcoOmQ1Ci2KDvIHLAU8BpzqH57QqXDTlle-edbRvBNLsrLUV19svOqDngdJzpCGFTsQG1AqBP05iE_LorbguYLTWS8FFAUzNXc_tlLZ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECJkYc5LpnSFro6b-JmE_0g&google_cver=1&google_push=AXcoOmQ1Ci2KDvIHLAU8BpzqH57QqXDTlle-edbRvBNLsrLUV19svOqDngdJzpCGFTsQG1AqBP05iE_LorbguYLTWS8FFAUzNXc_tlLZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDEwODkyNzQzNTE5MTY0OTc2MQ&google_push=AXcoOmQ1Ci2KDvIHLAU8BpzqH57QqXDTlle-edbRvBNLsrLUV19svOqDngdJzpCGFTsQG1AqBP05iE_LorbguYLTWS8FFAUzNXc_tlLZ

160 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
ugeen.live/ 28 KB
6 KB 109ms
51ms Document
text/html 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e917df2997dffb4b8da5b69204de7ce4c3b0b26ae74e204d57c362776dd8653f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 5955
Content-Type: text/html
Date: Sun, 21 Jan 2024 13:56:35 GMT
ETag: "6ee2-604c0b74135c0-gzip"
Keep-Alive: timeout=5, max=100
Last-Modified: Thu, 07 Sep 2023 08:33:35 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 117ms
59ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3252277975094311

Requested by

Host: ugeen.live
URL: http://ugeen.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a503e21847c2e2d2b10e3e9c38b4df1f53b0f65b892a81b7fdce87e7400947b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ugeen.live/
Origin: http://ugeen.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:56:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51355
x-xss-protection: 0
server: cafe
etag: 17254302643915762175
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 21 Jan 2024 13:56:35 GMT

GET
H/1.1 200
OK minified.css
ugeen.live/assets/css/ 566 KB
88 KB 67ms
67ms Stylesheet
text/css 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://ugeen.live/assets/css/minified.css
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 05a444cd89bba5d454bacb98f52f5fc35c34b82e2448b1c4ccfc6d3e34ee0673

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 May 2022 01:45:24 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "8d75d-5deb29848b500-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK logo-dark-lg.png
ugeen.live/images/ 8 KB
9 KB 82ms
41ms Image
image/png 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ugeen.live/images/logo-dark-lg.png
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 367e5acd6ffe0f54a12dde449456be921b80b8aab4b4e5f1678bed2dc9e83c11

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Last-Modified: Thu, 07 Jul 2022 17:17:44 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "2155-5e33a4385be00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8533

GET
H/1.1 200
OK banner-shape-14.png
ugeen.live/assets/css/img/ 5 KB
6 KB 98ms
49ms Image
image/png 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ugeen.live/assets/css/img/banner-shape-14.png
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 97e91ae0c86331b4e0627dae7538b497b8acca155c46dba9f247c963e1f6f615

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Last-Modified: Tue, 30 Jun 2020 19:30:00 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "15b4-5a95233801e00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5556

GET
H/1.1 200
OK banner-14.png
ugeen.live/assets/images/banner/ 72 KB
72 KB 98ms
49ms Image
image/png 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ugeen.live/assets/images/banner/banner-14.png
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 2e6e751a7f3abb6b25f00261b68d1bad58e6fff3bf4769f6349a0c8b06a1283e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Last-Modified: Fri, 15 Jul 2022 18:39:53 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "11f76-5e3dc580b5040"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 73590

GET
H2 200 11640818482gkvrk972vur5eqdiyfmvl5ams8sxd9kbgvxvf1kdzxhxmd41v2nzmgwb1f5wbg496mj2zs0tykiwbg8vnoxrcpidybqolycmlt9s.png
www.citypng.com/public/uploads/small/ 28 KB
28 KB 609ms
294ms Image
image/png 69.48.143.108
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citypng.com/public/uploads/small/11640818482gkvrk972vur5eqdiyfmvl5ams8sxd9kbgvxvf1kdzxhxmd41v2nzmgwb1f5wbg496mj2zs0tykiwbg8vnoxrcpidybqolycmlt9s.png

Requested by

Host: ugeen.live
URL: http://ugeen.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.48.143.108 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3a4299e961ed4df56f6274443fa303881de665d9a0229ba67650eed09afa5b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:56:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 02:05:43 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=2592000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 28534
expires: Tue, 20 Feb 2024 13:56:35 GMT

GET
H2 200 1280px-OSN_2020_logo.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/4/47/OSN_2020_logo.svg/ 34 KB
34 KB 82ms
46ms Image
image/png 2a02:ec80:300:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/4/47/OSN_2020_logo.svg/1280px-OSN_2020_logo.svg.png

Requested by

Host: ugeen.live
URL: http://ugeen.live/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/9.1.4 /

Resource Hash

140c15e6eaba2ebe52b7eb934cf8c8ac1e16dd7cf31b2d5e62c759413cd6f643

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 04:52:27 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 32647
x-cache-status: hit-front
x-cache: cp3076 hit, cp3076 hit/55
server-timing: cache;desc="hit-front", host;desc="cp3076"
content-length: 34386
x-client-ip: 2a00:c98:2030:a004:1::13
last-modified: Sun, 12 Apr 2020 01:39:17 GMT
server: ATS/9.1.4
etag: ba28eb7fc79357fb704b91babb5dd850
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Mbc1logo.png
upload.wikimedia.org/wikipedia/commons/8/81/ 84 KB
85 KB 61ms
26ms Image
image/png 2a02:ec80:300:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/8/81/Mbc1logo.png?20121212132745

Requested by

Host: ugeen.live
URL: http://ugeen.live/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/9.1.4 /

Resource Hash

360c6224944e07de555ad2b67e086f4142119400b673053bb40eba9c8a79c295

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 12:21:00 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 5734
x-cache-status: hit-front
x-cache: cp3076 hit, cp3076 hit/176
server-timing: cache;desc="hit-front", host;desc="cp3076"
content-length: 85968
x-client-ip: 2a00:c98:2030:a004:1::13
x-object-meta-sha1base36: fcm5gz7hqy70k0gg4fczd1tatulr3jy
last-modified: Fri, 24 Mar 2023 19:30:26 GMT
server: ATS/9.1.4
etag: ab345e68051f442f6480c38eea44b05c
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftTeams-image-1.png
i0.wp.com/blog.shahid.mbc.net/wp-content/uploads/2021/08/ 3 KB
4 KB 28ms
6ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/blog.shahid.mbc.net/wp-content/uploads/2021/08/MicrosoftTeams-image-1.png?resize=453%2C143&ssl=1

Requested by

Host: ugeen.live
URL: http://ugeen.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

7f9eda8744e0639458885b5e181e5f7c9b63f696e179298d0927ea6c83a6cd7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:56:35 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 3252
x-nc: HIT hhn 4
last-modified: Sat, 05 Aug 2023 02:46:35 GMT
server: nginx
etag: "32ead25b47dc6427"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://blog.shahid.mbc.net/wp-content/uploads/2021/08/MicrosoftTeams-image-1.png>; rel="canonical"
expires: Mon, 04 Aug 2025 14:46:35 GMT

GET
H2

200

sports
adtv.ae/ar/
Redirect Chain

https://www.adsports.ae/images/loader.gif
https://adtv.ae/ar/sports

0
0

680ms
425ms

Image
text/html

20.233.72.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adtv.ae/ar/sports
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: H2
Server: 20.233.72.28 Dubai, United Arab Emirates, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date: Sun, 21 Jan 2024 13:56:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkktAdZq2yTpZWO8KwIOIYzGXdEYTkofaAO5E3W3Nh3ZOIHGjIdY7nvQpkPXqL62wb4FDZD0QxV69ID%2B37uzsj6Q6PG4OQM4rf8afO6JDEIVuHV3MewzxJ2pTV9dsD%2Fncf7HS0e5wmaoE8WvV0Q%3D"}],"group":"cf-nel","max_age":604800}
location: https://adtv.ae/ar/sports
cache-control: max-age=3600
cf-ray: 84900fb8e9b1b9de-OTP
alt-svc: h3=":443"; ma=86400
expires: Sun, 21 Jan 2024 14:56:35 GMT

GET
H2 404 20170615235609%21Art_logo.gif
upload.wikimedia.org/wikipedia/ar/archive/4/41/ 0
0 13ms
13ms Image
text/html 2a02:ec80:300:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upload.wikimedia.org/wikipedia/ar/archive/4/41/20170615235609%21Art_logo.gif
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
91 KB 68ms
33ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WTYH60WJYL

Requested by

Host: ugeen.live
URL: http://ugeen.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

772c85e2b8828dd7ca085528fa23a2b4892d89a62d6eca8af1d3273c92d8018b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:56:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93284
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 21 Jan 2024 13:56:35 GMT

GET
H/1.1 200
OK advance1.png
ugeen.live/assets/images/feature/ 46 KB
46 KB 41ms
41ms Image
image/png 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ugeen.live/assets/images/feature/advance1.png
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 3d994dd136355a1a2546daff0c2467c612931ed58079beb066201724623b137f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Last-Modified: Fri, 15 May 2020 03:15:14 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "b784-5a5a738c35480"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 46980

GET
H/1.1 200
OK advance2.png
ugeen.live/assets/images/feature/ 72 KB
72 KB 50ms
50ms Image
image/png 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ugeen.live/assets/images/feature/advance2.png
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 744e2b6895716b1bde2d3763c2d323575a9cf6ed98fb54bf5d971dad5d158497

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Last-Modified: Fri, 15 May 2020 03:17:46 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "11fab-5a5a741d2aa80"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 73643

GET
H/1.1 200
OK advance3.png
ugeen.live/assets/images/feature/ 66 KB
66 KB 49ms
49ms Image
image/png 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ugeen.live/assets/images/feature/advance3.png
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 204a2c4c04ad793783c6c379ba741e98235b5212fc4f6ffc3867e450ed6760da

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Last-Modified: Fri, 15 May 2020 03:19:06 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "10602-5a5a746975e80"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 67074

GET
H/1.1 200
OK top-shape.png
ugeen.live/assets/css/img/ 7 KB
7 KB 49ms
49ms Image
image/png 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ugeen.live/assets/css/img/top-shape.png
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 2521d4619bb73fff66d42c8778a4f1ea1707068032bafba301bcff0fbbca071c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Last-Modified: Tue, 30 Jun 2020 19:45:52 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1bef-5a9526c3e7c00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 7151

GET
H/1.1 200
OK bottom-shape.png
ugeen.live/assets/css/img/ 8 KB
9 KB 49ms
49ms Image
image/png 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ugeen.live/assets/css/img/bottom-shape.png
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a5bd7e9122f2a115c6f5e2cbce214c228138fcb8356011ff44db357297606264

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Last-Modified: Tue, 30 Jun 2020 19:30:06 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "2178-5a95233dbab80"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 8568

GET
H/1.1 200
OK 1.png
ugeen.live/assets/images/balls/ 48 KB
48 KB 50ms
50ms Image
image/png 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ugeen.live/assets/images/balls/1.png
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 6f94fd8391db91b1941f101f717771dab63f430fc404b71ba82de57f7eb756b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Last-Modified: Thu, 30 Apr 2020 19:30:52 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "bfc3-5a4871a47b300"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 49091

GET
H/1.1 200
OK 2.png
ugeen.live/assets/images/balls/ 26 KB
26 KB 40ms
40ms Image
image/png 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ugeen.live/assets/images/balls/2.png
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d7a348d48f2001d79aef197c051cd0dbedaf0adc472b0c5eacdb628ca6144790

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Last-Modified: Thu, 30 Apr 2020 19:30:52 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "66fd-5a4871a47b300"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 26365

GET
H/1.1 200
OK 3.png
ugeen.live/assets/images/balls/ 26 KB
26 KB 49ms
49ms Image
image/png 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ugeen.live/assets/images/balls/3.png
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d7a348d48f2001d79aef197c051cd0dbedaf0adc472b0c5eacdb628ca6144790

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Last-Modified: Thu, 30 Apr 2020 19:30:52 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "66fd-5a4871a47b300"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 26365

GET
H/1.1 200
OK 4.png
ugeen.live/assets/images/balls/ 26 KB
26 KB 53ms
50ms Image
image/png 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ugeen.live/assets/images/balls/4.png
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d7a348d48f2001d79aef197c051cd0dbedaf0adc472b0c5eacdb628ca6144790

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Last-Modified: Thu, 30 Apr 2020 19:30:52 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "66fd-5a4871a47b300"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 26365

GET
H/1.1 200
OK 5.png
ugeen.live/assets/images/balls/ 15 KB
15 KB 50ms
50ms Image
image/png 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ugeen.live/assets/images/balls/5.png
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e3f8009eb95731e0b8159bac60084539c2f2da8b90efc87e13e9b6da0225b2e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Last-Modified: Thu, 30 Apr 2020 19:30:52 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "3a24-5a4871a47b300"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 14884

GET
H/1.1 200
OK 6.png
ugeen.live/assets/images/balls/ 54 KB
55 KB 41ms
41ms Image
image/png 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ugeen.live/assets/images/balls/6.png
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b2e0227c591f03474b5e6041be14eb902e734b44be79921b2ba159c9cd5e33c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Last-Modified: Thu, 30 Apr 2020 19:30:52 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "d9ca-5a4871a47b300"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 55754

GET
H/1.1 200
OK pricing4.png
ugeen.live/assets/images/pricing/ 6 KB
6 KB 49ms
49ms Image
image/png 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ugeen.live/assets/images/pricing/pricing4.png
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 889ded6d6d03e23bc0472125dc74f6f109ccd91046ffcf5799d8682bbcaa82d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Last-Modified: Sat, 16 May 2020 02:35:02 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1811-5a5bac6d68180"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 6161

GET
H/1.1 200
OK pricing1.png
ugeen.live/assets/images/pricing/ 6 KB
6 KB 49ms
49ms Image
image/png 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ugeen.live/assets/images/pricing/pricing1.png
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b5113c02b3cb920278a8c91204cdcb0357e6b8fa3c5c38cf60abe56869cae843

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Last-Modified: Sat, 16 May 2020 02:35:02 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1719-5a5bac6d68180"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5913

GET
H/1.1 200
OK cate.png
ugeen.live/assets/images/ 5 KB
5 KB 53ms
53ms Image
image/png 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ugeen.live/assets/images/cate.png
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: dfc856b99962f9a9132804896d8240b0f79188b916e605dbd5c7d69e436230a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Last-Modified: Wed, 22 Apr 2020 17:29:02 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1310-5a3e477d6f380"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 4880

GET
H/1.1 200
OK balls.png
ugeen.live/assets/images/balls/ 93 KB
93 KB 49ms
49ms Image
image/png 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ugeen.live/assets/images/balls/balls.png
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 92221ac4ffacff934830a966f64e8371e0a337a368c6d9229cb95ef5378f825a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Last-Modified: Tue, 30 Jun 2020 20:30:50 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "174c8-5a9530d0eb280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 95432

GET
H/1.1 200
OK footer-logo.png
ugeen.live/images/ 20 KB
20 KB 41ms
41ms Image
image/png 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ugeen.live/images/footer-logo.png
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: de54bf9a6fd8abc31701dab33e46492149879232ab0e94b648533dedd3ad06f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Last-Modified: Thu, 07 Jul 2022 17:14:20 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "50e0-5e33a375cf300"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 20704

GET
H/1.1 200
OK minified.js Show response
ugeen.live/assets/js/ 484 KB
136 KB 120ms
70ms Script
application/javascript 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://ugeen.live/assets/js/minified.js
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 6d74204c00466716c94ca07ff51add71edf633eed089ea62d1591ca437f9bd27

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Jul 2020 09:13:46 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "78e20-5a9d668914680-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK main.js Show response
ugeen.live/assets/js/ 21 KB
3 KB 103ms
50ms Script
application/javascript 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://ugeen.live/assets/js/main.js
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e15a25a0857bd5142840e49c9c3991fbe97f248ccb21692d8d7c6051406294c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 May 2022 12:49:12 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "5509-5de93a2890200-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3129

GET
H/1.1 200
OK jquery.min.js Show response
ugeen.live/plugins/jquery/ 85 KB
30 KB 51ms
51ms Script
application/javascript 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://ugeen.live/plugins/jquery/jquery.min.js
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: cee7253a7bdd442858c69c3b3bc141caa51b79f59dc6d3be56c37a1a40877707

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Content-Encoding: gzip
Last-Modified: Sun, 04 Aug 2019 10:46:00 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "15391-58f484c0eaa00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 30313

GET
H/1.1 200
OK bootstrap.bundle.js Show response
ugeen.live/plugins/bootstrap-4.3.1/js/ 225 KB
48 KB 65ms
65ms Script
application/javascript 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://ugeen.live/plugins/bootstrap-4.3.1/js/bootstrap.bundle.js
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b2b23019880036b8da69b195b82dc6eced23bf55e1dcab7b748737fcfd046dfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Content-Encoding: gzip
Last-Modified: Sun, 04 Aug 2019 10:46:00 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "38224-58f484c0eaa00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 48337

GET
H/1.1 200
OK socket.io.min.js Show response
ugeen.live/js/ 40 KB
13 KB 53ms
53ms Script
application/javascript 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://ugeen.live/js/socket.io.min.js
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 29ab5ad3b743d5f7f3d87a618f471df31500f5c9e56c98bc0aba135d14c4c038

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Dec 2021 19:28:07 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "a19a-5d35c89dd7fc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 12552

GET
H/1.1 200
OK moment.min.js Show response
ugeen.live/assets/js/ 57 KB
19 KB 57ms
57ms Script
application/javascript 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://ugeen.live/assets/js/moment.min.js
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Dec 2021 22:28:11 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "e5ee-5d3af8532f4c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 18609

GET
H2 200 bootbox.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bootbox.js/5.4.0/ 15 KB
5 KB 36ms
17ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootbox.js/5.4.0/bootbox.min.js

