www.pbh2.com Open in urlscan Pro
2606:4700:3031::ac43:9eb4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.pbh2.com/
Effective URL:
https://www.pbh2.com/
Submission: On November 06 via api (November 6th 2023, 9:09:55 pm UTC) from US — Scanned from DE

Summary HTTP 206 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 68 IPs in 8 countries across 49 domains to perform 206 HTTP transactions. The main IP is 2606:4700:3031::ac43:9eb4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.pbh2.com. The Cisco Umbrella rank of the primary domain is 699596.
TLS certificate: Issued by E1 on October 23rd 2023. Valid for: 3 months.

This is the only time www.pbh2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::6815:4946	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 16	2606:4700:303... 2606:4700:3031::ac43:9eb4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
5	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
8	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.237.83.209 34.237.83.209	14618 (AMAZON-AES) (AMAZON-AES)
3 7	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2600:9000:25e... 2600:9000:25e8:5a00:5:c4ab:c3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	3.74.50.207 3.74.50.207	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	3.162.38.75 3.162.38.75	16509 (AMAZON-02) (AMAZON-02)
2	18.244.35.29 18.244.35.29	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	68.71.249.118 68.71.249.118	46562 (PERFORMIVE) (PERFORMIVE)
1	18.155.129.5 18.155.129.5	16509 (AMAZON-02) (AMAZON-02)
1	23.57.19.78 23.57.19.78	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.239.18.78 18.239.18.78	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.254.54.88 34.254.54.88	16509 (AMAZON-02) (AMAZON-02)
1	18.155.129.7 18.155.129.7	16509 (AMAZON-02) (AMAZON-02)
2	52.222.174.81 52.222.174.81	16509 (AMAZON-02) (AMAZON-02)
3	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
2	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 8	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	69.166.1.34 69.166.1.34	27630 (AS-XFERNET) (AS-XFERNET)
1	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	8.2.110.161 8.2.110.161	46636 (NATCOWEB) (NATCOWEB)
1	145.40.97.67 145.40.97.67	54825 (PACKET) (PACKET)
2	2600:9000:255... 2600:9000:2551:2400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:2117:5c00:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
1	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
10 12	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
5	78.46.23.46 78.46.23.46	24940 (HETZNER-AS) (HETZNER-AS)
6	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	85.14.248.72 85.14.248.72	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1 5	138.201.63.116 138.201.63.116	24940 (HETZNER-AS) (HETZNER-AS)
3 4	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
3	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	49.12.16.151 49.12.16.151	24940 (HETZNER-AS) (HETZNER-AS)
1	3.124.138.165 3.124.138.165	16509 (AMAZON-02) (AMAZON-02)
4	23.205.93.33 23.205.93.33	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
206	68

1 2606:4700:3031::6815:4946 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.pbh2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3031::ac43:9eb4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.pbh2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.pbh2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

pbhmedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.237.83.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-83-209.compute-1.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.171.85 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25e8:5a00:5:c4ab:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

bid.underdog.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.74.50.207 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-50-207.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.38.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-38-75.cdg52.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.244.35.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-35-29.cdg52.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.71.249.118 (United States)

ASN46562 (PERFORMIVE, US)

udmserve.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.129.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-5.cdg52.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.57.19.78 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-19-78.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.18.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-78.ams58.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.54.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-54-88.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.129.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-7.cdg52.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.174.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-81.cdg50.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.36.155 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.34 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-west.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.110.161 (United States) 1 redirects

ASN46636 (NATCOWEB, US)

cm-x.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2551:2400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2117:5c00:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.226 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 78.46.23.46 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.23.46.78.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.72 (Neukirchen-Vluyn, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

tagm.tchibo.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.63.116 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de

hal90004.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 145.239.193.130 (France) 3 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.16.151 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-1.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.138.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-138-165.eu-central-1.compute.amazonaws.com

t23.intelliad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.205.93.33 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-93-33.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	324 KB
29	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439	282 KB
17	pbh2.com 2 redirects www.pbh2.com — Cisco Umbrella Rank: 699596 cdn.pbh2.com	397 KB
10	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 38186 hal90004.redintelligence.net — Cisco Umbrella Rank: 285160	203 KB
10	openx.net 1 redirects pbhmedia-d.openx.net — Cisco Umbrella Rank: 216100 oajs.openx.net — Cisco Umbrella Rank: 1656 google-bidout-d.openx.net — Cisco Umbrella Rank: 1665 us-u.openx.net — Cisco Umbrella Rank: 522 u.openx.net — Cisco Umbrella Rank: 659	2 KB
8	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	5 KB
7	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 246 secure.adnxs.com — Cisco Umbrella Rank: 495	6 KB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598 aax.amazon-adsystem.com — Cisco Umbrella Rank: 394	72 KB
6	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 513 pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 4691	3 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	269 KB
4	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1403	652 B
4	medialead.de 3 redirects pv.medialead.de — Cisco Umbrella Rank: 44040	3 KB
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 863 id5-sync.com — Cisco Umbrella Rank: 440	62 KB
4	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	24 KB
4	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3046 launchpad.privacymanager.io — Cisco Umbrella Rank: 2789 geo.privacymanager.io — Cisco Umbrella Rank: 1825	28 KB
4	udmserve.net udmserve.net — Cisco Umbrella Rank: 3524	4 KB
4	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502 image8.pubmatic.com — Cisco Umbrella Rank: 662	247 B
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 ajax.googleapis.com — Cisco Umbrella Rank: 364	36 KB
3	media01.eu pb.media01.eu — Cisco Umbrella Rank: 74479	965 B
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	294 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 2926	7 KB
3	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1245 pixel.quantserve.com — Cisco Umbrella Rank: 964	10 KB
3	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 572 eb2.3lift.com — Cisco Umbrella Rank: 417	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
3	gstatic.com fonts.gstatic.com	67 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1137	87 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 150278	6 KB
2	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1212	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	87 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	420 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	intelliad.de t23.intelliad.de — Cisco Umbrella Rank: 143572	557 B
1	futalis.de futalis.de — Cisco Umbrella Rank: 313699	401 B
1	tchibo.de tagm.tchibo.de — Cisco Umbrella Rank: 55703	1 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928	272 B
1	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4524	431 B
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1383	5 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 668	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1762	8 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491	3 KB
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 751	168 B
1	mgid.com 1 redirects cm-x.mgid.com — Cisco Umbrella Rank: 6847	561 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 931	401 B
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 327	125 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1155	17 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	81 KB
1	underdog.media bid.underdog.media — Cisco Umbrella Rank: 24235	166 KB
1	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 984	123 B
206	49