Requested by

Host: ugeen.live
URL: http://ugeen.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1f1bc73d20b501f045d0e66bacc1f8d9b0a2026d1209506fe406882fbd5e6c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:56:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5995510
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4232
last-modified: Mon, 04 May 2020 16:06:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8d-3c96"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rx84C30H2YnZt6w5rITOLgIPFne83hVBhuKzqDpBdvgNyrDSM7qWLdRo2Gu7rNbxFeY8NLN%2Fp1UtwZr4v81sT9XVRFnjdB97DMNv4KUDakeWZ1yzrobAt9V0SEu4IaKyaB7gO6m8%2BrEHpPLAQHrcBl%2BO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84900fb7da91364d-FRA
expires: Fri, 10 Jan 2025 13:56:35 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 58ms
24ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: ugeen.live
URL: http://ugeen.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

40a77c47a61e17d7c8edd41de89eb651387c290281eaff781601d75d0fdf8fe2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 21 Jan 2024 13:56:35 GMT

GET
H/1.1 200
OK generator.js Show response
ugeen.live/js/ 5 KB
2 KB 50ms
50ms Script
application/javascript 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://ugeen.live/js/generator.js
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 0b8daff741137511f401f48520c7d8dbca91de8748e49825cf62b8a7546387b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Mar 2023 10:33:15 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1391-5f701fcfcb0c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1673

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/ 402 KB
136 KB 99ms
71ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3252277975094311&plah=ugeen.live&bust=31080557

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3252277975094311

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9709fa160be2cd3d56caed9ec695e543bad0b0202c511be0b7fd77e11befa945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:56:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139604
x-xss-protection: 0
server: cafe
etag: 7359031364551288248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 13:56:35 GMT

GET
H2 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame CCE9 9 KB
4 KB 52ms
16ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_inhead_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3252277975094311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ugeen.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 48473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4168
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 00:28:42 GMT
etag: 3009746639812436877
expires: Sun, 04 Feb 2024 00:28:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
885 B 59ms
23ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Tajawal:wght@300;400;500;800&display=swap

Requested by

Host: ugeen.live
URL: http://ugeen.live/assets/css/minified.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a278489b9861ef4bc6e5a0005666642e962d3c0954b6cdf791ebb199f2ea3756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jan 2024 13:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 13:56:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Jan 2024 13:56:35 GMT

GET
H2 200 Iura6YBj_oCad4k1nzSBC45I.woff2
fonts.gstatic.com/s/tajawal/v9/ 9 KB
9 KB 53ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v9/Iura6YBj_oCad4k1nzSBC45I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Tajawal:wght@300;400;500;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f56c2984babee36c5008ae3290384e27a63931814265ffe8ddda6a2fc38b41e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://ugeen.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 17:34:31 GMT
x-content-type-options: nosniff
age: 505324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8724
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:06:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 17:34:31 GMT

GET
H/1.1 200
OK Flaticon.woff2
ugeen.live/assets/css/ 4 KB
4 KB 64ms
41ms Font
application/octet-stream 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://ugeen.live/assets/css/Flaticon.woff2
Requested by: Host: ugeen.live
URL: http://ugeen.live/assets/css/minified.css
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: bb163f1fc3fe8e8e22bc4db5df679f3a2d5f9a8f69148f7df560c3c6ba927a1d

Request headers

Referer: http://ugeen.live/assets/css/minified.css
Origin: http://ugeen.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Last-Modified: Mon, 15 Jun 2020 13:32:16 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "e84-5a81f7486d800"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3716

GET
H2 200 Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2
fonts.gstatic.com/s/tajawal/v9/ 9 KB
9 KB 48ms
15ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Tajawal:wght@300;400;500;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f35be424a435340fa1b6bf36b2482ed2178092f777824f6b00f03cad010fd44f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://ugeen.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 19:18:33 GMT
x-content-type-options: nosniff
age: 499082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9032
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 19:18:33 GMT

GET
H2 200 Iurf6YBj_oCad4k1l5anHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v9/ 10 KB
10 KB 61ms
28ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Tajawal:wght@300;400;500;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00241262004f96088a827ad4c5d423dbbc0648224e1cd990e5e5ff8e912157c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://ugeen.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:55:53 GMT
x-content-type-options: nosniff
age: 421242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10584
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 16:55:53 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
ugeen.live/assets/webfonts/ 78 KB
78 KB 78ms
49ms Font
application/octet-stream 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://ugeen.live/assets/webfonts/fa-solid-900.woff2
Requested by: Host: ugeen.live
URL: http://ugeen.live/assets/css/minified.css
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Referer: http://ugeen.live/assets/css/minified.css
Origin: http://ugeen.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Last-Modified: Mon, 23 Mar 2020 22:46:02 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "13654-5a18d6647de80"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 79444

GET
H2 200 Iura6YBj_oCad4k1nzGBCw.woff2
fonts.gstatic.com/s/tajawal/v9/ 10 KB
10 KB 47ms
17ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v9/Iura6YBj_oCad4k1nzGBCw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Tajawal:wght@300;400;500;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b081f7bf790678b56a2c0502651d6873cbabc09e78fe40655df15f918b1e369b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://ugeen.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 07:15:41 GMT
x-content-type-options: nosniff
age: 456054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10256
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:06:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 07:15:41 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 45ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WTYH60WJYL&gtm=45je41h0v9141577445&_p=1705845395391&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=633736644.1705845395&ul=en-us&sr=1600x1200&_s=1&sid=1705845395&sct=1&seg=0&dl=http%3A%2F%2Fugeen.live%2F&dt=Ugeen%20TV&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=413
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WTYH60WJYL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ugeen.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK footer-shape.png
ugeen.live/assets/css/img/ 10 KB
10 KB 50ms
50ms Image
image/png 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ugeen.live/assets/css/img/footer-shape.png
Requested by: Host: ugeen.live
URL: http://ugeen.live/assets/css/minified.css
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 1e62d95f371db868a51e0dcd9278ee1fbb45a8d8641506714ec94cc00aded79e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/assets/css/minified.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Last-Modified: Tue, 30 Jun 2020 19:44:54 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "28c4-5a95268c97980"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 10436

GET
H/1.1 200
OK fa-brands-400.woff2
ugeen.live/assets/webfonts/ 75 KB
75 KB 51ms
50ms Font
application/octet-stream 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://ugeen.live/assets/webfonts/fa-brands-400.woff2
Requested by: Host: ugeen.live
URL: http://ugeen.live/assets/css/minified.css
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Request headers

Referer: http://ugeen.live/assets/css/minified.css
Origin: http://ugeen.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:35 GMT
Last-Modified: Mon, 23 Mar 2020 22:46:02 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "12b44-5a18d6647de80"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 76612

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 506 KB
204 KB 52ms
15ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ugeen.live/
Origin: http://ugeen.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 01:17:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 01:17:42 GMT

GET
H2 404 20170615235609%21Art_logo.gif
upload.wikimedia.org/wikipedia/ar/archive/4/41/ 0
0 13ms
13ms Image
text/html 2a02:ec80:300:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upload.wikimedia.org/wikipedia/ar/archive/4/41/20170615235609%21Art_logo.gif
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

POST
H/1.1 201
Created codes Show response
176.123.9.60/v1/ 2 KB
2 KB 118ms
78ms XHR
application/json 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to

Full URL

http://176.123.9.60:3000/v1/codes

Requested by

Host: ugeen.live
URL: http://ugeen.live/plugins/jquery/jquery.min.js

Protocol

HTTP/1.1

Server

176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),

Reverse DNS

Software

Resource Hash

683f7117f9c788fd13b921f2a56bdc68cb93a5456b53639a906366560ca2b22d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Referer: http://ugeen.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Sun, 21 Jan 2024 13:56:35 GMT
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 0
Referrer-Policy: no-referrer
ETag: W/"8e3-iMKO+BzhVY8tY2x1/+HsQ86ElF8"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-RateLimit-Remaining: 59
X-Download-Options: noopen
Access-Control-Allow-Origin: *
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding
X-RateLimit-Reset: 1705845456
X-RateLimit-Limit: 60
Keep-Alive: timeout=5

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DEE1 201 KB
55 KB 588ms
586ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&adk=1812271804&adf=3025194257&lmt=1694075615&plaf=7%3A2&plat=1%3A16777216%2C2%3A16777216%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fugeen.live%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1705845395293&bpp=2&bdt=152&idt=216&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1975614699967&frm=20&pv=2&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=224

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3252277975094311&plah=ugeen.live&bust=31080557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e141e0d3d2c6fdfb4371e5292e8c4687ef49f3f7c29d7099dcb0bac0fd72c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ugeen.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 56542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 13:56:36 GMT
expires: Sun, 21 Jan 2024 13:56:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 159ms
159ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=preloader&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: ugeen.live
URL: http://ugeen.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 161ms
159ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=preloader&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: ugeen.live
URL: http://ugeen.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B418 716 B
551 B 565ms
565ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&h=280&slotname=2757320077&adk=3885174689&adf=2959314990&pi=t.ma~as.2757320077&w=1200&fwrn=4&fwrnh=100&lmt=1694075615&rafmt=1&format=1200x280&url=http%3A%2F%2Fugeen.live%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705845395382&bpp=1&bdt=242&idt=141&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1975614699967&frm=20&pv=1&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=144

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bdc2c8336ea5e487f881de0f6c5a08bb9fb030b026cbca1dcb9e7ee8ab292b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ugeen.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 356
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 13:56:36 GMT
expires: Sun, 21 Jan 2024 13:56:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6DCC 716 B
531 B 462ms
462ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&h=280&slotname=2757320077&adk=198555541&adf=2936418766&pi=t.ma~as.2757320077&w=1200&fwrn=4&fwrnh=100&lmt=1694075615&rafmt=1&format=1200x280&url=http%3A%2F%2Fugeen.live%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705845395391&bpp=18&bdt=251&idt=143&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1975614699967&frm=20&pv=1&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2997&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=145

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4123500083a756c6cd68de36f9e8fda2df01b69033eb56b6821044fe53f6c7a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ugeen.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 359
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 13:56:35 GMT
expires: Sun, 21 Jan 2024 13:56:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 40AB 716 B
579 B 429ms
429ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&h=280&slotname=2757320077&adk=1987696420&adf=923060072&pi=t.ma~as.2757320077&w=1200&fwrn=4&fwrnh=100&lmt=1694075615&rafmt=1&format=1200x280&url=http%3A%2F%2Fugeen.live%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705845395418&bpp=6&bdt=278&idt=123&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=1975614699967&frm=20&pv=1&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=124

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84af555e7a8ea4846c4a9d477067de84fc6729ff6dc457a8caa9ec88fd025121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ugeen.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 358
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 13:56:35 GMT
expires: Sun, 21 Jan 2024 13:56:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame B936 45 KB
29 KB 37ms
36ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LexPvMgAAAAALN68SVJjCdXthMxNSs9Sp6Q4Pdr&co=aHR0cDovL3VnZWVuLmxpdmU6ODA.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=zbx2g4bv5on5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bce6310e0bb5103b74eaafe10e76c67217145d623474a0c2e12cdbfeb581fdeb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-N310dnQXlorU3SwLYk8ukw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ugeen.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-N310dnQXlorU3SwLYk8ukw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 13:56:35 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame B936 55 KB
24 KB 43ms
15ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LexPvMgAAAAALN68SVJjCdXthMxNSs9Sp6Q4Pdr&co=aHR0cDovL3VnZWVuLmxpdmU6ODA.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=zbx2g4bv5on5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 08:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 08:49:56 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame B936 506 KB
203 KB 41ms
13ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 01:17:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 01:17:42 GMT

GET
H3 200 KkWFeSURekXGycdprVC-UY6ED-ZF5ll2JCMiHhJE2Rk.js Show response
www.google.com/js/bg/ Frame B936 17 KB
7 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/KkWFeSURekXGycdprVC-UY6ED-ZF5ll2JCMiHhJE2Rk.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a45857925117a45c6c9c769ad50be518e840fe645e659762423221e1244d919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LexPvMgAAAAALN68SVJjCdXthMxNSs9Sp6Q4Pdr&co=aHR0cDovL3VnZWVuLmxpdmU6ODA.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=zbx2g4bv5on5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:38:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 447502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6842
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 09:38:13 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame B936 102 B
135 B 23ms
23ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f187dc8de7fe50f1f8825c3500b64080cc78ac39df7efd31a4b1bc562be9ca3d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LexPvMgAAAAALN68SVJjCdXthMxNSs9Sp6Q4Pdr&co=aHR0cDovL3VnZWVuLmxpdmU6ODA.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=zbx2g4bv5on5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 21 Jan 2024 13:56:35 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame B674 7 KB
1 KB 26ms
25ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6LexPvMgAAAAALN68SVJjCdXthMxNSs9Sp6Q4Pdr

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7c04cf712ee6dc3ebdebbc2fbee1aa27321d2cbcb72ed4fd120e3da30b9f9567

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-myiSEheHkW0EsCpz46H70Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ugeen.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-myiSEheHkW0EsCpz46H70Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 13:56:35 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame B674 55 KB
24 KB 13ms
13ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6LexPvMgAAAAALN68SVJjCdXthMxNSs9Sp6Q4Pdr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 08:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 08:49:56 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame B674 506 KB
203 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6LexPvMgAAAAALN68SVJjCdXthMxNSs9Sp6Q4Pdr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 01:17:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 01:17:42 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame B674 20 KB
15 KB 62ms
62ms XHR
application/json 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LexPvMgAAAAALN68SVJjCdXthMxNSs9Sp6Q4Pdr

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eab1fcf2637c8b3e380ff8a62b643c50667f9c320f9aa4a86117e70565b89722

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6LexPvMgAAAAALN68SVJjCdXthMxNSs9Sp6Q4Pdr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Sun, 21 Jan 2024 13:56:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 21 Jan 2024 13:56:36 GMT

GET
H/1.1 200
OK banner-bg-14.jpg
ugeen.live/assets/images/banner/ 251 KB
251 KB 55ms
55ms Image
image/jpeg 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ugeen.live/assets/images/banner/banner-bg-14.jpg
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f4bfde006b324199e07bb1f67ddbdeed1398be1e80d272f6a960b2374910071e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:36 GMT
Last-Modified: Sun, 31 May 2020 02:33:36 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "3eb5f-5a6e88154e000"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 256863

GET
H/1.1 404
Not Found pricing-bg.jpg
ugeen.live/assets/images/bg/ 272 B
272 B 56ms
56ms Image
text/html 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ugeen.live/assets/images/bg/pricing-bg.jpg
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: ff0c56929b8924f5a0019f7bdcfbfdab89a0afde8d31dc714ea2d21f5c8b072f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:36 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 272
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 71ms
71ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39099c7e5f88d09d086700b420924613d5b819a4b63cc8ff46bc65237a1ae2f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:56:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12243
x-xss-protection: 0

GET
H/1.1 200
OK footer-bg.jpg
ugeen.live/assets/images/footer/ 91 KB
91 KB 57ms
57ms Image
image/jpeg 176.123.9.60
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ugeen.live/assets/images/footer/footer-bg.jpg
Protocol: HTTP/1.1
Server: 176.123.9.60 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 019cf25316500c4466b5a357c6c879e3f5ba83a8a62ceddd0e34f2e75b625134

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:36 GMT
Last-Modified: Wed, 22 Apr 2020 04:40:18 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "16cde-5a3d9baa29080"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 93406

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/ 162 KB
55 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/reactive_library_fy2021.js?bust=31080557

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5532b8738489a7dac0f1f83979ee1427fb9de01c01c513442ed750fb899682c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:56:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56356
x-xss-protection: 0
server: cafe
etag: 11259446937415418930
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 13:56:36 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame B674 600 B
624 B 18ms
18ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 10:50:23 GMT
x-content-type-options: nosniff
age: 356773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 24 Jan 2024 10:50:23 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame B674 530 B
554 B 21ms
21ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:43:45 GMT
x-content-type-options: nosniff
age: 771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 28 Jan 2024 13:43:45 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame B674 665 B
689 B 19ms
19ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 10:50:23 GMT
x-content-type-options: nosniff
age: 356773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 24 Jan 2024 10:50:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B674 15 KB
15 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 224980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B674 15 KB
15 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 17:34:06 GMT
x-content-type-options: nosniff
age: 505350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 17:34:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B674 15 KB
15 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 495545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 20:17:31 GMT

GET
H3 200 W6ySMI_EbF4NJqhzNc9p1_hu4s5xL3ZDxE1cNPsDaUQ.js Show response
www.google.com/js/bg/ Frame B674 17 KB
7 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/W6ySMI_EbF4NJqhzNc9p1_hu4s5xL3ZDxE1cNPsDaUQ.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bac92308fc46c5e0d26a87335cf69d7f86ee2ce712f7643c44d5c34fb036944

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6LexPvMgAAAAALN68SVJjCdXthMxNSs9Sp6Q4Pdr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 243694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6901
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jan 2025 18:15:02 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame B674 49 KB
49 KB 28ms
28ms Image
image/jpeg 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFcWeA6pt_Y109kcpWXRqBDW9gsO3ysSkNOuTTDAUemERUeSExIA52a_rx9kJlO1p6tNLSzx9R5WQFuRZhZhoVZI2X2tCVofVqOQ5OwEpjhk-P45J7I4nkDvNTCWn6OV9_zcgyGMeqzBPZhgLhar9VW8KRKbeK1dK2zrNPTFfYtdjVkjvoQm9h3W-SyksTeJhHqw3vCZ-MxtHZrNWS9ZRwn8oMoct4F6og&k=6LexPvMgAAAAALN68SVJjCdXthMxNSs9Sp6Q4Pdr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b50e01ea068a4c6d1159d69b8893dc89f5aba1f4048bcf79ab83ee9fae5cbca5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6LexPvMgAAAAALN68SVJjCdXthMxNSs9Sp6Q4Pdr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:56:36 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 21 Jan 2024 13:56:36 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 13A9 436 B
238 B 462ms
462ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&h=280&adk=1285909816&adf=3457087865&w=540&fwrn=4&fwrnh=100&lmt=1694075615&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5107688672&ad_type=text_image&format=540x280&url=http%3A%2F%2Fugeen.live%2F&fwr=0&pra=3&rh=135&rw=540&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1705845396158&bpp=1&bdt=1017&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ad64b83023ba042%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA&gpic=UID%3D00000d45b11ffab0%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=2&correlator=1975614699967&frm=20&pv=1&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=1377&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc7446fd8047950c9b180ec24094c4a71a20ea1edbc04b80c8ae60f6af7c1e19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ugeen.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 13:56:36 GMT
expires: Sun, 21 Jan 2024 13:56:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 57EE 436 B
238 B 419ms
416ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&h=280&adk=1285909816&adf=1609839804&w=540&fwrn=4&fwrnh=100&lmt=1694075615&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5107688672&ad_type=text_image&format=540x280&url=http%3A%2F%2Fugeen.live%2F&fwr=0&pra=3&rh=135&rw=540&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1705845396158&bpp=1&bdt=1018&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ad64b83023ba042%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA&gpic=UID%3D00000d45b11ffab0%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C540x280&nras=3&correlator=1975614699967&frm=20&pv=1&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=815&ady=2012&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6963b1f4656ae6bfa71c4e7eddbe9842c2b46e5289bf1ec11a92929cff29da45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ugeen.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 13:56:36 GMT
expires: Sun, 21 Jan 2024 13:56:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 169B 31 KB
13 KB 808ms
807ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&h=280&adk=1285909816&adf=1541082835&w=540&fwrn=4&fwrnh=100&lmt=1694075615&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5107688672&ad_type=text_image&format=540x280&url=http%3A%2F%2Fugeen.live%2F&fwr=0&pra=3&rh=135&rw=540&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1705845396158&bpp=1&bdt=1018&idt=0&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ad64b83023ba042%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA&gpic=UID%3D00000d45b11ffab0%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C540x280%2C540x280&nras=4&correlator=1975614699967&frm=20&pv=1&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=2683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8176c60f38da0ee859b28f53d4a537ebdd9be21be3804f5d520f24ad940d875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ugeen.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13456
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 13:56:36 GMT
expires: Sun, 21 Jan 2024 13:56:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 118ms
55ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:56:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 13:56:36 GMT

GET
H3 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame E75C 9 KB
4 KB 15ms
14ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ugeen.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 46081
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4168
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 01:08:35 GMT
etag: 3009746639812436877
expires: Sun, 04 Feb 2024 01:08:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame E75C 4 KB
767 B 22ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jan 2024 13:56:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 12:54:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Jan 2024 13:56:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2306 14 KB
1 KB 22ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: ugeen.live
URL: http://ugeen.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jan 2024 13:56:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 12:21:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Jan 2024 13:56:36 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 2306 2 KB
875 B 65ms
43ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: ugeen.live
URL: http://ugeen.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 18:28:59 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 2306 23 KB
9 KB 49ms
28ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: ugeen.live
URL: http://ugeen.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 18:28:59 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1EBE 143 B
166 B 16ms
15ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: ugeen.live
URL: http://ugeen.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1096
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 13:38:20 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 2306 3 KB
1 KB 47ms
27ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: ugeen.live
URL: http://ugeen.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:38:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11863
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 10:38:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 2306 20 KB
9 KB 44ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ugeen.live
URL: http://ugeen.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 18:28:59 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2306 206 KB
65 KB 138ms
54ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ugeen.live
URL: http://ugeen.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:56:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jan 2024 13:56:36 GMT

GET
H3 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 2306 37 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: ugeen.live
URL: http://ugeen.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 17:10:43 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame E75C 16 KB
7 KB 65ms
47ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 20:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64543
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 20:00:53 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E75C 205 B
229 B 15ms
15ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 09:40:51 GMT
x-content-type-options: nosniff
age: 360945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 16 Jan 2025 09:40:51 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E75C 604 B
628 B 16ms
15ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:39:38 GMT
x-content-type-options: nosniff
age: 231418
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 17 Jan 2025 21:39:38 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame E75C 22 KB
9 KB 67ms
50ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:42:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 18:42:53 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1EBE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

24ms
24ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 13:56:36 GMT
expires: Sun, 21 Jan 2024 13:56:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 13:56:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3C49 13 KB
5 KB 25ms
24ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ugeen.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 11864
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 10:38:52 GMT
expires: Mon, 20 Jan 2025 10:38:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 17D7 829 B
557 B 25ms
24ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cfa85c4c1c1e432605b927f0ea284637413a0003c7d01ca3fefee251ba3ee3f9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lLicQZh3HNTPReSLa1yg-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ugeen.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-lLicQZh3HNTPReSLa1yg-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 13:56:36 GMT
expires: Sun, 21 Jan 2024 13:56:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3C49 39 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 12:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 12:30:21 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 17D7 0
0 195ms
195ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240118&jk=2136157868204579&rc=05APYnBZWG-iNhaefIDzYl63uxRbCX4CJ_IUnjjATMkWV9Gz5mmikDPPixsMVi1_CSSteahSGSoFANQKaQFNfxMihaUspUy0NeiIxxQt-BXbUcoyatG0KVjm4uNibtMcGWiX3iV_JyBLQNlJHYjGqdHccj3rSTIig3DHvb9-ZJkdtv
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3C49 0
10 B 24ms
23ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?17bmbw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:56:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js Show response
pagead2.googlesyndication.com/bg/ Frame 4A5E 50 KB
19 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js

Requested by

Host: ugeen.live
URL: http://ugeen.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:23:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 387158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19642
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Jan 2025 02:23:58 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5C9B 624 B
242 B 53ms
52ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVBGNwoLsEIcA2ZOLVbKbC-aChsMFtcj2K_iSrNTb64aZIxjyYGGpy1azpbsuT-FDhvT2TiGK4fntWrXuoPuYkE921pnROjQnEC9xltftUH6-BYIQdgu0GaZOq_UwsHWNVFcoZGq2VwB8Cy-HtKUWXLLPkYRXYFoJVEcSQl269mqiTlnn0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&h=280&adk=1285909816&adf=1541082835&w=540&fwrn=4&fwrnh=100&lmt=1694075615&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5107688672&ad_type=text_image&format=540x280&url=http%3A%2F%2Fugeen.live%2F&fwr=0&pra=3&rh=135&rw=540&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1705845396158&bpp=1&bdt=1018&idt=0&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ad64b83023ba042%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA&gpic=UID%3D00000d45b11ffab0%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C540x280%2C540x280&nras=4&correlator=1975614699967&frm=20&pv=1&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=2683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&h=280&adk=1285909816&adf=1541082835&w=540&fwrn=4&fwrnh=100&lmt=1694075615&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5107688672&ad_type=text_image&format=540x280&url=http%3A%2F%2Fugeen.live%2F&fwr=0&pra=3&rh=135&rw=540&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1705845396158&bpp=1&bdt=1018&idt=0&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ad64b83023ba042%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA&gpic=UID%3D00000d45b11ffab0%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C540x280%2C540x280&nras=4&correlator=1975614699967&frm=20&pv=1&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=2683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 13:56:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 63BF 89 KB
31 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:56:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 13:56:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 63BF 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:38:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11863
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 10:38:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 63BF 20 KB
8 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 18:28:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 63BF 0
0 22ms
21ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWRl9r9csqt0cJ_RCPzZYfStBILhOA46K9hytNGUixNVEYUfj2_M_Uw8FjVxDsrzHiazi7_45DZzHWdSSlHwWY-jvx8Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&h=280&adk=1285909816&adf=1541082835&w=540&fwrn=4&fwrnh=100&lmt=1694075615&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5107688672&ad_type=text_image&format=540x280&url=http%3A%2F%2Fugeen.live%2F&fwr=0&pra=3&rh=135&rw=540&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1705845396158&bpp=1&bdt=1018&idt=0&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ad64b83023ba042%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA&gpic=UID%3D00000d45b11ffab0%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C540x280%2C540x280&nras=4&correlator=1975614699967&frm=20&pv=1&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=2683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 63BF 206 KB
65 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:56:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jan 2024 13:56:37 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 63BF 42 B
63 B 159ms
159ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CeQApgHAPVCNrLDCxrMXs5kf_3OT3LQsL1BZJnEK9SFStlF1gWBD9gF_Y71Lfcwb0OXn1eTQylRIXXWO4Y0ztaSOTph-pTILUZ3M80BCATzvE4pTg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 165ms
165ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240118&jk=2136157868204579&bg=!ZGelZyjNAAa8BdJLnAU7ADQBe5WfOEkwUVR8nWoLCGrO3pKffxAT7pK6jqFlCcfOFFo7AAe9w84dGZCih7uO2YpmWQ9AAgAAADFSAAAAAWgBBwoAVUJ4IJdySHAR6saLsXQ2D-bqSOpXbu-ejd1w9_OJIuH-MGaDsm3Zxf70MOnz7---5aKN45jNJkM-4gKl6Co32aRwIodPO14skJXQV559M6IA06Kh8cyZArOtANySpGhTwB0OQtuhXeD_9XP9CQwsdsM9eS3vuu2kybAc3XQrlHxeU3kWrWw5GBRQIMin6Rewtnq7IhXJ47besZTaSzltFAkjKk1NK1JWjdvBCDZ2u2dz7rivQ0oxN5mHNwD0T9GKrsgPqf0Xbfsaa3DmhuwATpuWq_t7qqQjDtDTFG70TbbBMt23LxKvMLG2jO0t-LYZZHwN6qWOEnn0pi3DgdoMPp4XAI7DKCKd8VHco9DekeOFBuJ6aLlniD97w649uLkf1W4TjUtjXXaVTTQwbIVPLOKSEjk248Ak_pX0GuC6o6cDsixNdar3ASSOmPQpSR2WLKFgk-T0qeHZJ7WNItVMTbBPitSvg_uwioy-Ecb-8mrXru-X7R598AWqEdduDKogImWkhX8C5wvs0M5U5YCrWbJ3BQl9EmFD_BTA0NqekcPHSOz-B2rhIv_yT11RY0Et9EjXnTOIh0-96JgVGfyGpFMTNj4fTk2TfpH5hYX-oCVnLuZB490vd8Zx9rpH7OTJ2XxfOvxyiNbSYAOBzlO93sfY72TNFoOcnpOdY53fHS0ZhXQm6cIbIcad9_sNxQVD0FU8X79kb_CRTtslJOSHWQyYJ9MxUoVqS2KAes4T8T2bEKX_jVU-aAMMfqDy3r36Fri6UdtBu-1Jul8GQ4YD9ezKI6L7yz9WisBiAxYRokhTb5d6-mv7dTZxQDhfvkN77b9Z07xeqWfNJTpaM7z-HjBwD5qiMcK8n_SjRKbPddSN410KxwVNZYULrWlJRAiVxQwhFmfxprEprG5YoSRzk60gWlX2EmMXddBYMqM-aLtU0zRnHw8uQwn0ieEjgpB0UEARc4tgmSODVk7bs-sD9xmscuWtmKoRJiatdi0yonXcnEb-6HkUn5zGV0WLSN0yW1hzNd65G2kBlHUs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ugeen.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 63BF 0
20 B 158ms
158ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=45848010310&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 63BF 0
20 B 159ms
159ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=45848010310&version=m202309260101&ct=77&x=1&cor=9220466314434337000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 63BF 20 KB
14 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A03EZNWbLFC9AnaJtTYxKcLFC9C97SBJ7qS83GVhCB21GB7M7E917ulQoEbkzLRA5fsHED_OkazF5BPqOw3t6ltQ_gCTww4zVPHwMkibDNXDval7fYwDJd7FkVg9I_KRdMy9k9xx73n5ie07feMLMCp0Dz6Cen2oinS2GLl6ZGQ-5ZSyw&cry=1&dbm_d=AKAmf-AUX6QWwCLbhv24mOaGWtLCs6dhgAZ9YxnvElPp-pdbtnNbHAlKhC4HmbaHsOlA8j8BND-vt67q25WR6gSjTLNkg8_ZDGgvkx-OIJSTK5Q0g1oDIhE8ewQ2wPBAz7PO7i-_Zzy4ej4aq82NjjBRbZpVmc-l0rUqel_qLZq-cFmAwJ5lM5cB4ujAl7bS8nf3DLE7yioVYNjaGE89JUmFrlSaDMUE5LwSgqGoH9vDZT6ZYx926ek88r67b3x2tFc5RKjaGTP5rgw7gomtR_8jFAOLy_E_fvZvJBWu7yrX_aCtU3NZVN7tvXIAkmPPz-Y6IwcaTKDy_-uoL8LoFLCMg3NVcqJ-mrtbstN5BHGj3BeV8_8d_545yh8GPB5Y2XTOL5giiyFwcJ9G8xtQ8ZAFdBJZWYyax791JRrZQywSj0qXpVfG2tNCLtg_NwHCKtdzuRpVTTHW3OP-JRO6JsTvJwYag8m_oCoMsmr-oz-6mPm0wS0NCtRDUInHsh7hn6FRo3I3OT_YoKskcaNinsn6mU47i84jp_jwSvO5B-_QE4Uy7jQyY-spG2WMOWQtMgmU_ItdIkPSVMKW6tYqTzMzkBnbWl80uJJqA36aK_dGsiUF68WW27VwWbs5PKY3WO4eYhcicTsAkw3mUDPaIlZrBtmaheycpoAtW7McRuR6zeWWCfcAapNkW4ZlkzLSERpWk7k7VPcBDrzPewaQgy44yxvtbs7krUQzrsP47CbEjMsXPahROTZo6Q95Vb47_GqttuvZiGpFdNO6QPW_GUnttFu6qhqyesIc55T4vT7-zDpTHNveQ0LO2Ea16WPZhGfPZLRPBUxEuR7qBSaIkOuBL1JOv2eRexHAS0z4nSXy3kBUZOmEX9aef8AgYs3kVITgDpzkoHFWtxfz0Vvt4V7UarJwQOLbvooEMJvJUD6Opr46II7-AV_Alo_IVT3U3_IouAvExI9WFNrd1WtO0Ep6ne4Cjzcna34ncMykNXfW8-kGoSIa_wz9PXv5V-5AEifTHYjrpexQjyuV1rmKbnMxKlr1Bv4IwnKQIdCfTf3Vu6sFMki2J2ITJ3uSxOwF3P0K9UOUGt-d9ifCpWoyIyZXDlVWGra94jFYIybAXbshGjIsM4yOLKBnaye6ZhTSu4um6JwskXpuM9b0lTlMcrbDjQmsHmNhbTt3Rd-LOEMtpSzMtb_Aumh93YgYKh1uD-IDX9V2sxED-OCWmVRO3xFsivcicY1YRAweI7ZF3xgIGEpajs09JI1bMDiZdTgn2fNG_wRx-lS24Dv7Cw6Rrboi51s7MJntfXuw4TASMZqvIjG5mWAGIcMgZ_jHSSe1ZTSq3-UZUHjaPcj8nM_qY7gqaeSKCoC3iAhJNsM5gHensKyfOa0DQ3SL4demgjf93ZRmaCFB96sMOWG6y0FPT7pNok6uX2nL1HOGuTVamSVVkDgvnk6jiEgKSFNVoEZM3vbH5LaPNehqqmUgCYN4yilhHVAGpsXIgILXV0rIjQPpyiSK5kOT23K4KED5-d34rldwm1w3vMNkFz9pAmz4j2BnIsE9qMXJnBrTlH_Wr7_tVKyHyioUZ1YlCtWfzOktcI0OgoJsSu3yLyK7lEvqQ-VLnBqTqlosveZHtO6UWaAgHvYWpqREVGbK4kzc7IXeou3WzTjoCch8vKO25j0G7W1ceAml6hjslsqOKQtiF1OSFqYDrcwZxr_QC-DWQqkWBruWb1Y0xsiCJAexCcnqkqIZ4lVbfbNc0bp3REumXQrjZXQE8t6ucU5aa48Ku0GFM0ZnOtEPRdLFt9FU4AukLVJ0K8t5qfmvdSfRcNH6bdjh8UkUzVe5MOjDj3SjWY_jqwhLeQEWDyJPfb2ELwM5LMZoaR7_5TJbBaeAkh9CeRk_1naxa9NmwXNnmkEXUczVxKVX4sqYec3tCECwxCMPtXEPFqodu45T32OHanTz89GjqxkIvYHSANvCt7aGB_4EZi3AH-T-C_O9qjNHHE248I8xuPYx8j3xZ0610LGvZVwANxvlBvxA1X1iA_5GXYLDnf0fPOaDLokBDixpcgZi8xy_uT-Z4_kwMLWh-VH8vW17XclwF6BiAKx_ayWghEcFMFrADD5CO6i_CBRvo_kswIUFiGXfs9BvYiRhsmE5iQTj87JELkx08mkpOS2CqqJatjo_v_lDjAwBn_krFozT5VrTBY8Q2S8KdEwFg-9tDqyT9gQZsYnnN1nfPVZRBZIG_WlejsSZsihT8lMaEl1WUUFz8vWX3HD40DRgf5Od3d8SqKxFXzco02zVqIXYj72NWjs2zwTA98fA9jB1j9T7LwWEQEAcjij3rkcn94Q4NhsUfSbEvXekLqhpaKxVPSmB65Hn6n5FtXZZC7FNyJao6botzoX7UPoq5wwSh8zvcLdGRYnPmy0kqT2Tf9HQvVQLRlonQzpa9KUM_yyb4D0gT0X0eB4y3YhBu0TpoUIn6UEWblTU5TQRb-sKNUoKqmm19DBHi_w390ysHrckiD8J2k0-Qc-4lwAqoDkb7_tFnUMRds_JEz5J3jsfm3EVaSMJGss7esVBrmyhdEMbCIBfR_pDzMOdmhKsDiqZDYa10UQBXcEH0_artlniVm9A_Bqz6QR_R5m6r_pfnUuBcgFfESxeNen9nG7WyA13DB2b8gfdVdyfCcOZFXM-Q1frVbKxhN-xaaUkdJNoJe1AAIUNltYVTbyo5hlpvvjzvxbC0DlQ_vFltLC-bht3SnzoK6glCkhchZiJ0PY-JMG4DuwxMt5HiIhI6xDZCJlAnM-QbUep4jZGhFC9R1ELeQu7biVbunG9KklpJ9MQLAF-NaNMDfRUPA_yod-QeGAfM-wd_4PTnIJt5hXOPySIumaBmpZGrFh0c1nLMMha5tPYRtrsCyK-psztcPeredn_v_M_1TRSKjLjGxS9rd6VlyZOoeHw6IKoM21L00I9CXTpXanjMVTDbMqy89ipQiMV718qsQ5HGOJCZHnSe_evqhbptJeQ9_Jt6lw_qEwgVuuaHKb6xaiAEnq4CwzGLzkusyoLapndd-m-l7G8v-k8gkuymLip0pxcrtCa1Jyh24upHtyJuu_poGIVI58WXqUb8FPr7VGYctOISROZQPgEhfU22r1bqUHcpLoUuHGEDjLcSxe2H8gzHb9NRS2ghg8zMr4_96aujuRzd4Qhhx5eQ4RbiLSJSR2Db4SJ8EZhcBB3pflamkbETOiI7A4eQi2JI23d4AOPgydfovWjsdnN11KKKaOFuHwkpLMAijzhhr0BGZZLq_DdrKrSDJXbPg53Cdn7P9x5g5divBGew55PCG5DitkuU3mBPT1oB1IoJWAvQL27C6dVZxjfrDM928QW2r6tqKtfz0bHYT11DZsQDFV7bo3NCWAlBpLBru2YTjq4d5dUg3x8GgqmmPVR33GMX2zXUkUASH4PC03Y9-inVf8gXFf6HknDKqyFb7Q3cAMclxQiUGIAZFQlhXlJN8Ra0a2kGjoOTUSpjyWBZZ1qeXlAckjW-ypaKX09H20bme-CILvV1S7NTT0dsnG3gxyH0sv2ZbhtiFDkMkwJ9HV7QlRdnqwDw4hSrYH0UULlJ56FdaqgttWK_KCROXtTa2ZxBF4PLO8SwnbTbE3FLWMlV4Dvmqe_U5DHs9PkOs3OnIl-Am8Qaup-PKRStr4-MogDCFAaYIfkgJIAxw2VoWSoJZjPsNzRC81SqdAN9J8Gj2vRwvc7fu4T_9VQyO-uoJfJFvcojVEI5FsXlRkxoLLVhc9viEcQzd98bbM5oFT1_TMhYn_JBvp20Ctlt_Z9MqS3zodfuXnVN4LHtJpoRkYbgDsSGDVzY_KChExvJKEs7QjARELtTzLuOviXtta-OKylgjsv-kLZ0nvy4NHyiIA3EG2zbXgUJnBXApHVF4xcXNgnVx9skwomj7tidlTbeA&cid=CAQSPAAvHhf_of3BIFI_D_Qhau0-8xBxfB0jZQRks0-9Mdp9SVnYE3is61a4s59jeGHRyrYtAK7G6-EfJu9uTBgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fugeen.live%2F&ds=l&xdt=1&iif=1&cor=9220466314434337000&adk=2935317966&idt=92&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97bc35d519ab4b3bed09a0608d83d14bb37e36aba28f28745b93eba0facc09e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&h=280&adk=1285909816&adf=1541082835&w=540&fwrn=4&fwrnh=100&lmt=1694075615&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5107688672&ad_type=text_image&format=540x280&url=http%3A%2F%2Fugeen.live%2F&fwr=0&pra=3&rh=135&rw=540&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1705845396158&bpp=1&bdt=1018&idt=0&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ad64b83023ba042%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA&gpic=UID%3D00000d45b11ffab0%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C540x280%2C540x280&nras=4&correlator=1975614699967&frm=20&pv=1&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=2683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13845
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5C9B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoWIiu0pNjRICyuFRZqfz8&google_cver=1