	Domain	Requested by
29	pagead2.googlesyndication.com	4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com www.pbh2.com www.googletagservices.com securepubads.g.doubleclick.net
19	tpc.googlesyndication.com	4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.pbh2.com securepubads.g.doubleclick.net
12	cm.g.doubleclick.net	10 redirects googleads.g.doubleclick.net
10	www.pbh2.com	2 redirects www.pbh2.com
7	cdn.pbh2.com	www.pbh2.com
6	googleads4.g.doubleclick.net	www.pbh2.com
6	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	2 redirects www.pbh2.com googleads.g.doubleclick.net
5	hal90004.redintelligence.net	1 redirects 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com hal90004.redintelligence.net
5	hal9000.redintelligence.net	4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com hal90004.redintelligence.net
5	googleads.g.doubleclick.net	4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com pagead2.googlesyndication.com
5	4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	fastlane.rubiconproject.com	ajax.googleapis.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
5	www.googletagservices.com	www.pbh2.com 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
4	sync.teads.tv	googleads.g.doubleclick.net
4	us-u.openx.net	googleads.g.doubleclick.net
4	pv.medialead.de	3 redirects hal90004.redintelligence.net
4	udmserve.net	bid.underdog.media www.pbh2.com
3	pb.media01.eu	hal90004.redintelligence.net 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
3	s0.2mdn.net	4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
3	c.amazon-adsystem.com	www.pbh2.com c.amazon-adsystem.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	www.pbh2.com hal90004.redintelligence.net
3	maxcdn.bootstrapcdn.com	www.pbh2.com maxcdn.bootstrapcdn.com
2	cdn.retailads.net	1 redirects futalis.de
2	oajs.openx.net	1 redirects www.pbh2.com
2	gum.criteo.com	1 redirects static.criteo.net
2	id5-sync.com	cdn.id5-sync.com
2	pixel.quantserve.com	www.pbh2.com
2	rules.quantcount.com	secure.quantserve.com
2	ssum-sec.casalemedia.com	2 redirects
2	image8.pubmatic.com	www.pbh2.com
2	geo.privacymanager.io	launchpad.privacymanager.io
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	cdn.id5-sync.com	www.pbh2.com securepubads.g.doubleclick.net
2	tags.crwdcntrl.net	www.pbh2.com securepubads.g.doubleclick.net
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	tlx.3lift.com	www.pbh2.com
2	pbhmedia-d.openx.net	www.pbh2.com
2	hbopenbid.pubmatic.com	www.pbh2.com
2	connect.facebook.net	www.pbh2.com connect.facebook.net
2	www.google-analytics.com	www.pbh2.com www.google-analytics.com
1	eb2.3lift.com
1	u.openx.net
1	match.adsrvr.org	www.pbh2.com
1	www.google.com	tpc.googlesyndication.com
1	t23.intelliad.de	hal90004.redintelligence.net
1	futalis.de	hal90004.redintelligence.net
1	tagm.tchibo.de	4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	mug.criteo.com	www.pbh2.com
1	esp.rtbhouse.com	invstatic101.creativecdn.com
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	prebid.a-mo.net	bid.underdog.media
1	cm-x.mgid.com	1 redirects
1	pixel-us-west.rubiconproject.com	www.pbh2.com
1	sync.go.sonobi.com	www.pbh2.com
1	ups.analytics.yahoo.com	www.pbh2.com
1	secure.adnxs.com	1 redirects
1	secure.quantserve.com	udmserve.net
1	launchpad.privacymanager.io	launchpad-wrapper.privacymanager.io
1	secure.cdn.fastclick.net	www.pbh2.com
1	launchpad-wrapper.privacymanager.io	www.pbh2.com
1	region1.google-analytics.com	www.googletagmanager.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	www.googletagmanager.com	www.google-analytics.com
1	bid.underdog.media	www.pbh2.com
1	btlr.sharethrough.com	www.pbh2.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ajax.googleapis.com	www.pbh2.com
206	76

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.pinterest.com
twitter.com
allthatsinteresting.com
bit.ly
about.pbh-network.com
jobs.pbh-network.com

Subject Issuer	Validity	Valid
pbh2.com E1	`2023-10-23` - `2024-01-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-16` - `2023-11-14`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.sharethrough.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-08-02` - `2024-08-13`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
underdog.media DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
udmserve.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
*.a-mo.net R3	`2023-10-06` - `2024-01-04`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-09-10` - `2023-12-09`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
tagm.tchibo.de GeoTrust TLS RSA CA G1	`2023-09-26` - `2024-09-25`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.media01.eu RapidSSL TLS RSA CA G1	`2023-05-16` - `2024-05-15`	a year	crt.sh
*.futalis.de R3	`2023-10-13` - `2024-01-11`	3 months	crt.sh
pv.medialead.de R3	`2023-10-12` - `2024-01-10`	3 months	crt.sh
*.intelliad.de Thawte TLS RSA CA G1	`2023-07-31` - `2024-08-30`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://www.pbh2.com/
Frame ID: 441DA2C4851F834E77901A0F22EEA401
Requests: 97 HTTP requests in this frame

Frame: https://www.pbh2.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/61b90d1d/main.js
Frame ID: 3B7B1E778EB520BD41FD54D0CB5D4644
Requests: 2 HTTP requests in this frame

Frame: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BF1F5B6BD5400E9757183C0CCA01BC55
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.pbh2.com
Frame ID: 1BFCCCDA26AC5217C05996269CFD5C54
Requests: 2 HTTP requests in this frame

Frame: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 392DFD5771502CBA64436C485094B465
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNW5ZftE_Cb93oeiN6mofQE7EdMj6-xLz1v6uWIcBvsaDWv3Zkz61bh1y8teUDQQMOR90NU88YeAz6hnETcxR91WGBJiHRLK8ro2mcoWEaNAK0-toggQfoUyQeG6v0xV9mFvkfM33Tl9yYq_LZ1neS7M4zk1pB74tpe17bYZ-B_j8vbTDAE
Frame ID: 3298F92E2C8B6EBF970B0947D59DDCA8
Requests: 5 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 13FBE71F09EF708151C1BC2DA2E9127D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A73A8B58562E136EB0B6D8DC6C51E1C7
Requests: 3 HTTP requests in this frame