43 B
765 B

35ms
35ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoWIiu0pNjRICyuFRZqfz8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVBGNwoLsEIcA2ZOLVbKbC-aChsMFtcj2K_iSrNTb64aZIxjyYGGpy1azpbsuT-FDhvT2TiGK4fntWrXuoPuYkE921pnROjQnEC9xltftUH6-BYIQdgu0GaZOq_UwsHWNVFcoZGq2VwB8Cy-HtKUWXLLPkYRXYFoJVEcSQl269mqiTlnn0
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ykCieae6m4MoVhoTPpYhncqnO5qjEma%2Fr6LelGaIVnh9L4jUUY35zGcnC6mq%2FiS1VJenvJezxYYEQggggMVz0nUdVvj5L0wnMjQehWMlGTZ30QCw34WwW3GQRmXbPktpFMJuhCizhuyKg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84900fc4da825d46-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoWIiu0pNjRICyuFRZqfz8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5C9B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za0ilfe03t4IaX4B9fZ4sAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoWIiu0pNjRICyuFRZqfz8&google_cver=1

43 B
732 B

27ms
27ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoWIiu0pNjRICyuFRZqfz8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVBGNwoLsEIcA2ZOLVbKbC-aChsMFtcj2K_iSrNTb64aZIxjyYGGpy1azpbsuT-FDhvT2TiGK4fntWrXuoPuYkE921pnROjQnEC9xltftUH6-BYIQdgu0GaZOq_UwsHWNVFcoZGq2VwB8Cy-HtKUWXLLPkYRXYFoJVEcSQl269mqiTlnn0
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yvj64mHIdzd9o4uvIitlNZnMVpGOhVSlyo2LefNroS7C6LTpt9zItp%2BiajeOc%2BHpBV17WO3tj0zWE9BFCHK8%2F%2Fhhz%2BsHfoxR20Q9jBWtaGv2DdYODd6WGeiNiL2XctXrOCxzW4kQEQTltA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84900fc4fa9e5d46-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoWIiu0pNjRICyuFRZqfz8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 5C9B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHRmyyQUOPSStHELNaZBWSY&google_cver=1

43 B
1008 B

11ms
11ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHRmyyQUOPSStHELNaZBWSY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVBGNwoLsEIcA2ZOLVbKbC-aChsMFtcj2K_iSrNTb64aZIxjyYGGpy1azpbsuT-FDhvT2TiGK4fntWrXuoPuYkE921pnROjQnEC9xltftUH6-BYIQdgu0GaZOq_UwsHWNVFcoZGq2VwB8Cy-HtKUWXLLPkYRXYFoJVEcSQl269mqiTlnn0

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:37 GMT
an-x-request-uuid: ac096320-a17b-46df-af31-697f7db9095e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.250; 37.58.58.250; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHRmyyQUOPSStHELNaZBWSY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5C9B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU4ODQwMTg3NTMxNjcxNjcyOA%3D%3D

170 B
243 B

35ms
23ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU4ODQwMTg3NTMxNjcxNjcyOA%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:37 GMT
an-x-request-uuid: 44158d77-8834-41c5-a80f-f0692a9dba21
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU4ODQwMTg3NTMxNjcxNjcyOA%3D%3D
x-proxy-origin: 37.58.58.250; 37.58.58.250; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 63BF 41 KB
14 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A03EZNWbLFC9AnaJtTYxKcLFC9C97SBJ7qS83GVhCB21GB7M7E917ulQoEbkzLRA5fsHED_OkazF5BPqOw3t6ltQ_gCTww4zVPHwMkibDNXDval7fYwDJd7FkVg9I_KRdMy9k9xx73n5ie07feMLMCp0Dz6Cen2oinS2GLl6ZGQ-5ZSyw&cry=1&dbm_d=AKAmf-AUX6QWwCLbhv24mOaGWtLCs6dhgAZ9YxnvElPp-pdbtnNbHAlKhC4HmbaHsOlA8j8BND-vt67q25WR6gSjTLNkg8_ZDGgvkx-OIJSTK5Q0g1oDIhE8ewQ2wPBAz7PO7i-_Zzy4ej4aq82NjjBRbZpVmc-l0rUqel_qLZq-cFmAwJ5lM5cB4ujAl7bS8nf3DLE7yioVYNjaGE89JUmFrlSaDMUE5LwSgqGoH9vDZT6ZYx926ek88r67b3x2tFc5RKjaGTP5rgw7gomtR_8jFAOLy_E_fvZvJBWu7yrX_aCtU3NZVN7tvXIAkmPPz-Y6IwcaTKDy_-uoL8LoFLCMg3NVcqJ-mrtbstN5BHGj3BeV8_8d_545yh8GPB5Y2XTOL5giiyFwcJ9G8xtQ8ZAFdBJZWYyax791JRrZQywSj0qXpVfG2tNCLtg_NwHCKtdzuRpVTTHW3OP-JRO6JsTvJwYag8m_oCoMsmr-oz-6mPm0wS0NCtRDUInHsh7hn6FRo3I3OT_YoKskcaNinsn6mU47i84jp_jwSvO5B-_QE4Uy7jQyY-spG2WMOWQtMgmU_ItdIkPSVMKW6tYqTzMzkBnbWl80uJJqA36aK_dGsiUF68WW27VwWbs5PKY3WO4eYhcicTsAkw3mUDPaIlZrBtmaheycpoAtW7McRuR6zeWWCfcAapNkW4ZlkzLSERpWk7k7VPcBDrzPewaQgy44yxvtbs7krUQzrsP47CbEjMsXPahROTZo6Q95Vb47_GqttuvZiGpFdNO6QPW_GUnttFu6qhqyesIc55T4vT7-zDpTHNveQ0LO2Ea16WPZhGfPZLRPBUxEuR7qBSaIkOuBL1JOv2eRexHAS0z4nSXy3kBUZOmEX9aef8AgYs3kVITgDpzkoHFWtxfz0Vvt4V7UarJwQOLbvooEMJvJUD6Opr46II7-AV_Alo_IVT3U3_IouAvExI9WFNrd1WtO0Ep6ne4Cjzcna34ncMykNXfW8-kGoSIa_wz9PXv5V-5AEifTHYjrpexQjyuV1rmKbnMxKlr1Bv4IwnKQIdCfTf3Vu6sFMki2J2ITJ3uSxOwF3P0K9UOUGt-d9ifCpWoyIyZXDlVWGra94jFYIybAXbshGjIsM4yOLKBnaye6ZhTSu4um6JwskXpuM9b0lTlMcrbDjQmsHmNhbTt3Rd-LOEMtpSzMtb_Aumh93YgYKh1uD-IDX9V2sxED-OCWmVRO3xFsivcicY1YRAweI7ZF3xgIGEpajs09JI1bMDiZdTgn2fNG_wRx-lS24Dv7Cw6Rrboi51s7MJntfXuw4TASMZqvIjG5mWAGIcMgZ_jHSSe1ZTSq3-UZUHjaPcj8nM_qY7gqaeSKCoC3iAhJNsM5gHensKyfOa0DQ3SL4demgjf93ZRmaCFB96sMOWG6y0FPT7pNok6uX2nL1HOGuTVamSVVkDgvnk6jiEgKSFNVoEZM3vbH5LaPNehqqmUgCYN4yilhHVAGpsXIgILXV0rIjQPpyiSK5kOT23K4KED5-d34rldwm1w3vMNkFz9pAmz4j2BnIsE9qMXJnBrTlH_Wr7_tVKyHyioUZ1YlCtWfzOktcI0OgoJsSu3yLyK7lEvqQ-VLnBqTqlosveZHtO6UWaAgHvYWpqREVGbK4kzc7IXeou3WzTjoCch8vKO25j0G7W1ceAml6hjslsqOKQtiF1OSFqYDrcwZxr_QC-DWQqkWBruWb1Y0xsiCJAexCcnqkqIZ4lVbfbNc0bp3REumXQrjZXQE8t6ucU5aa48Ku0GFM0ZnOtEPRdLFt9FU4AukLVJ0K8t5qfmvdSfRcNH6bdjh8UkUzVe5MOjDj3SjWY_jqwhLeQEWDyJPfb2ELwM5LMZoaR7_5TJbBaeAkh9CeRk_1naxa9NmwXNnmkEXUczVxKVX4sqYec3tCECwxCMPtXEPFqodu45T32OHanTz89GjqxkIvYHSANvCt7aGB_4EZi3AH-T-C_O9qjNHHE248I8xuPYx8j3xZ0610LGvZVwANxvlBvxA1X1iA_5GXYLDnf0fPOaDLokBDixpcgZi8xy_uT-Z4_kwMLWh-VH8vW17XclwF6BiAKx_ayWghEcFMFrADD5CO6i_CBRvo_kswIUFiGXfs9BvYiRhsmE5iQTj87JELkx08mkpOS2CqqJatjo_v_lDjAwBn_krFozT5VrTBY8Q2S8KdEwFg-9tDqyT9gQZsYnnN1nfPVZRBZIG_WlejsSZsihT8lMaEl1WUUFz8vWX3HD40DRgf5Od3d8SqKxFXzco02zVqIXYj72NWjs2zwTA98fA9jB1j9T7LwWEQEAcjij3rkcn94Q4NhsUfSbEvXekLqhpaKxVPSmB65Hn6n5FtXZZC7FNyJao6botzoX7UPoq5wwSh8zvcLdGRYnPmy0kqT2Tf9HQvVQLRlonQzpa9KUM_yyb4D0gT0X0eB4y3YhBu0TpoUIn6UEWblTU5TQRb-sKNUoKqmm19DBHi_w390ysHrckiD8J2k0-Qc-4lwAqoDkb7_tFnUMRds_JEz5J3jsfm3EVaSMJGss7esVBrmyhdEMbCIBfR_pDzMOdmhKsDiqZDYa10UQBXcEH0_artlniVm9A_Bqz6QR_R5m6r_pfnUuBcgFfESxeNen9nG7WyA13DB2b8gfdVdyfCcOZFXM-Q1frVbKxhN-xaaUkdJNoJe1AAIUNltYVTbyo5hlpvvjzvxbC0DlQ_vFltLC-bht3SnzoK6glCkhchZiJ0PY-JMG4DuwxMt5HiIhI6xDZCJlAnM-QbUep4jZGhFC9R1ELeQu7biVbunG9KklpJ9MQLAF-NaNMDfRUPA_yod-QeGAfM-wd_4PTnIJt5hXOPySIumaBmpZGrFh0c1nLMMha5tPYRtrsCyK-psztcPeredn_v_M_1TRSKjLjGxS9rd6VlyZOoeHw6IKoM21L00I9CXTpXanjMVTDbMqy89ipQiMV718qsQ5HGOJCZHnSe_evqhbptJeQ9_Jt6lw_qEwgVuuaHKb6xaiAEnq4CwzGLzkusyoLapndd-m-l7G8v-k8gkuymLip0pxcrtCa1Jyh24upHtyJuu_poGIVI58WXqUb8FPr7VGYctOISROZQPgEhfU22r1bqUHcpLoUuHGEDjLcSxe2H8gzHb9NRS2ghg8zMr4_96aujuRzd4Qhhx5eQ4RbiLSJSR2Db4SJ8EZhcBB3pflamkbETOiI7A4eQi2JI23d4AOPgydfovWjsdnN11KKKaOFuHwkpLMAijzhhr0BGZZLq_DdrKrSDJXbPg53Cdn7P9x5g5divBGew55PCG5DitkuU3mBPT1oB1IoJWAvQL27C6dVZxjfrDM928QW2r6tqKtfz0bHYT11DZsQDFV7bo3NCWAlBpLBru2YTjq4d5dUg3x8GgqmmPVR33GMX2zXUkUASH4PC03Y9-inVf8gXFf6HknDKqyFb7Q3cAMclxQiUGIAZFQlhXlJN8Ra0a2kGjoOTUSpjyWBZZ1qeXlAckjW-ypaKX09H20bme-CILvV1S7NTT0dsnG3gxyH0sv2ZbhtiFDkMkwJ9HV7QlRdnqwDw4hSrYH0UULlJ56FdaqgttWK_KCROXtTa2ZxBF4PLO8SwnbTbE3FLWMlV4Dvmqe_U5DHs9PkOs3OnIl-Am8Qaup-PKRStr4-MogDCFAaYIfkgJIAxw2VoWSoJZjPsNzRC81SqdAN9J8Gj2vRwvc7fu4T_9VQyO-uoJfJFvcojVEI5FsXlRkxoLLVhc9viEcQzd98bbM5oFT1_TMhYn_JBvp20Ctlt_Z9MqS3zodfuXnVN4LHtJpoRkYbgDsSGDVzY_KChExvJKEs7QjARELtTzLuOviXtta-OKylgjsv-kLZ0nvy4NHyiIA3EG2zbXgUJnBXApHVF4xcXNgnVx9skwomj7tidlTbeA&cid=CAQSPAAvHhf_of3BIFI_D_Qhau0-8xBxfB0jZQRks0-9Mdp9SVnYE3is61a4s59jeGHRyrYtAK7G6-EfJu9uTBgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fugeen.live%2F&ds=l&xdt=1&iif=1&cor=9220466314434337000&adk=2935317966&idt=92&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 386904
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:28:13 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTg0NTM5NzExMzAzNgogIHNlcnZlcl9pcDogMTQ2NTIyMzI0CiAgcHJvY2Vzc19pZDogMzc0MjIwNzk3MQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 63BF 0
867 B 117ms
48ms Image
image/png 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTg0NTM5NzExMzAzNgogIHNlcnZlcl9pcDogMTQ2NTIyMzI0CiAgcHJvY2Vzc19pZDogMzc0MjIwNzk3MQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMTcxMjkzNTA4NjQ2MDIxNDIyMwpkZWJ1Z19rZXk6IDYwMzAyMzg2MjM0NDg3MjkzMTUKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAxLTIxIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIyNTk3NDEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIxMjMyMAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4yLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:37 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xff11a8a4e2b353870000000000000000","13":"0x996c69c6999339a00000000000000000","14":"0x7b2baae6ac589f5a0000000000000000","15":"0xd1240fa2df1a9fab0000000000000000"},"debug_key":"6030238623448729315","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"11712935086460214223"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wmoiqux43uzw Show response
hal9000.redintelligence.net/zone/ Frame 63BF 11 KB
4 KB 44ms
12ms Script
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1705845396334866&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCw6GplCKtZZK4FPD77OsP3cmzqAKm5b2gab2TnKfJD_AuEAEg3-2WjgFglYKAgKAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBOQBT9DPZS_n7HNjy4GX9U5Gn718s2R5TMxQOGg3rD4_TN7yD4gBG5kvpIoVAfOB4waVgGLyLb8EifcTzJsJIf2TdR98c84WFj5iHafNEgJu7uTgAOTpApjcZkPXvUMG7yK5N-rD_o34E4O1vk-1TZBcN12UiujPp1JT0BPpJYjzykzROY89KfSv0LdOeHvx6gOfD7ebFWsVrYr2TjkB4id4v47fEqMQdib2b-rx1q7DhSXlIG9WAw6L0QIxkWoDsn5aRxfiBlZruwR_NjoFd_Q3tOq-RU1SDdwj_hODEI2i_N7l3rVYwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIbhhqfR7oMDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_of3BIFI_D_Qhau0-8xBxfB0jZQRks0-9Mdp9SVnYE3is61a4s59jeGHRyrYtAK7G6-EfJu9uTBgB%26sig%3DAOD64_0Njv_Ydp369ZBTOnZbH1KXLbKT6Q%26client%3Dca-pub-3252277975094311%26dbm_c%3DAKAmf-AoV4tyzfPJeaSkVYTXtoDf9HQJsR7pb8A3C9xWlmfmQrnmcTnXeWyEQqPIelxmzo5y4i1hW7-WNSobi0vqRYVSAaatUCEq2wQ62QXs1FcBWS0BloxOutaF18IRMnvNq315VoaAlEwuZmCnovautgA-NgGMAs0fePQRk_yoO-3_VfqRx7c%26cry%3D1%26dbm_d%3DAKAmf-Ato433Idr8TGGajRIp8xqRXzHtH6qwUp1ILcUGCsDpAR0jZP-E_pjonxiHItwQmu3KMC--cbJxakG3AXeg-JV_-i4_Pn1AiRoCH_DNVFYgh7yr5v1lv5mJpVQfuXNYamn_tUHY2Re_Tu5PvkT8PKBMDa9QaKrfDrazZYNIqLSF5JlwXacnLSumodluPwOTWF5KYqCpHAUbawxSIEYWtHYGn-f_MJTwloxNauOKHX1npE16ivPbEAN1nzb-o9v1tvFODX-WFrJCeFVBQWXX-MAQFzlHYyyuEnXawUz5S6n_e6EV2APCz_Ijqyxe7yd7-NLZfl0PqolOH-qpfRUP1ciild1IQFSKsj6IPHV4s1-csVo11d_uXhFOovXpo6O3s9CbndzcrrYW0cfluvZddPe7UFJ1Awt_799K7ewEf6jLsr9jG140jUZqQKefARDhckLFBsTg35n5ctaieSEUF2e8XAzuWqovAnHo897OU8QitSz8E4YvHfdFsuPmg3aZ_ZiRf3e2hCYP3miiqWbn8LQMenpHY7K9T82YaXzSwGDU5ycMYBQ%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&h=280&adk=1285909816&adf=1541082835&w=540&fwrn=4&fwrnh=100&lmt=1694075615&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5107688672&ad_type=text_image&format=540x280&url=http%3A%2F%2Fugeen.live%2F&fwr=0&pra=3&rh=135&rw=540&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1705845396158&bpp=1&bdt=1018&idt=0&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ad64b83023ba042%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA&gpic=UID%3D00000d45b11ffab0%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C540x280%2C540x280&nras=4&correlator=1975614699967&frm=20&pv=1&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=2683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 46ee65be77595c5b32af7ffd8c589290b510b16ba24668be8ab46b1376b4b6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4117
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame BB9C 38 KB
13 KB 24ms
24ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 406949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 20:54:08 GMT
expires: Wed, 15 Jan 2025 20:54:08 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal90003.redintelligence.net/ Frame 63BF
Redirect Chain