Frame: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6D27A2764CAF91B79A8580A6A8D7C71E
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMWK-AIQ5fS9hwIYhJfO_AEwAQ&v=APEucNUUQv02ruVVFE4-TtA1E5syvKTyDD0kxt9f5mNNoa-pe00CfiR42t-PYR0cpCj0bY4SawKRWYrryGx84-H_pyKD2ugNuvOmYO5id3_IYr9e3yKu0uuPGyprhGrbkWd_B1E-p9yxOVYnUcbuXF0aQ8Ths06UGFXWMgjHxxg5pg1ztr_Albk
Frame ID: 735A7D89FD27EFA20BF8EB54DB9F3106
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 991BBA9FBE1229F5C5790ACAE27C1B83
Requests: 3 HTTP requests in this frame

Frame: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DF43C4AD0C96C332E08CA32B16534F18
Requests: 12 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=65230400169887204444990012500004&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: A3AC564B87C025980A1D44B8A68905F8
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3276808382
Frame ID: E9ED88E903B0B7FB13DD8F63F7766E51
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=6549561d22d4c960ab3c3602&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
Frame ID: 4DE29137BBCDC1B4EE7EFB78E1D2CA95
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNH5hYEEEJO5m6oFGPiolfkBMAE&v=APEucNWLutr3Ht8x1awgXT2AgduNEprNtCvhbCMs4CTP9VeaSv714_UKthNHfehjSiVdDmls1VyjFyXkGL7QljPv-mQ73g1RnoDwNfDKWo1SU_v2ZRIkxd8jyqXpq9I8zKnAGBZa-hl9VBC_-8YIS6zzB5ircd9ChBaFixUHP_WUlXeM4Z0gzwE
Frame ID: 7D67E5D405B615991F4DF1B62F267839
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D4132805CC5DBA3DA69B0541EEC5C68D
Requests: 3 HTTP requests in this frame

Frame: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E963B2682BCD4C70148709B241035ABC
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhid-Mr0ATAB&v=APEucNXrQbXCrYbxMj7kiTuzxyWciJpWP-6wruL2dwDVBz0ZeYoRLkVs4uEqKU2gtRrfJDfmg0FIPI-0nVEF_YfNuSJOUTqvEo-XRQYi3uXrJWvH3zkRUrZwxU9xYvXrwiM0KjkeWAkCKxJqmY-jYs8HjOqyYxWiRB0fx-2WfKCRAS5qu1bXE1I
Frame ID: 821533F42D462FBA6256DA63D1234720
Requests: 5 HTTP requests in this frame

Frame: https://hal90004.redintelligence.net/request_content.php?s=65230400169887204444990012500004&a=909e4aa8
Frame ID: CB262D0E6C1C759F39EE5EF18A6B79B6
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 87B5605DE5CBF7DC47B2AEC9E0ED626A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2BF3A91B48BC3D35061FA21FE68CFB46
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 883D7AD734135AA6EB5B34783C0941CA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GIF Collections, Epic Galleries & Viral Videos - PBH2

Page URL History Show full URLs

http://www.pbh2.com/ HTTP 301
https://www.pbh2.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

206
Requests

90 %
HTTPS

41 %
IPv6

49
Domains

76
Subdomains

68
IPs

8
Countries

2590 kB
Transfer

6317 kB
Size

46
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/pbh2dotcom

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pbhnetwork/

Search URL Search Domain Scan URL

URL: https://twitter.com/pbhnetwork

Search URL Search Domain Scan URL

URL: https://allthatsinteresting.com/signup/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.pbh2.com/entertainment/hottest-gal-gadot-pictures/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.pbh2.com/entertainment/hottest-gal-gadot-pictures/&text=42%20Of%20The%20Hottest%20Gal%20Gadot%20Pictures%20You%E2%80%99ll%20Find%20On%20The%20Internet&via=pbhnetwork

Search URL Search Domain Scan URL

URL: http://bit.ly/1rflTef

Search URL Search Domain Scan URL

URL: https://about.pbh-network.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://jobs.pbh-network.com/
Title: Jobs

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.pbh2.com/ HTTP 301
https://www.pbh2.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://www.pbh2.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.pbh2.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/61b90d1d/main.js

Request Chain 57

https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.7547713 HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;apnid=7938940150429392467;cb=0.7547713

Request Chain 59

https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.7547713%3Bindx%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.7547713%3Bindx%3D&s=199174&C=1 HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.7547713;indx=ZUlWHBdi9ekZJo7EaIUusgAABKUAAAIB

Request Chain 63

https://cm-x.mgid.com/4c7eda2d9428691cd8f54d15244a36a7.gif?ccpa=0&gdpr=0&redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bmgid%3D%5BUID%5D HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;mgid=c7a61b40-c236-4321-8552-62bb2bab8345

Request Chain 91

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.pbh2.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.pbh2.com%2F&rid=esp&cc=1

Request Chain 92

https://gum.criteo.com/sid/json?origin=publishertagids&domain=pbh2.com&sn=ChromeSyncframe&so=0&topUrl=www.pbh2.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=k1qmuXw4cW1UVkI1bVp5MUJ6TnhrTmxPUUtZZnVYL2ltazBTcUwvSGtuTVZtMW80aWZ1SEo3aUozWHc0QVNQQnlWbmxzLzZwYU4rem9JYytKdEVidkNSV0Q3SWZzdW9sZDk5andmWk9mSXBsSzZkbVhab0tLUTZUS25pQk40UTZVMmdXb2ZTUGZQcVh3Qy9rdEN0aU5PRkNaWFFibXliOUV6Y2pERVhsY3EwQ1k3NG5FZmxCUDFBZDYreDZJR1B0Z1dCWUc3WlRONHFvMkFYQ1JvUnFoTXFtdWIvNkxYanQrdnpZRTI0SFJmTGF1TGRBWncrTGZqeEtQQWhDaTA3VHc4ZDljUG1RV2VhUlBQcFJJVDhJREhWcnpwdz09fA&cppv=2

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdtigh03Kbixsb_njxJjIA&google_cver=1

Request Chain 104

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUlWHBdi9ekZJo7EaIUusgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdtigh03Kbixsb_njxJjIA&google_cver=1

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMF1no_3VAUbzwTzpGXlEvc&google_cver=1

Request Chain 106

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkzODk0MDE1MDQyOTM5MjQ2Nw%3D%3D

Request Chain 127

https://hal90004.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=91df451827&subid=&uid=009e294e93834cfc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTtOaHFZJZZOXENXVgQe656ToAablvaBplZOcp8kP8C4QASD_6OlpYJXikIKgB8gBCakC88WoHA4Dsj6oAwHIA5sEqgSQAk_QHAdIiPx3MP5Y7g2v6hjTzS7_QdF6YNo51ebW_OJG-RT8YhLnLNDqMR-15DFMBCSq6dcysqp3eKDSRNDNcV0WYBxm0YMmMt-wpKlglXcAeeX9YXZTVhEyUEvRx3vcc_aClTmtl7lm33dylzvN9VOa4woxfeJGh-_8r6xdERB17bExOHi0Z86aloNDKDYK2ZG7ctE6OJbuy0IMptgVki0wtapYLbJeeFylNY2e6vNqQkfadUSxl_B7_kHgpKUsYSb_m8XTEbQvsFUS0hLTXJoHWfSBsiGRCJXbtr8qtetXJ62NUOYZEYF-rOFhEJ-we_ZGFfcG1Xb1qbf2tYYZwoB-c9OpTADp2ohLBVJYXQxpwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXiDRMImpfCsaSwggMV1WrgCh26MwkdsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNn7edd5AapkCdwSCj9jUbVGL_oL2ILCioewvq5feCqTeUUlv30QJRhdSjGbARWcvmiSqB4zkwURDIO74JrJiFP-v2ExQ6s1OsWhgB%26sig%3DAOD64_3nD9aDKf1puw1gvMHLzjes8-HaKg%26client%3Dca-pub-6630993153956715%26dbm_c%3DAKAmf-B7yAKEQNevgymi7AuiHMKyLU04HXpGQdoHddS4bkj_HZNcNGj5KjgsnUH9qbHh0bIDKdrWBJ_eKcEmmNSBupEacRBQ0lYAS8NKypOaPb4XUqiCix6CL3xGL3uyzHcML1twA8PUGYnOgfRmBlzrzdNytkks_hFQOPbG-qyNMQYy-_90xn4%26cry%3D1%26dbm_d%3DAKAmf-Cjued28S-CFsDVrK7rxMlCmD7p4IiPVELDjKIycmzquhuNZ_AONL9tGrCbg9FKNvcphU1ZETGqhwFJGsA2359rX_Sh-san7NznCzXhFAQAEPZriZm7AUE3wTEecZxW46VkIF_CLM8gdHFFceoiNLdXHJkkFTqPteBfrtgx0AIejnOM_yJUXq64Q-vGbMJ0lhPnx-QmHgd-PINBghavnTEpR5XyatnWu34wDo1GKoU9xTjsGOFN4BWOHUNgiFypefYJjmJ7kmxgkkfucM_o7EVnOaKi4t7_k6cQGoXFpEkaDp08PsYrpnVQYLoRoQ1IIq-WPCfeYaKh2HWxZe5eBV5mGv-hYHdwy2k76BrVAV9JrSR545XwUdLIP5Mo5mgcLo7KumUkIYoPEluGrtZ9dnnGKNbqx63BzwNxd73Bljc1YIkHhPTvqkGkjuqlbGfNe8AZ6KQv0ymHI4N6Dtpk5HcdU3Q4JqPpSV_VStxsecWRJKy2HHUSEckZVN2Zsip-dsnXeeTQpx9_Ho8VKdVCeZLVBAk0khSaMQLWRTcthHiXE7dxQ4Q%26adurl%3D&documentReferer=https%3A%2F%2Fwww.pbh2.com%2F&ancestorOrigins=https%3A%2F%2Fwww.pbh2.com&random=56616351551&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90004.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=91df451827&subid=&uid=009e294e93834cfc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTtOaHFZJZZOXENXVgQe656ToAablvaBplZOcp8kP8C4QASD_6OlpYJXikIKgB8gBCakC88WoHA4Dsj6oAwHIA5sEqgSQAk_QHAdIiPx3MP5Y7g2v6hjTzS7_QdF6YNo51ebW_OJG-RT8YhLnLNDqMR-15DFMBCSq6dcysqp3eKDSRNDNcV0WYBxm0YMmMt-wpKlglXcAeeX9YXZTVhEyUEvRx3vcc_aClTmtl7lm33dylzvN9VOa4woxfeJGh-_8r6xdERB17bExOHi0Z86aloNDKDYK2ZG7ctE6OJbuy0IMptgVki0wtapYLbJeeFylNY2e6vNqQkfadUSxl_B7_kHgpKUsYSb_m8XTEbQvsFUS0hLTXJoHWfSBsiGRCJXbtr8qtetXJ62NUOYZEYF-rOFhEJ-we_ZGFfcG1Xb1qbf2tYYZwoB-c9OpTADp2ohLBVJYXQxpwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXiDRMImpfCsaSwggMV1WrgCh26MwkdsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNn7edd5AapkCdwSCj9jUbVGL_oL2ILCioewvq5feCqTeUUlv30QJRhdSjGbARWcvmiSqB4zkwURDIO74JrJiFP-v2ExQ6s1OsWhgB%26sig%3DAOD64_3nD9aDKf1puw1gvMHLzjes8-HaKg%26client%3Dca-pub-6630993153956715%26dbm_c%3DAKAmf-B7yAKEQNevgymi7AuiHMKyLU04HXpGQdoHddS4bkj_HZNcNGj5KjgsnUH9qbHh0bIDKdrWBJ_eKcEmmNSBupEacRBQ0lYAS8NKypOaPb4XUqiCix6CL3xGL3uyzHcML1twA8PUGYnOgfRmBlzrzdNytkks_hFQOPbG-qyNMQYy-_90xn4%26cry%3D1%26dbm_d%3DAKAmf-Cjued28S-CFsDVrK7rxMlCmD7p4IiPVELDjKIycmzquhuNZ_AONL9tGrCbg9FKNvcphU1ZETGqhwFJGsA2359rX_Sh-san7NznCzXhFAQAEPZriZm7AUE3wTEecZxW46VkIF_CLM8gdHFFceoiNLdXHJkkFTqPteBfrtgx0AIejnOM_yJUXq64Q-vGbMJ0lhPnx-QmHgd-PINBghavnTEpR5XyatnWu34wDo1GKoU9xTjsGOFN4BWOHUNgiFypefYJjmJ7kmxgkkfucM_o7EVnOaKi4t7_k6cQGoXFpEkaDp08PsYrpnVQYLoRoQ1IIq-WPCfeYaKh2HWxZe5eBV5mGv-hYHdwy2k76BrVAV9JrSR545XwUdLIP5Mo5mgcLo7KumUkIYoPEluGrtZ9dnnGKNbqx63BzwNxd73Bljc1YIkHhPTvqkGkjuqlbGfNe8AZ6KQv0ymHI4N6Dtpk5HcdU3Q4JqPpSV_VStxsecWRJKy2HHUSEckZVN2Zsip-dsnXeeTQpx9_Ho8VKdVCeZLVBAk0khSaMQLWRTcthHiXE7dxQ4Q%26adurl%3D&documentReferer=https%3A%2F%2Fwww.pbh2.com%2F&ancestorOrigins=https%3A%2F%2Fwww.pbh2.com&random=56616351551&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdtigh03Kbixsb_njxJjIA&google_cver=1