https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0111a6e316&subid=&uid=7021ec7cb122f02d&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0111a6e316&subid=&uid=7021ec7cb122f02d&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

122ms
100ms

Script
application/x-javascript

138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0111a6e316&subid=&uid=7021ec7cb122f02d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCw6GplCKtZZK4FPD77OsP3cmzqAKm5b2gab2TnKfJD_AuEAEg3-2WjgFglYKAgKAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBOQBT9DPZS_n7HNjy4GX9U5Gn718s2R5TMxQOGg3rD4_TN7yD4gBG5kvpIoVAfOB4waVgGLyLb8EifcTzJsJIf2TdR98c84WFj5iHafNEgJu7uTgAOTpApjcZkPXvUMG7yK5N-rD_o34E4O1vk-1TZBcN12UiujPp1JT0BPpJYjzykzROY89KfSv0LdOeHvx6gOfD7ebFWsVrYr2TjkB4id4v47fEqMQdib2b-rx1q7DhSXlIG9WAw6L0QIxkWoDsn5aRxfiBlZruwR_NjoFd_Q3tOq-RU1SDdwj_hODEI2i_N7l3rVYwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIbhhqfR7oMDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_of3BIFI_D_Qhau0-8xBxfB0jZQRks0-9Mdp9SVnYE3is61a4s59jeGHRyrYtAK7G6-EfJu9uTBgB%26sig%3DAOD64_0Njv_Ydp369ZBTOnZbH1KXLbKT6Q%26client%3Dca-pub-3252277975094311%26dbm_c%3DAKAmf-AoV4tyzfPJeaSkVYTXtoDf9HQJsR7pb8A3C9xWlmfmQrnmcTnXeWyEQqPIelxmzo5y4i1hW7-WNSobi0vqRYVSAaatUCEq2wQ62QXs1FcBWS0BloxOutaF18IRMnvNq315VoaAlEwuZmCnovautgA-NgGMAs0fePQRk_yoO-3_VfqRx7c%26cry%3D1%26dbm_d%3DAKAmf-Ato433Idr8TGGajRIp8xqRXzHtH6qwUp1ILcUGCsDpAR0jZP-E_pjonxiHItwQmu3KMC--cbJxakG3AXeg-JV_-i4_Pn1AiRoCH_DNVFYgh7yr5v1lv5mJpVQfuXNYamn_tUHY2Re_Tu5PvkT8PKBMDa9QaKrfDrazZYNIqLSF5JlwXacnLSumodluPwOTWF5KYqCpHAUbawxSIEYWtHYGn-f_MJTwloxNauOKHX1npE16ivPbEAN1nzb-o9v1tvFODX-WFrJCeFVBQWXX-MAQFzlHYyyuEnXawUz5S6n_e6EV2APCz_Ijqyxe7yd7-NLZfl0PqolOH-qpfRUP1ciild1IQFSKsj6IPHV4s1-csVo11d_uXhFOovXpo6O3s9CbndzcrrYW0cfluvZddPe7UFJ1Awt_799K7ewEf6jLsr9jG140jUZqQKefARDhckLFBsTg35n5ctaieSEUF2e8XAzuWqovAnHo897OU8QitSz8E4YvHfdFsuPmg3aZ_ZiRf3e2hCYP3miiqWbn8LQMenpHY7K9T82YaXzSwGDU5ycMYBQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3252277975094311%26output%3Dhtml%26h%3D280%26adk%3D1285909816%26adf%3D1541082835%26w%3D540%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1694075615%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D5107688672%26ad_type%3Dtext_image%26format%3D540x280%26url%3Dhttp%253A%252F%252Fugeen.live%252F%26fwr%3D0%26pra%3D3%26rh%3D135%26rw%3D540%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D27%26dt%3D1705845396158%26bpp%3D1%26bdt%3D1018%26idt%3D0%26shv%3Dr20240118%26mjsv%3Dm202401170101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D8ad64b83023ba042%253AT%253D1705845395%253ART%253D1705845395%253AS%253DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA%26gpic%3DUID%253D00000d45b11ffab0%253AT%253D1705845395%253ART%253D1705845395%253AS%253DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw%26prev_fmts%3D0x0%252C1200x280%252C1200x280%252C1200x280%252C540x280%252C540x280%26nras%3D4%26correlator%3D1975614699967%26frm%3D20%26pv%3D1%26ga_vid%3D633736644.1705845395%26ga_sid%3D1705845396%26ga_hid%3D18600395%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D245%26ady%3D2683%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D95320239%252C44759875%252C44759926%252C31080443%252C44798934%252C44809004%252C31080557%252C42532361%252C95322329%252C95320868%252C95320888%252C95321626%252C95322165%26oid%3D2%26pvsid%3D2136157868204579%26tmod%3D1610003442%26uas%3D0%26nvt%3D1%26fc%3D1408%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D8%26uci%3Da!8%26btvi%3D5%26fsb%3D1%26dtd%3D9&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fugeen.live&random=8812204725401&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&h=280&adk=1285909816&adf=1541082835&w=540&fwrn=4&fwrnh=100&lmt=1694075615&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5107688672&ad_type=text_image&format=540x280&url=http%3A%2F%2Fugeen.live%2F&fwr=0&pra=3&rh=135&rw=540&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1705845396158&bpp=1&bdt=1018&idt=0&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ad64b83023ba042%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA&gpic=UID%3D00000d45b11ffab0%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C540x280%2C540x280&nras=4&correlator=1975614699967&frm=20&pv=1&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=2683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=9
Protocol: HTTP/1.1
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 664ed3246c8c80688d291e6d0c61d8fc4d464bb7e326937b690c1a93667841c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 13:56:37 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 52379300067847604444994012576003
Connection: close
Content-Length: 1365
Expires: Sun, 21 Jan 2024 13:56:37 +0100

Redirect headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 13:56:37 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0111a6e316&subid=&uid=7021ec7cb122f02d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCw6GplCKtZZK4FPD77OsP3cmzqAKm5b2gab2TnKfJD_AuEAEg3-2WjgFglYKAgKAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBOQBT9DPZS_n7HNjy4GX9U5Gn718s2R5TMxQOGg3rD4_TN7yD4gBG5kvpIoVAfOB4waVgGLyLb8EifcTzJsJIf2TdR98c84WFj5iHafNEgJu7uTgAOTpApjcZkPXvUMG7yK5N-rD_o34E4O1vk-1TZBcN12UiujPp1JT0BPpJYjzykzROY89KfSv0LdOeHvx6gOfD7ebFWsVrYr2TjkB4id4v47fEqMQdib2b-rx1q7DhSXlIG9WAw6L0QIxkWoDsn5aRxfiBlZruwR_NjoFd_Q3tOq-RU1SDdwj_hODEI2i_N7l3rVYwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIbhhqfR7oMDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_of3BIFI_D_Qhau0-8xBxfB0jZQRks0-9Mdp9SVnYE3is61a4s59jeGHRyrYtAK7G6-EfJu9uTBgB%26sig%3DAOD64_0Njv_Ydp369ZBTOnZbH1KXLbKT6Q%26client%3Dca-pub-3252277975094311%26dbm_c%3DAKAmf-AoV4tyzfPJeaSkVYTXtoDf9HQJsR7pb8A3C9xWlmfmQrnmcTnXeWyEQqPIelxmzo5y4i1hW7-WNSobi0vqRYVSAaatUCEq2wQ62QXs1FcBWS0BloxOutaF18IRMnvNq315VoaAlEwuZmCnovautgA-NgGMAs0fePQRk_yoO-3_VfqRx7c%26cry%3D1%26dbm_d%3DAKAmf-Ato433Idr8TGGajRIp8xqRXzHtH6qwUp1ILcUGCsDpAR0jZP-E_pjonxiHItwQmu3KMC--cbJxakG3AXeg-JV_-i4_Pn1AiRoCH_DNVFYgh7yr5v1lv5mJpVQfuXNYamn_tUHY2Re_Tu5PvkT8PKBMDa9QaKrfDrazZYNIqLSF5JlwXacnLSumodluPwOTWF5KYqCpHAUbawxSIEYWtHYGn-f_MJTwloxNauOKHX1npE16ivPbEAN1nzb-o9v1tvFODX-WFrJCeFVBQWXX-MAQFzlHYyyuEnXawUz5S6n_e6EV2APCz_Ijqyxe7yd7-NLZfl0PqolOH-qpfRUP1ciild1IQFSKsj6IPHV4s1-csVo11d_uXhFOovXpo6O3s9CbndzcrrYW0cfluvZddPe7UFJ1Awt_799K7ewEf6jLsr9jG140jUZqQKefARDhckLFBsTg35n5ctaieSEUF2e8XAzuWqovAnHo897OU8QitSz8E4YvHfdFsuPmg3aZ_ZiRf3e2hCYP3miiqWbn8LQMenpHY7K9T82YaXzSwGDU5ycMYBQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3252277975094311%26output%3Dhtml%26h%3D280%26adk%3D1285909816%26adf%3D1541082835%26w%3D540%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1694075615%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D5107688672%26ad_type%3Dtext_image%26format%3D540x280%26url%3Dhttp%253A%252F%252Fugeen.live%252F%26fwr%3D0%26pra%3D3%26rh%3D135%26rw%3D540%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D27%26dt%3D1705845396158%26bpp%3D1%26bdt%3D1018%26idt%3D0%26shv%3Dr20240118%26mjsv%3Dm202401170101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D8ad64b83023ba042%253AT%253D1705845395%253ART%253D1705845395%253AS%253DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA%26gpic%3DUID%253D00000d45b11ffab0%253AT%253D1705845395%253ART%253D1705845395%253AS%253DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw%26prev_fmts%3D0x0%252C1200x280%252C1200x280%252C1200x280%252C540x280%252C540x280%26nras%3D4%26correlator%3D1975614699967%26frm%3D20%26pv%3D1%26ga_vid%3D633736644.1705845395%26ga_sid%3D1705845396%26ga_hid%3D18600395%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D245%26ady%3D2683%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D95320239%252C44759875%252C44759926%252C31080443%252C44798934%252C44809004%252C31080557%252C42532361%252C95322329%252C95320868%252C95320888%252C95321626%252C95322165%26oid%3D2%26pvsid%3D2136157868204579%26tmod%3D1610003442%26uas%3D0%26nvt%3D1%26fc%3D1408%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D8%26uci%3Da!8%26btvi%3D5%26fsb%3D1%26dtd%3D9&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fugeen.live&random=8812204725401&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sun, 21 Jan 2024 13:56:37 +0100

GET
H3 200 AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js Show response
pagead2.googlesyndication.com/bg/ Frame BB9C 50 KB
19 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:23:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 387159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19642
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Jan 2025 02:23:58 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BB9C 0
20 B 164ms
164ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BaJ6LlSKtZYzzBtSB7_UP45-2-A0AAAAAOAHgBAI&bg=!X1ylXBPNAAZVxkGXdcY7ADQBe5WfOHnNg5kFoYqNvcMOirspf0r6YeQfDm0EXC0oIsleOpj2Fw-AOO4hoAWj_sXiYtIuAgAAAC9SAAAAAWgBB5kDDmUoagWC9YzS6jx-13Ktv7zC2iX5hxEfvsNqogsd_01vUn9WVFcI7kRzNPuU4bs-sTcmXsUmv-2tylbDIU-Z4UhN_LuPItgXNjy_wodW6iatsEKADZZITcXxtEBkIZ8NoG0EhBWgiCzOqel9xIe8hhxJB28POC2LeeUbe_HIZovUtiisMtEqNBiP8GI5OWxjJfHY2kGCjcQyak6vSD0JtUjbl-PoME38iUgjYzlIb1fucgpuqI0lROz8NXOeg1uhAxbBZjT-F3QXAhBlcNxpleXz7O0AqHJ-Ng8H9fkSl0g2VyA_AE1oRMnlIWzZDbt0QeiX6oOobsHoGxIazzD_Wfjb9Q7yEg4cFcDvxjYGj8UkoMyBgJGlPMcLxht_JfSOaWuIF2NjilEcd_c47C9r0KOMWZGuY4RClvAZiz5KsXhvIpxeEGWUuPCRsqwIVQoLoCH-z9S7Yiq1m3E-kycTzlQH_-ebRTr4MCzFSSeieiSC2KIX1AUNmEmSt3Yo1qGenyNQKagB88XIdN4sHK3nXTN8sCkmQicLVAVruRhEuJkBya81ndmh-xFIPISJp8CBHKMMsRG7dbIhhgRLvZ8TPSPL0J0qt0Xuu-AFUyb90i3t78tapkDmPPWvzksrIa51qV1AfYVnTIwsKFwneGb075NirDljGRMQveZfXwyDqT1VCeSrXzUCGm82dW7IAlNw9txwZDPDvvf71i7ae0zkUcUHOvZw1_x6RwXs0vFpd3i_yN_hiJ66yN1yKG_wq35Q2RNnDnzCL0-eoFu8ko3PPUosw8SMdSkDPch31oSRCi7SI1XJT8fNViRKNZI2T-NfA9GTx5UsvcFNij6tlymFg68nLq3AWrBdbflL5ruQ4KVipumBLYDGdsm6cM0IpW6E99lNh_1crshwFVTr5oNa51MI8Abrg-zTJiN9EsL6uTJy3AZTewk1Gh6mKPapoOuEVr6QPSKvVQnT32qFCToNLuTZvADD2bo82Y-SwbFlpSt8iU3wFift3uY1xLuuTpllKiI2MzqxVgokmznkh7GY

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adv.office-partner.de/ Frame 97AB 930 B
924 B 193ms
6ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0111a6e316&subid=&uid=7021ec7cb122f02d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCw6GplCKtZZK4FPD77OsP3cmzqAKm5b2gab2TnKfJD_AuEAEg3-2WjgFglYKAgKAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBOQBT9DPZS_n7HNjy4GX9U5Gn718s2R5TMxQOGg3rD4_TN7yD4gBG5kvpIoVAfOB4waVgGLyLb8EifcTzJsJIf2TdR98c84WFj5iHafNEgJu7uTgAOTpApjcZkPXvUMG7yK5N-rD_o34E4O1vk-1TZBcN12UiujPp1JT0BPpJYjzykzROY89KfSv0LdOeHvx6gOfD7ebFWsVrYr2TjkB4id4v47fEqMQdib2b-rx1q7DhSXlIG9WAw6L0QIxkWoDsn5aRxfiBlZruwR_NjoFd_Q3tOq-RU1SDdwj_hODEI2i_N7l3rVYwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIbhhqfR7oMDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_of3BIFI_D_Qhau0-8xBxfB0jZQRks0-9Mdp9SVnYE3is61a4s59jeGHRyrYtAK7G6-EfJu9uTBgB%26sig%3DAOD64_0Njv_Ydp369ZBTOnZbH1KXLbKT6Q%26client%3Dca-pub-3252277975094311%26dbm_c%3DAKAmf-AoV4tyzfPJeaSkVYTXtoDf9HQJsR7pb8A3C9xWlmfmQrnmcTnXeWyEQqPIelxmzo5y4i1hW7-WNSobi0vqRYVSAaatUCEq2wQ62QXs1FcBWS0BloxOutaF18IRMnvNq315VoaAlEwuZmCnovautgA-NgGMAs0fePQRk_yoO-3_VfqRx7c%26cry%3D1%26dbm_d%3DAKAmf-Ato433Idr8TGGajRIp8xqRXzHtH6qwUp1ILcUGCsDpAR0jZP-E_pjonxiHItwQmu3KMC--cbJxakG3AXeg-JV_-i4_Pn1AiRoCH_DNVFYgh7yr5v1lv5mJpVQfuXNYamn_tUHY2Re_Tu5PvkT8PKBMDa9QaKrfDrazZYNIqLSF5JlwXacnLSumodluPwOTWF5KYqCpHAUbawxSIEYWtHYGn-f_MJTwloxNauOKHX1npE16ivPbEAN1nzb-o9v1tvFODX-WFrJCeFVBQWXX-MAQFzlHYyyuEnXawUz5S6n_e6EV2APCz_Ijqyxe7yd7-NLZfl0PqolOH-qpfRUP1ciild1IQFSKsj6IPHV4s1-csVo11d_uXhFOovXpo6O3s9CbndzcrrYW0cfluvZddPe7UFJ1Awt_799K7ewEf6jLsr9jG140jUZqQKefARDhckLFBsTg35n5ctaieSEUF2e8XAzuWqovAnHo897OU8QitSz8E4YvHfdFsuPmg3aZ_ZiRf3e2hCYP3miiqWbn8LQMenpHY7K9T82YaXzSwGDU5ycMYBQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3252277975094311%26output%3Dhtml%26h%3D280%26adk%3D1285909816%26adf%3D1541082835%26w%3D540%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1694075615%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D5107688672%26ad_type%3Dtext_image%26format%3D540x280%26url%3Dhttp%253A%252F%252Fugeen.live%252F%26fwr%3D0%26pra%3D3%26rh%3D135%26rw%3D540%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D27%26dt%3D1705845396158%26bpp%3D1%26bdt%3D1018%26idt%3D0%26shv%3Dr20240118%26mjsv%3Dm202401170101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D8ad64b83023ba042%253AT%253D1705845395%253ART%253D1705845395%253AS%253DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA%26gpic%3DUID%253D00000d45b11ffab0%253AT%253D1705845395%253ART%253D1705845395%253AS%253DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw%26prev_fmts%3D0x0%252C1200x280%252C1200x280%252C1200x280%252C540x280%252C540x280%26nras%3D4%26correlator%3D1975614699967%26frm%3D20%26pv%3D1%26ga_vid%3D633736644.1705845395%26ga_sid%3D1705845396%26ga_hid%3D18600395%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D245%26ady%3D2683%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D95320239%252C44759875%252C44759926%252C31080443%252C44798934%252C44809004%252C31080557%252C42532361%252C95322329%252C95320868%252C95320888%252C95321626%252C95322165%26oid%3D2%26pvsid%3D2136157868204579%26tmod%3D1610003442%26uas%3D0%26nvt%3D1%26fc%3D1408%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D8%26uci%3Da!8%26btvi%3D5%26fsb%3D1%26dtd%3D9&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fugeen.live&random=8812204725401&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sun, 21 Jan 2024 13:56:37 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sun, 28 Jan 2024 13:56:37 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame 84B7 0
326 B 203ms
20ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=52379300067847604444994012576003&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0111a6e316&subid=&uid=7021ec7cb122f02d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCw6GplCKtZZK4FPD77OsP3cmzqAKm5b2gab2TnKfJD_AuEAEg3-2WjgFglYKAgKAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBOQBT9DPZS_n7HNjy4GX9U5Gn718s2R5TMxQOGg3rD4_TN7yD4gBG5kvpIoVAfOB4waVgGLyLb8EifcTzJsJIf2TdR98c84WFj5iHafNEgJu7uTgAOTpApjcZkPXvUMG7yK5N-rD_o34E4O1vk-1TZBcN12UiujPp1JT0BPpJYjzykzROY89KfSv0LdOeHvx6gOfD7ebFWsVrYr2TjkB4id4v47fEqMQdib2b-rx1q7DhSXlIG9WAw6L0QIxkWoDsn5aRxfiBlZruwR_NjoFd_Q3tOq-RU1SDdwj_hODEI2i_N7l3rVYwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIbhhqfR7oMDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_of3BIFI_D_Qhau0-8xBxfB0jZQRks0-9Mdp9SVnYE3is61a4s59jeGHRyrYtAK7G6-EfJu9uTBgB%26sig%3DAOD64_0Njv_Ydp369ZBTOnZbH1KXLbKT6Q%26client%3Dca-pub-3252277975094311%26dbm_c%3DAKAmf-AoV4tyzfPJeaSkVYTXtoDf9HQJsR7pb8A3C9xWlmfmQrnmcTnXeWyEQqPIelxmzo5y4i1hW7-WNSobi0vqRYVSAaatUCEq2wQ62QXs1FcBWS0BloxOutaF18IRMnvNq315VoaAlEwuZmCnovautgA-NgGMAs0fePQRk_yoO-3_VfqRx7c%26cry%3D1%26dbm_d%3DAKAmf-Ato433Idr8TGGajRIp8xqRXzHtH6qwUp1ILcUGCsDpAR0jZP-E_pjonxiHItwQmu3KMC--cbJxakG3AXeg-JV_-i4_Pn1AiRoCH_DNVFYgh7yr5v1lv5mJpVQfuXNYamn_tUHY2Re_Tu5PvkT8PKBMDa9QaKrfDrazZYNIqLSF5JlwXacnLSumodluPwOTWF5KYqCpHAUbawxSIEYWtHYGn-f_MJTwloxNauOKHX1npE16ivPbEAN1nzb-o9v1tvFODX-WFrJCeFVBQWXX-MAQFzlHYyyuEnXawUz5S6n_e6EV2APCz_Ijqyxe7yd7-NLZfl0PqolOH-qpfRUP1ciild1IQFSKsj6IPHV4s1-csVo11d_uXhFOovXpo6O3s9CbndzcrrYW0cfluvZddPe7UFJ1Awt_799K7ewEf6jLsr9jG140jUZqQKefARDhckLFBsTg35n5ctaieSEUF2e8XAzuWqovAnHo897OU8QitSz8E4YvHfdFsuPmg3aZ_ZiRf3e2hCYP3miiqWbn8LQMenpHY7K9T82YaXzSwGDU5ycMYBQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3252277975094311%26output%3Dhtml%26h%3D280%26adk%3D1285909816%26adf%3D1541082835%26w%3D540%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1694075615%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D5107688672%26ad_type%3Dtext_image%26format%3D540x280%26url%3Dhttp%253A%252F%252Fugeen.live%252F%26fwr%3D0%26pra%3D3%26rh%3D135%26rw%3D540%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D27%26dt%3D1705845396158%26bpp%3D1%26bdt%3D1018%26idt%3D0%26shv%3Dr20240118%26mjsv%3Dm202401170101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D8ad64b83023ba042%253AT%253D1705845395%253ART%253D1705845395%253AS%253DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA%26gpic%3DUID%253D00000d45b11ffab0%253AT%253D1705845395%253ART%253D1705845395%253AS%253DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw%26prev_fmts%3D0x0%252C1200x280%252C1200x280%252C1200x280%252C540x280%252C540x280%26nras%3D4%26correlator%3D1975614699967%26frm%3D20%26pv%3D1%26ga_vid%3D633736644.1705845395%26ga_sid%3D1705845396%26ga_hid%3D18600395%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D245%26ady%3D2683%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D95320239%252C44759875%252C44759926%252C31080443%252C44798934%252C44809004%252C31080557%252C42532361%252C95322329%252C95320868%252C95320888%252C95321626%252C95322165%26oid%3D2%26pvsid%3D2136157868204579%26tmod%3D1610003442%26uas%3D0%26nvt%3D1%26fc%3D1408%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D8%26uci%3Da!8%26btvi%3D5%26fsb%3D1%26dtd%3D9&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fugeen.live&random=8812204725401&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Sun, 21 Jan 2024 13:56:37 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2 200 link.html Show response
track.webgains.com/ Frame 63BF 2 KB
2 KB 249ms
62ms Script
text/html 3.10.64.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=52379300067847604444994012576003&nw=1
Requested by: Host: ugeen.live
URL: http://ugeen.live/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.64.81 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-64-81.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: feeab639c58eb8feeddf4695d332e58c64fc33f2ecd5751f334743289655897e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:56:37 GMT
last-modified: Sun, 21 Jan 2024 13:56:37 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 21 Jan 2024 13:57:37 GMT

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame 63BF 0
327 B 203ms
19ms Script
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=52379300067847604444994012576003&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0111a6e316&subid=&uid=7021ec7cb122f02d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCw6GplCKtZZK4FPD77OsP3cmzqAKm5b2gab2TnKfJD_AuEAEg3-2WjgFglYKAgKAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBOQBT9DPZS_n7HNjy4GX9U5Gn718s2R5TMxQOGg3rD4_TN7yD4gBG5kvpIoVAfOB4waVgGLyLb8EifcTzJsJIf2TdR98c84WFj5iHafNEgJu7uTgAOTpApjcZkPXvUMG7yK5N-rD_o34E4O1vk-1TZBcN12UiujPp1JT0BPpJYjzykzROY89KfSv0LdOeHvx6gOfD7ebFWsVrYr2TjkB4id4v47fEqMQdib2b-rx1q7DhSXlIG9WAw6L0QIxkWoDsn5aRxfiBlZruwR_NjoFd_Q3tOq-RU1SDdwj_hODEI2i_N7l3rVYwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIbhhqfR7oMDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_of3BIFI_D_Qhau0-8xBxfB0jZQRks0-9Mdp9SVnYE3is61a4s59jeGHRyrYtAK7G6-EfJu9uTBgB%26sig%3DAOD64_0Njv_Ydp369ZBTOnZbH1KXLbKT6Q%26client%3Dca-pub-3252277975094311%26dbm_c%3DAKAmf-AoV4tyzfPJeaSkVYTXtoDf9HQJsR7pb8A3C9xWlmfmQrnmcTnXeWyEQqPIelxmzo5y4i1hW7-WNSobi0vqRYVSAaatUCEq2wQ62QXs1FcBWS0BloxOutaF18IRMnvNq315VoaAlEwuZmCnovautgA-NgGMAs0fePQRk_yoO-3_VfqRx7c%26cry%3D1%26dbm_d%3DAKAmf-Ato433Idr8TGGajRIp8xqRXzHtH6qwUp1ILcUGCsDpAR0jZP-E_pjonxiHItwQmu3KMC--cbJxakG3AXeg-JV_-i4_Pn1AiRoCH_DNVFYgh7yr5v1lv5mJpVQfuXNYamn_tUHY2Re_Tu5PvkT8PKBMDa9QaKrfDrazZYNIqLSF5JlwXacnLSumodluPwOTWF5KYqCpHAUbawxSIEYWtHYGn-f_MJTwloxNauOKHX1npE16ivPbEAN1nzb-o9v1tvFODX-WFrJCeFVBQWXX-MAQFzlHYyyuEnXawUz5S6n_e6EV2APCz_Ijqyxe7yd7-NLZfl0PqolOH-qpfRUP1ciild1IQFSKsj6IPHV4s1-csVo11d_uXhFOovXpo6O3s9CbndzcrrYW0cfluvZddPe7UFJ1Awt_799K7ewEf6jLsr9jG140jUZqQKefARDhckLFBsTg35n5ctaieSEUF2e8XAzuWqovAnHo897OU8QitSz8E4YvHfdFsuPmg3aZ_ZiRf3e2hCYP3miiqWbn8LQMenpHY7K9T82YaXzSwGDU5ycMYBQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3252277975094311%26output%3Dhtml%26h%3D280%26adk%3D1285909816%26adf%3D1541082835%26w%3D540%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1694075615%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D5107688672%26ad_type%3Dtext_image%26format%3D540x280%26url%3Dhttp%253A%252F%252Fugeen.live%252F%26fwr%3D0%26pra%3D3%26rh%3D135%26rw%3D540%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D27%26dt%3D1705845396158%26bpp%3D1%26bdt%3D1018%26idt%3D0%26shv%3Dr20240118%26mjsv%3Dm202401170101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D8ad64b83023ba042%253AT%253D1705845395%253ART%253D1705845395%253AS%253DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA%26gpic%3DUID%253D00000d45b11ffab0%253AT%253D1705845395%253ART%253D1705845395%253AS%253DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw%26prev_fmts%3D0x0%252C1200x280%252C1200x280%252C1200x280%252C540x280%252C540x280%26nras%3D4%26correlator%3D1975614699967%26frm%3D20%26pv%3D1%26ga_vid%3D633736644.1705845395%26ga_sid%3D1705845396%26ga_hid%3D18600395%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D245%26ady%3D2683%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D95320239%252C44759875%252C44759926%252C31080443%252C44798934%252C44809004%252C31080557%252C42532361%252C95322329%252C95320868%252C95320888%252C95321626%252C95322165%26oid%3D2%26pvsid%3D2136157868204579%26tmod%3D1610003442%26uas%3D0%26nvt%3D1%26fc%3D1408%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D8%26uci%3Da!8%26btvi%3D5%26fsb%3D1%26dtd%3D9&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fugeen.live&random=8812204725401&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:56:37 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 63BF 43 B
360 B 204ms
20ms Image
image/gif 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=52379300067847604444994012576003&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0111a6e316&subid=&uid=7021ec7cb122f02d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCw6GplCKtZZK4FPD77OsP3cmzqAKm5b2gab2TnKfJD_AuEAEg3-2WjgFglYKAgKAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBOQBT9DPZS_n7HNjy4GX9U5Gn718s2R5TMxQOGg3rD4_TN7yD4gBG5kvpIoVAfOB4waVgGLyLb8EifcTzJsJIf2TdR98c84WFj5iHafNEgJu7uTgAOTpApjcZkPXvUMG7yK5N-rD_o34E4O1vk-1TZBcN12UiujPp1JT0BPpJYjzykzROY89KfSv0LdOeHvx6gOfD7ebFWsVrYr2TjkB4id4v47fEqMQdib2b-rx1q7DhSXlIG9WAw6L0QIxkWoDsn5aRxfiBlZruwR_NjoFd_Q3tOq-RU1SDdwj_hODEI2i_N7l3rVYwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIbhhqfR7oMDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_of3BIFI_D_Qhau0-8xBxfB0jZQRks0-9Mdp9SVnYE3is61a4s59jeGHRyrYtAK7G6-EfJu9uTBgB%26sig%3DAOD64_0Njv_Ydp369ZBTOnZbH1KXLbKT6Q%26client%3Dca-pub-3252277975094311%26dbm_c%3DAKAmf-AoV4tyzfPJeaSkVYTXtoDf9HQJsR7pb8A3C9xWlmfmQrnmcTnXeWyEQqPIelxmzo5y4i1hW7-WNSobi0vqRYVSAaatUCEq2wQ62QXs1FcBWS0BloxOutaF18IRMnvNq315VoaAlEwuZmCnovautgA-NgGMAs0fePQRk_yoO-3_VfqRx7c%26cry%3D1%26dbm_d%3DAKAmf-Ato433Idr8TGGajRIp8xqRXzHtH6qwUp1ILcUGCsDpAR0jZP-E_pjonxiHItwQmu3KMC--cbJxakG3AXeg-JV_-i4_Pn1AiRoCH_DNVFYgh7yr5v1lv5mJpVQfuXNYamn_tUHY2Re_Tu5PvkT8PKBMDa9QaKrfDrazZYNIqLSF5JlwXacnLSumodluPwOTWF5KYqCpHAUbawxSIEYWtHYGn-f_MJTwloxNauOKHX1npE16ivPbEAN1nzb-o9v1tvFODX-WFrJCeFVBQWXX-MAQFzlHYyyuEnXawUz5S6n_e6EV2APCz_Ijqyxe7yd7-NLZfl0PqolOH-qpfRUP1ciild1IQFSKsj6IPHV4s1-csVo11d_uXhFOovXpo6O3s9CbndzcrrYW0cfluvZddPe7UFJ1Awt_799K7ewEf6jLsr9jG140jUZqQKefARDhckLFBsTg35n5ctaieSEUF2e8XAzuWqovAnHo897OU8QitSz8E4YvHfdFsuPmg3aZ_ZiRf3e2hCYP3miiqWbn8LQMenpHY7K9T82YaXzSwGDU5ycMYBQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3252277975094311%26output%3Dhtml%26h%3D280%26adk%3D1285909816%26adf%3D1541082835%26w%3D540%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1694075615%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D5107688672%26ad_type%3Dtext_image%26format%3D540x280%26url%3Dhttp%253A%252F%252Fugeen.live%252F%26fwr%3D0%26pra%3D3%26rh%3D135%26rw%3D540%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D27%26dt%3D1705845396158%26bpp%3D1%26bdt%3D1018%26idt%3D0%26shv%3Dr20240118%26mjsv%3Dm202401170101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D8ad64b83023ba042%253AT%253D1705845395%253ART%253D1705845395%253AS%253DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA%26gpic%3DUID%253D00000d45b11ffab0%253AT%253D1705845395%253ART%253D1705845395%253AS%253DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw%26prev_fmts%3D0x0%252C1200x280%252C1200x280%252C1200x280%252C540x280%252C540x280%26nras%3D4%26correlator%3D1975614699967%26frm%3D20%26pv%3D1%26ga_vid%3D633736644.1705845395%26ga_sid%3D1705845396%26ga_hid%3D18600395%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D245%26ady%3D2683%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D95320239%252C44759875%252C44759926%252C31080443%252C44798934%252C44809004%252C31080557%252C42532361%252C95322329%252C95320868%252C95320888%252C95321626%252C95322165%26oid%3D2%26pvsid%3D2136157868204579%26tmod%3D1610003442%26uas%3D0%26nvt%3D1%26fc%3D1408%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D8%26uci%3Da!8%26btvi%3D5%26fsb%3D1%26dtd%3D9&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fugeen.live&random=8812204725401&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:56:37 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 63BF 43 B
702 B 296ms
110ms Image
image/gif 23.192.250.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=52379300067847604444994012576003&pv=1