Request Chain 130

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUlWHBdi9ekZJo7EaIUusgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdtigh03Kbixsb_njxJjIA&google_cver=1

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMF1no_3VAUbzwTzpGXlEvc&google_cver=1

Request Chain 132

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkzODk0MDE1MDQyOTM5MjQ2Nw%3D%3D

Request Chain 137

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=65230400169887204444990012500004&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=65230400169887204444990012500004&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 138

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=65230400169887204444990012500004&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3276808382

Request Chain 139

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=65230400169887204444990012500004&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=6549561d22d4c960ab3c3602&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Request Chain 140

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=65230400169887204444990012500004&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=65230400169887204444990012500004&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 156

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAE4yR4GhEAeWaMGMT-JP0o&google_cver=1

Request Chain 158

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEMFn597RiHf0Xk8QUX1njZU&google_cver=1

Request Chain 175

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAE4yR4GhEAeWaMGMT-JP0o&google_cver=1

Request Chain 177

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEMFn597RiHf0Xk8QUX1njZU&google_cver=1

206 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.pbh2.com/
Redirect Chain

http://www.pbh2.com/
https://www.pbh2.com/

37 KB
12 KB

53ms
23ms

Document
text/html

2606:4700:3031::ac43:9eb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pbh2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9eb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.26
Resource Hash: 44ab264ff1b61cbdbd16d56cab424dec53428b3f376cb65315cbe2ccd7827536

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1106
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 822051c6d8e3198f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 06 Nov 2023 21:09:46 GMT
last-modified: Mon, 06 Nov 2023 20:07:54 GMT
link: <https://www.pbh2.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUl4SJL3qdaDKIxuJ42uSIYJ7aDrz0NweQoXCx2cRxRF348vNHpRH2GqED%2FjpLEfeu09bS2GYVKyaZmCXuSJoh%2FsJ9Zbok99JhVpuAVBTY8aY1H%2B9XnIE2KlneKXHV6Xe44CbFd5zzpeoSs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.4)
x-powered-by: PHP/7.4.26
x-prefix: /vhosts/ /vhosts/
x-varnish: 197665651 197467852

Redirect headers

CF-RAY: 822051c68c943626-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 06 Nov 2023 21:09:46 GMT
Expires: Mon, 06 Nov 2023 22:09:46 GMT
Location: https://www.pbh2.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FnnRd6vRP%2FkFP5dY77qyVSRqTSi%2B78UnLuq3DqN%2F%2BqUx6mxo0uVSz%2FmFubJBdM%2F6sYrv%2BpaccyMWfFco1aQ5d5k9oYY6FE3Iz55Thd3n%2BvK%2BBubj3sHwC1oEjGrpWEHa0AdDlKF6YJsWARM%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 /
www.pbh2.com/wordpress/wp-content/plugins/bwp-minify/min/ 140 KB
54 KB 132ms
128ms Stylesheet
text/css 2606:4700:3031::ac43:9eb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pbh2.com/wordpress/wp-content/plugins/bwp-minify/min/?f=wordpress/wp-content/plugins/gif-dog/gif-dog.css,wordpress/wp-content/themes/is-theme/popup_style.css,wordpress/wp-content/plugins/pbh-popup/pbh-slideout.css,wordpress/wp-content/plugins/psp-emu/psp-emu.css,wordpress/wp-content/themes/is-theme/css/styles.css,wordpress/wp-content/plugins/pbh-common/pbh-common.css&ver=1667228920
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9eb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.26
Resource Hash: b1885266a3064efde46d5a2ceaf6f0afeb9c742e37b8a7b965e6142664d35048

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:46 GMT
via: 1.1 varnish (Varnish/6.4)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=144648
x-powered-by: PHP/7.4.26
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 05 Jun 2018 01:03:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gT2tjrVokfWekkp2PbG39NKxdB9KJAozLxLmu%2BBM7exNBpUcWgWwXb6HK1lNZDWe6h%2F5KrLlS0H414jQTQgPhnuZmD7HCels7tlKDnl%2BXZ5gJzUVj1AfbYv40N6jd3veJoZBT0jgIc8X%2FJU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
x-varnish: 1056840541
cache-control: max-age=14400
x-prefix: /vhosts/, /vhosts/
cf-ray: 822051c70925198f-FRA

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/ 28 KB
7 KB 38ms
17ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css?ver=6.0.3

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a87d4a4d40583c35087e6af0246f7e54156def5837f14ef2551d89fb9c1330fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 601
age: 561811
cdn-cachedat: 08/20/2022 04:55:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"963f38577cc1586d78e83a4acdf39723"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 1f5a1a3ded545bf0596315c88dbfea79
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 822051c72c031cc1-FRA
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 43ms
18ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather+Sans%3A400%2C300italic%2C700%2C700italic%2C400italic%2C300%3Alatin&ver=6.0.3

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db8bfe4607c037a3bd45e916733a5dbfb57e96d8ed0520b41c164342be3a7a86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 21:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 21:09:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 21:09:46 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js?ver=6.0.3

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 14:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Nov 2024 14:53:33 GMT