Requested by

Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0111a6e316&subid=&uid=7021ec7cb122f02d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCw6GplCKtZZK4FPD77OsP3cmzqAKm5b2gab2TnKfJD_AuEAEg3-2WjgFglYKAgKAHyAEJqQKdimvoZUiyPqgDAcgDmwSqBOQBT9DPZS_n7HNjy4GX9U5Gn718s2R5TMxQOGg3rD4_TN7yD4gBG5kvpIoVAfOB4waVgGLyLb8EifcTzJsJIf2TdR98c84WFj5iHafNEgJu7uTgAOTpApjcZkPXvUMG7yK5N-rD_o34E4O1vk-1TZBcN12UiujPp1JT0BPpJYjzykzROY89KfSv0LdOeHvx6gOfD7ebFWsVrYr2TjkB4id4v47fEqMQdib2b-rx1q7DhSXlIG9WAw6L0QIxkWoDsn5aRxfiBlZruwR_NjoFd_Q3tOq-RU1SDdwj_hODEI2i_N7l3rVYwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIbhhqfR7oMDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_of3BIFI_D_Qhau0-8xBxfB0jZQRks0-9Mdp9SVnYE3is61a4s59jeGHRyrYtAK7G6-EfJu9uTBgB%26sig%3DAOD64_0Njv_Ydp369ZBTOnZbH1KXLbKT6Q%26client%3Dca-pub-3252277975094311%26dbm_c%3DAKAmf-AoV4tyzfPJeaSkVYTXtoDf9HQJsR7pb8A3C9xWlmfmQrnmcTnXeWyEQqPIelxmzo5y4i1hW7-WNSobi0vqRYVSAaatUCEq2wQ62QXs1FcBWS0BloxOutaF18IRMnvNq315VoaAlEwuZmCnovautgA-NgGMAs0fePQRk_yoO-3_VfqRx7c%26cry%3D1%26dbm_d%3DAKAmf-Ato433Idr8TGGajRIp8xqRXzHtH6qwUp1ILcUGCsDpAR0jZP-E_pjonxiHItwQmu3KMC--cbJxakG3AXeg-JV_-i4_Pn1AiRoCH_DNVFYgh7yr5v1lv5mJpVQfuXNYamn_tUHY2Re_Tu5PvkT8PKBMDa9QaKrfDrazZYNIqLSF5JlwXacnLSumodluPwOTWF5KYqCpHAUbawxSIEYWtHYGn-f_MJTwloxNauOKHX1npE16ivPbEAN1nzb-o9v1tvFODX-WFrJCeFVBQWXX-MAQFzlHYyyuEnXawUz5S6n_e6EV2APCz_Ijqyxe7yd7-NLZfl0PqolOH-qpfRUP1ciild1IQFSKsj6IPHV4s1-csVo11d_uXhFOovXpo6O3s9CbndzcrrYW0cfluvZddPe7UFJ1Awt_799K7ewEf6jLsr9jG140jUZqQKefARDhckLFBsTg35n5ctaieSEUF2e8XAzuWqovAnHo897OU8QitSz8E4YvHfdFsuPmg3aZ_ZiRf3e2hCYP3miiqWbn8LQMenpHY7K9T82YaXzSwGDU5ycMYBQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3252277975094311%26output%3Dhtml%26h%3D280%26adk%3D1285909816%26adf%3D1541082835%26w%3D540%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1694075615%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D5107688672%26ad_type%3Dtext_image%26format%3D540x280%26url%3Dhttp%253A%252F%252Fugeen.live%252F%26fwr%3D0%26pra%3D3%26rh%3D135%26rw%3D540%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D27%26dt%3D1705845396158%26bpp%3D1%26bdt%3D1018%26idt%3D0%26shv%3Dr20240118%26mjsv%3Dm202401170101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D8ad64b83023ba042%253AT%253D1705845395%253ART%253D1705845395%253AS%253DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA%26gpic%3DUID%253D00000d45b11ffab0%253AT%253D1705845395%253ART%253D1705845395%253AS%253DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw%26prev_fmts%3D0x0%252C1200x280%252C1200x280%252C1200x280%252C540x280%252C540x280%26nras%3D4%26correlator%3D1975614699967%26frm%3D20%26pv%3D1%26ga_vid%3D633736644.1705845395%26ga_sid%3D1705845396%26ga_hid%3D18600395%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D245%26ady%3D2683%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D95320239%252C44759875%252C44759926%252C31080443%252C44798934%252C44809004%252C31080557%252C42532361%252C95322329%252C95320868%252C95320888%252C95321626%252C95322165%26oid%3D2%26pvsid%3D2136157868204579%26tmod%3D1610003442%26uas%3D0%26nvt%3D1%26fc%3D1408%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D8%26uci%3Da!8%26btvi%3D5%26fsb%3D1%26dtd%3D9&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fugeen.live&random=8812204725401&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.192.250.178 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-250-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 13:56:37 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 97AB 179 KB
64 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3b64f3d2938d1b52d4f86e9aeca23ee0752e934566476b3d4830223b495cfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:56:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65242
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 21 Jan 2024 13:56:37 GMT

GET
H2

200

activityi;dc_pre=CKjF46fR7oMDFYVGHgIdg9IItA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3707813311086.461 Show response
8019191.fls.doubleclick.net/ Frame 545D
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3707813311086.461?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CKjF46fR7oMDFYVGHgIdg9IItA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3707813311086.461?

391 B
327 B

58ms
58ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CKjF46fR7oMDFYVGHgIdg9IItA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3707813311086.461?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

152fba4d1c0514f3e84fb9c9c5767490a5c48dd2693c1aa1951d908c3f3e4def

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 218
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 13:56:37 GMT
expires: Sun, 21 Jan 2024 13:56:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 13:56:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKjF46fR7oMDFYVGHgIdg9IItA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3707813311086.461?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90003.redintelligence.net/ Frame 2F7E 7 KB
2 KB 34ms
12ms Document
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request_content.php?s=52379300067847604444994012576003&a=31486f8f
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&h=280&adk=1285909816&adf=1541082835&w=540&fwrn=4&fwrnh=100&lmt=1694075615&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5107688672&ad_type=text_image&format=540x280&url=http%3A%2F%2Fugeen.live%2F&fwr=0&pra=3&rh=135&rw=540&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1705845396158&bpp=1&bdt=1018&idt=0&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ad64b83023ba042%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA&gpic=UID%3D00000d45b11ffab0%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C540x280%2C540x280&nras=4&correlator=1975614699967&frm=20&pv=1&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=2683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: b4b88d2381920ccc342ece3f854c062a12e215a35ae3dd2c89cf0702c7eb7e37

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2100
Content-Type: text/html; charset=utf-8
Date: Sun, 21 Jan 2024 13:56:37 GMT
Expires: Sun, 21 Jan 2024 13:56:37 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AB96 1 KB
643 B 14ms
13ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Sun, 21 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 63BF 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19e21095e705d657f7d72ee85a4e25ea3a5062ce54fbc9a0e56e1b5a1d67d724

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame AB96 35 B
463 B 27ms
9ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEP4p9gHGazAyjcLNbRHVU_E&google_cver=1&google_push=AXcoOmQ-AC4HmGXg8lPZp17v9hHE2IUbPSgOVdejDOBJ09BxYm43GZcbH5v6BYFtMnPwWSPGjJNdUKZjA2oTV-lOrY_icSYiG16pYRA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame AB96 0
104 B 209ms
65ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOpZr3SGEvNhlv-mlAbltgM&google_cver=1&google_push=AXcoOmT4NTpScoPreib23DxLPc9pxjV5QtgEE0r4dTLCaEFgFL6M2Kl-yG4LQekDWSghWxojzD_1qaFeIbyA9MPJvRP3TAVD0XfYW3VO
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&h=280&adk=1285909816&adf=1541082835&w=540&fwrn=4&fwrnh=100&lmt=1694075615&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5107688672&ad_type=text_image&format=540x280&url=http%3A%2F%2Fugeen.live%2F&fwr=0&pra=3&rh=135&rw=540&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1705845396158&bpp=1&bdt=1018&idt=0&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ad64b83023ba042%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA&gpic=UID%3D00000d45b11ffab0%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C540x280%2C540x280&nras=4&correlator=1975614699967&frm=20&pv=1&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=2683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:37 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame AB96
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHHV0Kck8oTbWipNdGuYu-w&google_cver=1&google_push=AXcoOmQP9XXKolvIe_b8gIqqe_J011bvUI0FRK-KSilK3ia6_WzoHB9bCecXOgJMC1-Gj_vizAZ0Lq85AkQKXHRAJkLEbBs0OTnzl...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHHV0Kck8oTbWipNdGuYu-w&google_cver=1&google_push=AXcoOmQP9XXKolvIe_b8gIqqe_J011bvUI0FRK-KSilK3ia6_WzoHB9bCecXOgJMC1-Gj_vizAZ0Lq85AkQKXHRAJkLEbBs0OTn...

43 B
416 B

169ms
159ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHHV0Kck8oTbWipNdGuYu-w&google_cver=1&google_push=AXcoOmQP9XXKolvIe_b8gIqqe_J011bvUI0FRK-KSilK3ia6_WzoHB9bCecXOgJMC1-Gj_vizAZ0Lq85AkQKXHRAJkLEbBs0OTnzlff8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQP9XXKolvIe_b8gIqqe_J011bvUI0FRK-KSilK3ia6_WzoHB9bCecXOgJMC1-Gj_vizAZ0Lq85AkQKXHRAJkLEbBs0OTnzlff8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&h=280&adk=1285909816&adf=1541082835&w=540&fwrn=4&fwrnh=100&lmt=1694075615&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5107688672&ad_type=text_image&format=540x280&url=http%3A%2F%2Fugeen.live%2F&fwr=0&pra=3&rh=135&rw=540&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1705845396158&bpp=1&bdt=1018&idt=0&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ad64b83023ba042%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA&gpic=UID%3D00000d45b11ffab0%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C540x280%2C540x280&nras=4&correlator=1975614699967&frm=20&pv=1&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=2683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=9
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:37 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 84900fc888bf5b26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:37 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 783
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHHV0Kck8oTbWipNdGuYu-w&google_cver=1&google_push=AXcoOmQP9XXKolvIe_b8gIqqe_J011bvUI0FRK-KSilK3ia6_WzoHB9bCecXOgJMC1-Gj_vizAZ0Lq85AkQKXHRAJkLEbBs0OTnzlff8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQP9XXKolvIe_b8gIqqe_J011bvUI0FRK-KSilK3ia6_WzoHB9bCecXOgJMC1-Gj_vizAZ0Lq85AkQKXHRAJkLEbBs0OTnzlff8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 84900fc76fff5b26-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame AB96 0
98 B 59ms
20ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmRwttpLAEILtLLcGQPMunm0cLvZaMU_89LF5CKjnO7lWTI-0EftZW9zr_TgPiO9nEB9FqcacXlC0FyJIipDHArQtR7vnFQz5O99&google_gid=CAESEEi5A7TT6RQVTZhs2ZidrbQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&h=280&adk=1285909816&adf=1541082835&w=540&fwrn=4&fwrnh=100&lmt=1694075615&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5107688672&ad_type=text_image&format=540x280&url=http%3A%2F%2Fugeen.live%2F&fwr=0&pra=3&rh=135&rw=540&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1705845396158&bpp=1&bdt=1018&idt=0&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ad64b83023ba042%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA&gpic=UID%3D00000d45b11ffab0%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C540x280%2C540x280&nras=4&correlator=1975614699967&frm=20&pv=1&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=2683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:56:37 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB96
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEI40B3n2bL7hUeGAgVqEuc&google_cver=1&google_push=AXcoOmSQIBEgw2tqd7uyXpcQkDZSpY2ElzBSNjXMLwdBLP_nZ5LJDICqlKMqOO5_lAaJ38SGFWkB1j3y0ctReFkk3nS9mV3...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSQIBEgw2tqd7uyXpcQkDZSpY2ElzBSNjXMLwdBLP_nZ5LJDICqlKMqOO5_lAaJ38SGFWkB1j3y0ctReFkk3nS9mV3TeT0FWMoX&google_hm=eS1rQkxaTFRKRTJwSF...

170 B
188 B

24ms
23ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSQIBEgw2tqd7uyXpcQkDZSpY2ElzBSNjXMLwdBLP_nZ5LJDICqlKMqOO5_lAaJ38SGFWkB1j3y0ctReFkk3nS9mV3TeT0FWMoX&google_hm=eS1rQkxaTFRKRTJwSFByQzhiUkVXZmZVTTRsVi5UeG9MbH5B

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 13:56:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSQIBEgw2tqd7uyXpcQkDZSpY2ElzBSNjXMLwdBLP_nZ5LJDICqlKMqOO5_lAaJ38SGFWkB1j3y0ctReFkk3nS9mV3TeT0FWMoX&google_hm=eS1rQkxaTFRKRTJwSFByQzhiUkVXZmZVTTRsVi5UeG9MbH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB96
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECJkYc5LpnSFro6b-JmE_0g&google_cver=1&google_push=AXcoOmQ1Ci2KDvIHLAU8BpzqH57QqXDTlle-edbRvBNLsrLUV19svOqDngdJzpCGFTsQG1AqBP05iE_L...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECJkYc5LpnSFro6b-JmE_0g&google_cver=1&google_push=AXcoOmQ1Ci2KDvIHLAU8BpzqH57QqXDTlle-edbRvBNLsrLUV19svOqDngdJzpCGFTsQG1AqBP0...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDEwODkyNzQzNTE5MTY0OTc2MQ&google_push=AXcoOmQ1Ci2KDvIHLAU8BpzqH57QqXDTlle-edbRvBNLsrLUV19svOqDngdJzpCGFTsQG1AqBP05iE...

170 B
188 B

23ms
23ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDEwODkyNzQzNTE5MTY0OTc2MQ&google_push=AXcoOmQ1Ci2KDvIHLAU8BpzqH57QqXDTlle-edbRvBNLsrLUV19svOqDngdJzpCGFTsQG1AqBP05iE_LorbguYLTWS8FFAUzNXc_tlLZ

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDEwODkyNzQzNTE5MTY0OTc2MQ&google_push=AXcoOmQ1Ci2KDvIHLAU8BpzqH57QqXDTlle-edbRvBNLsrLUV19svOqDngdJzpCGFTsQG1AqBP05iE_LorbguYLTWS8FFAUzNXc_tlLZ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame AB96 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame AB96 0
59 B 21ms
21ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LqbuEPnEkl-FTSsFpylGdBnLHWUN6CGVOLQMewNpglx7xlGsb5vN0hK9cBrUGosFCZyrGTgA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:56:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 97AB 276 KB
91 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e79750ec54d923a5c10f3452f7249436ff77d86944273ae1fbb81289861a1fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:56:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93263
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 21 Jan 2024 13:56:37 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2F7E 5 KB
682 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=52379300067847604444994012576003&a=31486f8f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jan 2024 13:56:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 13:40:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Jan 2024 13:56:37 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 2F7E 16 KB
16 KB 34ms
12ms Image
image/png 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=52379300067847604444994012576003&a=31486f8f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 5ad2a803cde8bfb91783b7b00859d6d42a97de0a24266d5457370d719fdb26cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16513
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 2F7E 17 KB
17 KB 37ms
14ms Image
image/png 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=52379300067847604444994012576003&a=31486f8f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 3fbec2b3fa313088029709275bb1cd5a5e2df6b702c7676d9428ac18cee8667e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16982
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 2F7E 11 KB
11 KB 35ms
13ms Image
image/png 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=52379300067847604444994012576003&a=31486f8f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: f31b96189c83a91610a139a8212a65fbcd9bacfc10ec6cb0b3b45d9b84a1423a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10942
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 63BF 54 KB
19 KB 85ms
24ms Script
application/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=52379300067847604444994012576003&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-127.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:23:26 GMT
content-encoding: gzip
via: 1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2024 16:01:13 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 30792
x-amz-server-side-encryption: AES256
etag: W/"1885e2f5560c2347761a6db4984ea717"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: k0_21vvHyCLLXeQBybQTwCKZnCGNiPUXnFSLXJ072KDZqNeSTEiu4A==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame 63BF 3 KB
3 KB 63ms
13ms Image
image/png 13.227.219.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1705845697&Signature=DWzOFmhggZ5RrWSbwLEFeoXa8iV42o7HLH7Vl3NFlZmZZG82QJokVK8peV44rJnyioEnW2tuUX8TFSJX7znLWz9fDOwt5MTgm3JjKYf0IeMZjus9kevFRQLRad0gxYZFsDAyWOZbGkkXvYBt-vKgWeWc0Q~ctZGMhKstfIkywZTkpjhcwnl~cjpJTWdWbxyasUa8RDWwx50Enp8~WcAsXM5LEEtfO2vvqzAo71P07WaTLf5pDrdMw-wV5fG1FJhgbAUKRtR6WCG7Kjr-dmpItyq4WNjqu4zhp7ciP1D66PZTQba5t4ZEkCW41eXRzgaJd-syrEsNTjdi4VDlPW1m0A__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252277975094311&output=html&h=280&adk=1285909816&adf=1541082835&w=540&fwrn=4&fwrnh=100&lmt=1694075615&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5107688672&ad_type=text_image&format=540x280&url=http%3A%2F%2Fugeen.live%2F&fwr=0&pra=3&rh=135&rw=540&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1705845396158&bpp=1&bdt=1018&idt=0&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8ad64b83023ba042%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA&gpic=UID%3D00000d45b11ffab0%3AT%3D1705845395%3ART%3D1705845395%3AS%3DALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C540x280%2C540x280&nras=4&correlator=1975614699967&frm=20&pv=1&ga_vid=633736644.1705845395&ga_sid=1705845396&ga_hid=18600395&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=2683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C44809004%2C31080557%2C42532361%2C95322329%2C95320868%2C95320888%2C95321626%2C95322165&oid=2&pvsid=2136157868204579&tmod=1610003442&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-46.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 21 Jan 2024 07:24:01 GMT
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: AMS54-C1
age: 23633
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: CrVbysYe7lZ5uxVcpikNYTj36ngbSmMc5ZU2C26wnDYvGOm_qI_3nQ==

GET
H/1.1 200
OK viewability Show response
hal90003.redintelligence.net/ Frame 2F7E 0
150 B 34ms
12ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/viewability?s=52379300067847604444994012576003&a=5e701b94&vb=m
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=52379300067847604444994012576003&a=31486f8f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/request_content.php?s=52379300067847604444994012576003&a=31486f8f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 13:56:37 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 2F7E 14 KB
15 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90003.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 08:36:49 GMT
x-content-type-options: nosniff
age: 364788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 08:36:49 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 2F7E 15 KB
15 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90003.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 00:04:46 GMT
x-content-type-options: nosniff
age: 136311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jan 2025 00:04:46 GMT

GET
H2 200 dc_pre=CKjF46fR7oMDFYVGHgIdg9IItA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3707813311086.461
adservice.google.com/ddm/fls/z/ Frame 545D 42 B
401 B 84ms
49ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKjF46fR7oMDFYVGHgIdg9IItA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3707813311086.461

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKjF46fR7oMDFYVGHgIdg9IItA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3707813311086.461?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 63BF 16 B
209 B 73ms
73ms Fetch
application/json 18.134.214.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.134.214.132 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-134-214-132.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 21 Jan 2024 13:56:38 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 80ms
20ms Preflight 18.134.214.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.134.214.132 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-134-214-132.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 21 Jan 2024 13:56:38 GMT
server: nginx

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 63BF 0
20 B 160ms
160ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=45848010310&version=m202309260101&ct=77&x=1&cor=9220466314434337000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 13:56:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJtmwKRRhg4mF74e0gzifDU&google_cver=1&google_push=AXcoOmT23VOhWo6zeAF5brFEM9y4vn_4hnvw7bg0vZbhS-l-YLcUP9lKtMl__CxQXUWikLxwAyjahCqiOP8mXVL-7MsHYNZdzyNQYX4wBg

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 22:09:57	Name: _GRECAPTCHA Value: 09APYnBZXXMLlOOmV-vZBWuARm5FkEvVUT4BUkUIdxb7WWXDzh-T6V0nOIQeTNBFRS9Gf_M3eiUCW-KuWOJeJTRKw
.ugeen.live/	1970-01-21 03:26:45	Name: _ga_WTYH60WJYL Value: GS1.1.1705845395.1.0.1705845395.0.0.0
.ugeen.live/	1970-01-21 03:26:45	Name: _ga Value: GA1.1.633736644.1705845395
.ugeen.live/	1970-01-21 03:12:21	Name: __gads Value: ID=8ad64b83023ba042:T=1705845395:RT=1705845395:S=ALNI_MbjE7tODwgaxL2rqCjYLpNbF1-RYA
.ugeen.live/	1970-01-21 03:12:21	Name: __gpi Value: UID=00000d45b11ffab0:T=1705845395:RT=1705845395:S=ALNI_Ma5nqRfPDw2ucvjwar4ehXvWupEfw
adtv.ae/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: 3ad52440fa510059c1467303ebb49a45
.doubleclick.net/	1970-01-20 17:50:48	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 03:12:21	Name: IDE Value: AHWqTUnuLIGs1ssi7VTRCmhtLimpW1x2_rVWp9T6DhO-avXpYGUaYrn8WfctV4ibaLo
.doubleclick.net/	1970-01-20 22:09:57	Name: APC Value: AfxxVi6luwIMZp2PH8A3FyYwWJD4cHIsml2yjYbTLJjzG4vo_YPFZA
.adnxs.com/	1970-01-20 20:00:21	Name: uuid2 Value: 4588401875316716728
.casalemedia.com/	1970-01-21 02:36:21	Name: CMID Value: Za0ilfe03t4IaX4B9fZ4sAAA
.casalemedia.com/	1970-01-20 20:00:21	Name: CMPS Value: 3233
.casalemedia.com/	1970-01-20 20:00:21	Name: CMPRO Value: 3233
.adnxs.com/	1970-01-21 03:26:45	Name: XANDR_PANID Value: HYaCbfjNll65gc7ZPz16JG0NsiDOxttdYydlWZSQCb25rKmdVXZ9eQx68_rwnNHTo_aWJ2TM--uIZgYLsSuhp4MbzBgqJT2xBVLg7DffDtM.
.adnxs.com/	1970-01-20 20:00:21	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GUgqkFbB!@wnfH8K6pQK`!5=E<L5?%K1CO?3`w@367UtIjb3@yfxkK7?MNj?2Wo$gbpRzqF1`b_z/1N=
.redintelligence.net/	1970-01-20 20:00:21	Name: 8lcfmzhxc8d6_uid Value: 32b384643156382c
.doubleclick.net/	1970-01-20 18:33:57	Name: ar_debug Value: 1
.office-partner.de/	1970-01-21 03:26:45	Name: source Value: {"webgains_webgains":{"timestamp":1705845397653,"clickCookie":false}}
.quantserve.com/	1970-01-20 20:00:21	Name: d Value: EEgBCQH6KoEA
.quantserve.com/	1970-01-21 03:20:59	Name: mc Value: 65ad2295-a0f4b-c1780-c13c4
.awin1.com/	1970-01-20 18:00:50	Name: awpv11601 Value: 113440\|1705845397\|e534fec0-b864-11ee-94b4-2233c304522e
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
.adform.net/	1970-01-20 18:35:23	Name: C Value: 1
.adform.net/	1970-01-20 19:17:09	Name: uid Value: 4108927435191649761
.yahoo.com/	1970-01-21 02:36:42	Name: A3 Value: d=AQABBJUirWUCEHIxTHcda0ABlc7YZfPs5fQFEgEBAQF0rmW3ZQAAAAAA_eMAAA&S=AQAAAqeH33-HRZupQqcv3LM_WOM
.tribalfusion.com/	1970-01-20 20:00:21	Name: ANON_ID Value: aTntuJNj6WlCyhURB1xU5KJ4QdZbrQ5V0y4oqnY16YdQsje7dMN0WUg2StVt7KlZaQQsvYE5iAsq1bxvyGgAeO1odw

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://upload.wikimedia.org/wikipedia/ar/archive/4/41/20170615235609%21Art_logo.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://upload.wikimedia.org/wikipedia/ar/archive/4/41/20170615235609%21Art_logo.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: http://ugeen.live/assets/images/bg/pricing-bg.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmRwttpLAEILtLLcGQPMunm0cLvZaMU_89LF5CKjnO7lWTI-0EftZW9zr_TgPiO9nEB9FqcacXlC0FyJIipDHArQtR7vnFQz5O99&google_gid=CAESEEi5A7TT6RQVTZhs2ZidrbQ&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
a.tribalfusion.com
ad.doubleclick.net
adservice.google.com
adtv.ae
adv.office-partner.de
analytics.webgains.io
api.webgains.io
c1.adform.net
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hal9000.redintelligence.net
hal90003.redintelligence.net
i0.wp.com
ib.adnxs.com
id.rlcdn.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
pv.medialead.de
region1.google-analytics.com
s.tribalfusion.com
tpc.googlesyndication.com
track.webgains.com
ugeen.live
upload.wikimedia.org
www.adsports.ae
www.awin1.com
www.citypng.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
104.18.36.155
13.227.219.46
138.201.63.117
138.201.63.157
142.250.184.198
142.250.185.226
142.250.74.198
176.123.9.60
18.134.214.132
192.0.77.2
20.233.72.28
2001:4860:4802:32::36
23.192.250.178
2606:4700:3030::6815:4947
2606:4700::6811:180e
2606:4700::6812:18ad
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2008
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:831::2003
2a02:ec80:300:ed1a::2:b
2a02:fa8:8806:16::1400
2a05:d018:d29:3602:cc6c:4f79:2b51:3805
2a0b:4d07:101::1
3.10.64.81
35.244.174.68
37.157.2.230
37.252.171.149
65.9.95.127
69.48.143.108
91.121.248.44
00241262004f96088a827ad4c5d423dbbc0648224e1cd990e5e5ff8e912157c9
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
019cf25316500c4466b5a357c6c879e3f5ba83a8a62ceddd0e34f2e75b625134
05a444cd89bba5d454bacb98f52f5fc35c34b82e2448b1c4ccfc6d3e34ee0673
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b8daff741137511f401f48520c7d8dbca91de8748e49825cf62b8a7546387b3
0e79750ec54d923a5c10f3452f7249436ff77d86944273ae1fbb81289861a1fe
140c15e6eaba2ebe52b7eb934cf8c8ac1e16dd7cf31b2d5e62c759413cd6f643
152fba4d1c0514f3e84fb9c9c5767490a5c48dd2693c1aa1951d908c3f3e4def
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19e21095e705d657f7d72ee85a4e25ea3a5062ce54fbc9a0e56e1b5a1d67d724
1e62d95f371db868a51e0dcd9278ee1fbb45a8d8641506714ec94cc00aded79e
1f56c2984babee36c5008ae3290384e27a63931814265ffe8ddda6a2fc38b41e
204a2c4c04ad793783c6c379ba741e98235b5212fc4f6ffc3867e450ed6760da
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2521d4619bb73fff66d42c8778a4f1ea1707068032bafba301bcff0fbbca071c
29ab5ad3b743d5f7f3d87a618f471df31500f5c9e56c98bc0aba135d14c4c038
2a45857925117a45c6c9c769ad50be518e840fe645e659762423221e1244d919
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e6e751a7f3abb6b25f00261b68d1bad58e6fff3bf4769f6349a0c8b06a1283e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
360c6224944e07de555ad2b67e086f4142119400b673053bb40eba9c8a79c295
367e5acd6ffe0f54a12dde449456be921b80b8aab4b4e5f1678bed2dc9e83c11
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39099c7e5f88d09d086700b420924613d5b819a4b63cc8ff46bc65237a1ae2f1
3a4299e961ed4df56f6274443fa303881de665d9a0229ba67650eed09afa5b1f
3d994dd136355a1a2546daff0c2467c612931ed58079beb066201724623b137f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fbec2b3fa313088029709275bb1cd5a5e2df6b702c7676d9428ac18cee8667e
40a77c47a61e17d7c8edd41de89eb651387c290281eaff781601d75d0fdf8fe2
4123500083a756c6cd68de36f9e8fda2df01b69033eb56b6821044fe53f6c7a2
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
46ee65be77595c5b32af7ffd8c589290b510b16ba24668be8ab46b1376b4b6ab
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ad2a803cde8bfb91783b7b00859d6d42a97de0a24266d5457370d719fdb26cd
5bac92308fc46c5e0d26a87335cf69d7f86ee2ce712f7643c44d5c34fb036944
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
664ed3246c8c80688d291e6d0c61d8fc4d464bb7e326937b690c1a93667841c6
683f7117f9c788fd13b921f2a56bdc68cb93a5456b53639a906366560ca2b22d
6963b1f4656ae6bfa71c4e7eddbe9842c2b46e5289bf1ec11a92929cff29da45
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6d74204c00466716c94ca07ff51add71edf633eed089ea62d1591ca437f9bd27
6f94fd8391db91b1941f101f717771dab63f430fc404b71ba82de57f7eb756b8
73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7
744e2b6895716b1bde2d3763c2d323575a9cf6ed98fb54bf5d971dad5d158497
772c85e2b8828dd7ca085528fa23a2b4892d89a62d6eca8af1d3273c92d8018b
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7c04cf712ee6dc3ebdebbc2fbee1aa27321d2cbcb72ed4fd120e3da30b9f9567
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
7f9eda8744e0639458885b5e181e5f7c9b63f696e179298d0927ea6c83a6cd7b
84af555e7a8ea4846c4a9d477067de84fc6729ff6dc457a8caa9ec88fd025121
889ded6d6d03e23bc0472125dc74f6f109ccd91046ffcf5799d8682bbcaa82d9
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8e141e0d3d2c6fdfb4371e5292e8c4687ef49f3f7c29d7099dcb0bac0fd72c2e
91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31
92221ac4ffacff934830a966f64e8371e0a337a368c6d9229cb95ef5378f825a
9709fa160be2cd3d56caed9ec695e543bad0b0202c511be0b7fd77e11befa945
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
97bc35d519ab4b3bed09a0608d83d14bb37e36aba28f28745b93eba0facc09e0
97e91ae0c86331b4e0627dae7538b497b8acca155c46dba9f247c963e1f6f615
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bdc2c8336ea5e487f881de0f6c5a08bb9fb030b026cbca1dcb9e7ee8ab292b2
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a278489b9861ef4bc6e5a0005666642e962d3c0954b6cdf791ebb199f2ea3756
a503e21847c2e2d2b10e3e9c38b4df1f53b0f65b892a81b7fdce87e7400947b1
a5bd7e9122f2a115c6f5e2cbce214c228138fcb8356011ff44db357297606264
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7
b081f7bf790678b56a2c0502651d6873cbabc09e78fe40655df15f918b1e369b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f1bc73d20b501f045d0e66bacc1f8d9b0a2026d1209506fe406882fbd5e6c6
b2b23019880036b8da69b195b82dc6eced23bf55e1dcab7b748737fcfd046dfd
b2e0227c591f03474b5e6041be14eb902e734b44be79921b2ba159c9cd5e33c4
b4b88d2381920ccc342ece3f854c062a12e215a35ae3dd2c89cf0702c7eb7e37
b50e01ea068a4c6d1159d69b8893dc89f5aba1f4048bcf79ab83ee9fae5cbca5
b5113c02b3cb920278a8c91204cdcb0357e6b8fa3c5c38cf60abe56869cae843
b5532b8738489a7dac0f1f83979ee1427fb9de01c01c513442ed750fb899682c
bb163f1fc3fe8e8e22bc4db5df679f3a2d5f9a8f69148f7df560c3c6ba927a1d
bce6310e0bb5103b74eaafe10e76c67217145d623474a0c2e12cdbfeb581fdeb
c3b64f3d2938d1b52d4f86e9aeca23ee0752e934566476b3d4830223b495cfd1
c8176c60f38da0ee859b28f53d4a537ebdd9be21be3804f5d520f24ad940d875
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cc7446fd8047950c9b180ec24094c4a71a20ea1edbc04b80c8ae60f6af7c1e19
cee7253a7bdd442858c69c3b3bc141caa51b79f59dc6d3be56c37a1a40877707
cfa85c4c1c1e432605b927f0ea284637413a0003c7d01ca3fefee251ba3ee3f9
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d7a348d48f2001d79aef197c051cd0dbedaf0adc472b0c5eacdb628ca6144790
de54bf9a6fd8abc31701dab33e46492149879232ab0e94b648533dedd3ad06f3
dfc856b99962f9a9132804896d8240b0f79188b916e605dbd5c7d69e436230a3
e15a25a0857bd5142840e49c9c3991fbe97f248ccb21692d8d7c6051406294c6
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f8009eb95731e0b8159bac60084539c2f2da8b90efc87e13e9b6da0225b2e7
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e917df2997dffb4b8da5b69204de7ce4c3b0b26ae74e204d57c362776dd8653f
eab1fcf2637c8b3e380ff8a62b643c50667f9c320f9aa4a86117e70565b89722
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f187dc8de7fe50f1f8825c3500b64080cc78ac39df7efd31a4b1bc562be9ca3d
f31b96189c83a91610a139a8212a65fbcd9bacfc10ec6cb0b3b45d9b84a1423a
f35be424a435340fa1b6bf36b2482ed2178092f777824f6b00f03cad010fd44f
f4bfde006b324199e07bb1f67ddbdeed1398be1e80d272f6a960b2374910071e
feeab639c58eb8feeddf4695d332e58c64fc33f2ecd5751f334743289655897e
ff0c56929b8924f5a0019f7bdcfbfdab89a0afde8d31dc714ea2d21f5c8b072f

ugeen.live Open in urlscan Pro 176.123.9.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

160 Requests

71 %HTTPS

50 %IPv6

31 Domains

40 Subdomains

36 IPs

11 Countries

3505 kBTransfer

7475 kBSize

26 Cookies

3 Outgoing links

Redirected requests

160 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ugeen.live Open in urlscan Pro
176.123.9.60 Public Scan

Screenshot
Live screenshot

Full Image

160
Requests

71 %
HTTPS

50 %
IPv6

31
Domains

40
Subdomains

36
IPs

11
Countries

3505 kB
Transfer

7475 kB
Size

26
Cookies

160 HTTP transactions
1 data transactions