GET
H2 200 / Show response
www.pbh2.com/wordpress/wp-content/plugins/bwp-minify/min/ 643 KB
149 KB 133ms
131ms Script
application/x-javascript 2606:4700:3031::ac43:9eb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pbh2.com/wordpress/wp-content/plugins/bwp-minify/min/?f=wordpress/wp-content/plugins/pbh-common/jquery.dotdotdot.min.js,wordpress/wp-content/plugins/pbh-common/js.cookie.min.js,wordpress/wp-content/plugins/pbh-common/pbh-header.js,wordpress/wp-content/plugins/pbh-common/pbh-pb.js,wordpress/wp-content/plugins/pbh-common/pbh-pau-bundle.js,wordpress/wp-content/plugins/gif-dog/gif-dog.js,wordpress/wp-content/plugins/pbh-popup/bpopup.js,wordpress/wp-content/plugins/pbh-popup/pbh-popup.js,wordpress/wp-content/plugins/pbh-popup/pbh-slideout.js,wordpress/wp-content/themes/is-theme/header-pbh2.js,wordpress/wp-content/plugins/psp-emu/jquery.touchSwipe.min.js,wordpress/wp-content/plugins/psp-emu/psp-emu.js&ver=1667228920
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9eb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.26
Resource Hash: 1ef113c86b2c6a2c187da0e026e898f56f4d70b044300c5bafa6e80bb1736e0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:46 GMT
via: 1.1 varnish (Varnish/6.4)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.26
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Jun 2023 14:48:08 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3xBGzr2c0qopaF1c8palj5DCzH2h5A%2FbFsbq5KKmo8K2ux4LlhdjKo4oQuEt5riWyCKPXLht6fCsDyHY%2BoHaUPg9t2ZixFlVjoOm8a1HnLzwGkS7E%2F4TenMGO7eVrpj49IaI%2BzCk1XDdHA%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 867913398 867668307
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=14400
x-prefix: /vhosts/, /vhosts/
cf-ray: 822051c70929198f-FRA

GET
H2 200 sideboob.jpg
cdn.pbh2.com/thumb/778.414.https://www.pbh2.com/wordpress/wp-content/uploads/2018/05/ 6 KB
6 KB 162ms
122ms Image
image/webp 2606:4700:3031::ac43:9eb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pbh2.com/thumb/778.414.https://www.pbh2.com/wordpress/wp-content/uploads/2018/05/sideboob.jpg
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9eb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4d3f3900ac7da212a1d9dfecafa5868edc91ab70ff135c9282d08d07071781dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:46 GMT
via: 1.1 varnish (Varnish/6.4)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 6254
server: cloudflare
etag: W/"186e-5lMR0wCVeSKs7XzdGB748Zn0g1E"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVw5dBowcvvn59cKh30OqhTrVncKgpDzVtT2tnP0HxS9T9kVv9bIE6l1EldCW45dOKNEI6nLCehC6WjWxmxgus6dN7TjmdVLvQ7tAKPwSfp8KkEgWEokbuzHMmcIVb9gtTvaGq9OoOhshLs%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 1059558639
content-type: image/webp
cache-control: max-age=2592000
x-prefix: /vhosts/, /vhosts/
accept-ranges: bytes
cf-ray: 822051c74970198f-FRA

GET
H2 200 kenny-white-tiger.jpg
cdn.pbh2.com/thumb/778.414.https://www.pbh2.com/wordpress/wp-content/uploads/2017/05/ 35 KB
36 KB 182ms
143ms Image
image/webp 2606:4700:3031::ac43:9eb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pbh2.com/thumb/778.414.https://www.pbh2.com/wordpress/wp-content/uploads/2017/05/kenny-white-tiger.jpg
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9eb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 492b52b5347de84770aec76871623e7f4bbd110a37eb30d4e54da59e67982c86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:46 GMT
via: 1.1 varnish (Varnish/6.4)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 36072
server: cloudflare
etag: W/"8ce8-bC7nHpnfjpM6JrO4/5vRRju8PEE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJNsVyWpDeZIN1WtIx0cQ78GkL2yfQO6G1ZefLFv9p8eXrxdcsA6b9eCHd4nH1Yqzkv8sWU2CSwRwYMbiFPATe4H8J5DGTtXBlloQnxLPjBU%2F3kZqSMPYY975tBE9nQZ44s4QK%2BhdqkuG6s%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 1056816715
content-type: image/webp
cache-control: max-age=2592000
x-prefix: /vhosts/, /vhosts/
accept-ranges: bytes
cf-ray: 822051c74974198f-FRA

GET
H3 200 what-are-you.png
cdn.pbh2.com/thumb/778.414.https://www.pbh2.com/wordpress/wp-content/uploads/2015/02/ 27 KB
27 KB 149ms
148ms Image
image/webp 2606:4700:3031::ac43:9eb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pbh2.com/thumb/778.414.https://www.pbh2.com/wordpress/wp-content/uploads/2015/02/what-are-you.png
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:9eb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 83c54c7d24b82e3bc2d8181f26c787ca986aac7baf87d9308e610ce662eae226

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:47 GMT
via: 1.1 varnish (Varnish/6.4)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 27444
server: cloudflare
etag: W/"6b34-Ft+IjPO+EpjnLghVkaLEo+BqDiQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAwI9UYhbmS9MCJKTg1sAewYvjU9%2Br%2F0JAUIXe5BPPYWMRKfIcmzYAkmiZlZxhvn0Ue2WzCHxi8iGnK3grz6udKRh82G3tbxs35PxshFKQ7PLJPHXKAmsD3TS%2FAX5rSskrydhA1fxa7SYu4%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 1059558642
content-type: image/webp
cache-control: max-age=2592000
x-prefix: /vhosts/, /vhosts/
accept-ranges: bytes
cf-ray: 822051c819f51c9f-FRA

GET
H3 200 hot-selena-gomez.jpg
cdn.pbh2.com/thumb/778.414.https://www.pbh2.com/wordpress/wp-content/uploads/2015/01/ 13 KB
13 KB 141ms
138ms Image
image/webp 2606:4700:3031::ac43:9eb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pbh2.com/thumb/778.414.https://www.pbh2.com/wordpress/wp-content/uploads/2015/01/hot-selena-gomez.jpg
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:9eb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 06e78d11ebc6abbd04d7542895e694ceeb63d2ec9e20a71bc393151d1d5a66a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:47 GMT
via: 1.1 varnish (Varnish/6.4)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 12866
server: cloudflare
etag: W/"3242-U4oZ5pS66G7LNdcoNV5D9AvhUuU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=No%2FgAxnrnlWAuIuyWOOVqlPDClEjQ%2Bo2uZahLjjuSalxAo5CMAdBxYE6zEicriSXJO0m4BnXSl%2BaZM1%2FDM3NUMFKYeyKU8CzPu%2FIk8GZsnOIAGBGXzUee5N3Zkrt4zaOrFgYqOXIy8l8zvA%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 1059109010
content-type: image/webp
cache-control: max-age=2592000
x-prefix: /vhosts/, /vhosts/
accept-ranges: bytes
cf-ray: 822051c84a491c9f-FRA

GET
H3 200 baby-elephants.jpg
cdn.pbh2.com/thumb/778.414.https://www.pbh2.com/wordpress/wp-content/uploads/2016/01/ 20 KB
21 KB 150ms
147ms Image
image/webp 2606:4700:3031::ac43:9eb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pbh2.com/thumb/778.414.https://www.pbh2.com/wordpress/wp-content/uploads/2016/01/baby-elephants.jpg
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:9eb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 417ede8e6672d7f08cb6f4a707ebb200d80795a0a275479f3a574add79aca043

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:47 GMT
via: 1.1 varnish (Varnish/6.4)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 20618
server: cloudflare
etag: W/"508a-ucOnIGDitnYQot5zmwAeVPAROtI"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoxLHLz1wdIcX2fZSy3LhlgzpyiWi7UxWlJyAJice1APROG2a9m0Ff62cyMbMPt2NZQOS1VKA76qtOk%2FHqVxHm4m1EwMU8EMsYlnjz4mmb75AqE2WvCJ3LCvYSmUf%2F7mhWRGR2bmrw59kSs%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 147733220
content-type: image/webp
cache-control: max-age=2592000
x-prefix: /vhosts/, /vhosts/
accept-ranges: bytes
cf-ray: 822051c84a4c1c9f-FRA

GET
H3 200 scariest-gifs.jpg
cdn.pbh2.com/thumb/778.414.https://www.pbh2.com/wordpress/wp-content/uploads/2013/06/ 11 KB
11 KB 140ms
138ms Image
image/webp 2606:4700:3031::ac43:9eb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pbh2.com/thumb/778.414.https://www.pbh2.com/wordpress/wp-content/uploads/2013/06/scariest-gifs.jpg
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:9eb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a73e6aea0af3e2f0b5c9e522d11b86444b93011702201a130b324f6594f3d286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:47 GMT
via: 1.1 varnish (Varnish/6.4)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 11148
server: cloudflare
etag: W/"2b8c-HiiAEnUM3ZTGzDKqjRT+ZQNgzzQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oS3aH%2BQ16qQim7LEu2kNskMMlw3E2LVwSv2xsLcLfFxTlTzW3zplTBu3hOglbxRu9ae5hdY%2FpkYJ4RhQ8sxutDZXoWIyExuJadmzXtlxlmKLMf2SJbTSJS%2FDJNOnsbIt1v5Oqf2N9aT%2FRf8%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 1058294105
content-type: image/webp
cache-control: max-age=2592000
x-prefix: /vhosts/, /vhosts/
accept-ranges: bytes
cf-ray: 822051c84a501c9f-FRA

GET
H3 200 megan-fox.jpg
cdn.pbh2.com/thumb/778.414.https://www.pbh2.com/wordpress/wp-content/uploads/2013/06/ 19 KB
20 KB 419ms
418ms Image
image/webp 2606:4700:3031::ac43:9eb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pbh2.com/thumb/778.414.https://www.pbh2.com/wordpress/wp-content/uploads/2013/06/megan-fox.jpg
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:9eb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b177eb23c3d965fa29f0163f9676ae5280c69ee45f52c86cf53949536d4a7655

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:47 GMT
via: 1.1 varnish (Varnish/6.4)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 19576
server: cloudflare
etag: W/"4c78-aOpq7Py//D/4I8Ty+9cDxyn6WPs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F700qy8L%2BC%2F4gVn%2BnDFob8W0I5QqMWkfJHi78NHpzk2BOtAi84UmEQ2JWLDPDyNODIaUK0bMKFY1OoAYGreffKWunVq%2Bzb%2Fk3XNoq2F3bTF%2BhXWO%2FlqSeQszPu2moSgXAUF98aMGIvstz0g%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 1056840552
content-type: image/webp
cache-control: max-age=2592000
x-prefix: /vhosts/, /vhosts/
accept-ranges: bytes
cf-ray: 822051c84a511c9f-FRA

GET
H3 200 / Show response
www.pbh2.com/wordpress/wp-content/plugins/bwp-minify/min/ 3 KB
2 KB 131ms
128ms Script
application/x-javascript 2606:4700:3031::ac43:9eb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pbh2.com/wordpress/wp-content/plugins/bwp-minify/min/?f=wordpress/wp-content/themes/is-theme/footer-scripts.js&ver=1667228920
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:9eb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.26
Resource Hash: 6578e96465fba5fbd13d8e90c20e26fa38f8d4573e401a7bca98ce3eb1250039

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:47 GMT
via: 1.1 varnish (Varnish/6.4)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.26
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 26 Jul 2018 21:26:00 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCXpoeqJt0FFa2tnpyP0d%2B2dM%2BMOH%2BqoO%2BMmGl4Vkp4cp4hKdKU2eA5cyvxfDuJ5sd4fzSes3vnFj9Mtu1tSZcFrnA%2BXhdXXVepmBdLI2TNxhiI4HTeH5iB94VGHwuZo%2BzuW1g9%2FfJ688f8%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 155185150 155691812
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=14400
x-prefix: /vhosts/, /vhosts/
cf-ray: 822051c84a4e1c9f-FRA

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/ 36 KB
10 KB 35ms
30ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js?ver=6.0.3

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 864
age: 18316
cdn-cachedat: 10/31/2023 19:01:52
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"4becdc9104623e891fbb9d38bba01be4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e1751ba46b84cf22bda91aa24d528b55
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 822051c84d451cc1-FRA
cdn-requestpullsuccess: True

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 100 KB
31 KB 108ms
69ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9256b482919df4e1b5831f6ee16b9eb345d92afcb820918cbcc4b2bfe8a50660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31450
x-xss-protection: 0
server: cafe
etag: 357 / 19667 / 31079420 / config-hash: 7747729459265822849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 21:09:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
630 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather+Sans:400,700

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/wordpress/wp-content/plugins/bwp-minify/min/?f=wordpress/wp-content/plugins/gif-dog/gif-dog.css,wordpress/wp-content/themes/is-theme/popup_style.css,wordpress/wp-content/plugins/pbh-popup/pbh-slideout.css,wordpress/wp-content/plugins/psp-emu/psp-emu.css,wordpress/wp-content/themes/is-theme/css/styles.css,wordpress/wp-content/plugins/pbh-common/pbh-common.css&ver=1667228920

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f51622efa1a89593c528c8e1f973f9c109395c4a8034f6d92d87f64ebc2c5718

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 21:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 21:05:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 21:09:46 GMT

GET
DATA 200
OK truncated
/ 165 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b31e36330f9e0450e345f9d9cbbd6363b5581870f0edfd72a0018e88040137a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 782 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cabe7e5353649dbc2fb00734d764dddb0219bc2975b44b4f650f74f3a87d142e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 quicksans.woff
www.pbh2.com/wordpress/wp-content/themes/is-theme/assets/fonts/ 19 KB
20 KB 121ms
117ms Font
font/woff 2606:4700:3031::ac43:9eb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pbh2.com/wordpress/wp-content/themes/is-theme/assets/fonts/quicksans.woff
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/wordpress/wp-content/plugins/bwp-minify/min/?f=wordpress/wp-content/plugins/gif-dog/gif-dog.css,wordpress/wp-content/themes/is-theme/popup_style.css,wordpress/wp-content/plugins/pbh-popup/pbh-slideout.css,wordpress/wp-content/plugins/psp-emu/psp-emu.css,wordpress/wp-content/themes/is-theme/css/styles.css,wordpress/wp-content/plugins/pbh-common/pbh-common.css&ver=1667228920
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:9eb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6aa558d2abf06c6b478c563cb5147692a64fe989ec2340f3c62264ba7732f8c

Request headers

Referer: https://www.pbh2.com/wordpress/wp-content/plugins/bwp-minify/min/?f=wordpress/wp-content/plugins/gif-dog/gif-dog.css,wordpress/wp-content/themes/is-theme/popup_style.css,wordpress/wp-content/plugins/pbh-popup/pbh-slideout.css,wordpress/wp-content/plugins/psp-emu/psp-emu.css,wordpress/wp-content/themes/is-theme/css/styles.css,wordpress/wp-content/plugins/pbh-common/pbh-common.css&ver=1667228920
Origin: https://www.pbh2.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:47 GMT
via: 1.1 varnish (Varnish/6.4)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 19576
last-modified: Mon, 02 May 2016 14:38:48 GMT
server: cloudflare
etag: "57276678-4c78"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXJL%2FdvHeOQuQedkfJSp3OoBuoHxqSuka0FKkW3paw8w6CAorpW9itG1Lg9QdjkjpzSTjtIBScN%2FhZe%2F9T48OGyKzScwio7jS1FwFX9je%2BuNG1iIwafYiv6%2BF5T6uO06uDM9wkH7DgppgGw%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 1056717236 1057650651
content-type: font/woff
cache-control: max-age=14400
x-prefix: /vhosts/, /vhosts/
accept-ranges: bytes
cf-ray: 822051c87aa01c9f-FRA

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.0/fonts/ 69 KB
70 KB 42ms
31ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/fonts/fontawesome-webfont.woff2?v=4.6.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css?ver=6.0.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1732796c9dfafddff16db9660e67a879d723f376b0160cccad730c6c414eed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css?ver=6.0.3
Origin: https://www.pbh2.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 674, 718, 718
age: 24067510
cdn-cachedat: 2021-06-08 11:14:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 70700
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9416270f01247111cad8043163258f75
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 822051c8889c18d3-FRA
cdn-requestpullsuccess: True

GET
H2 200 2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v26/ 37 KB
38 KB 57ms
19ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v26/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pbh2.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 04:30:50 GMT
x-content-type-options: nosniff
age: 405536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38268
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:13:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 04:30:50 GMT

GET
H3 200 proximanovacond-extrabld.woff2
www.pbh2.com/wordpress/wp-content/themes/is-theme/assets/fonts/ 21 KB
21 KB 121ms
119ms Font
font/woff2 2606:4700:3031::ac43:9eb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pbh2.com/wordpress/wp-content/themes/is-theme/assets/fonts/proximanovacond-extrabld.woff2
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/wordpress/wp-content/plugins/bwp-minify/min/?f=wordpress/wp-content/plugins/gif-dog/gif-dog.css,wordpress/wp-content/themes/is-theme/popup_style.css,wordpress/wp-content/plugins/pbh-popup/pbh-slideout.css,wordpress/wp-content/plugins/psp-emu/psp-emu.css,wordpress/wp-content/themes/is-theme/css/styles.css,wordpress/wp-content/plugins/pbh-common/pbh-common.css&ver=1667228920
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:9eb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6defe378acad8a898e4eb6068876bc3ded84c7da0c26129729db186490615cb

Request headers

Referer: https://www.pbh2.com/wordpress/wp-content/plugins/bwp-minify/min/?f=wordpress/wp-content/plugins/gif-dog/gif-dog.css,wordpress/wp-content/themes/is-theme/popup_style.css,wordpress/wp-content/plugins/pbh-popup/pbh-slideout.css,wordpress/wp-content/plugins/psp-emu/psp-emu.css,wordpress/wp-content/themes/is-theme/css/styles.css,wordpress/wp-content/plugins/pbh-common/pbh-common.css&ver=1667228920
Origin: https://www.pbh2.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:47 GMT
via: 1.1 varnish (Varnish/6.4)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 21080
last-modified: Mon, 02 May 2016 14:38:48 GMT
server: cloudflare
etag: "57276678-5258"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3W9K1Gp9Nd0TjX4mIB2B5BaD397rIjofR9383WPMj9zX9HeP5lTKuXCL4lB%2Bhdf%2FDqN33r1qAm%2BRnbBlzv2mymJ0BOmOMbE6Y1LYGDYxgZ9%2BBBUF9X%2BX9XfP4ihsSXmocq%2FD2%2BdYS6DF8Zg%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 1056717234 1059914950
content-type: font/woff2
cache-control: max-age=14400
x-prefix: /vhosts/, /vhosts/
accept-ranges: bytes
cf-ray: 822051c87aa21c9f-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/ 426 KB
134 KB 41ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:29:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20402
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136626
x-xss-protection: 0
server: cafe
etag: 12374074705736737879
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 05 Nov 2024 15:29:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 37ms
8ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/wordpress/wp-content/plugins/bwp-minify/min/?f=wordpress/wp-content/themes/is-theme/footer-scripts.js&ver=1667228920

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Nov 2023 19:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4805
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 06 Nov 2023 21:49:42 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 30ms
7ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a591a8af34ede76cb8c680dd625a27d20dad9c4d0c94f7adb9ddacb697d3642a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Nov 2023 21:09:47 GMT
content-md5: Pxqs87p5wHa0LT3uL8Y8Ig==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints
x-fb-debug: 0CZoqx3H8FRUxuUHjZNqWnmTs0CLCnovcoIxKofigU6nWac0Gh9c7agOYsscXtbAgyEu4CbxqibN8zPiGAASDg==
x-fb-content-md5: d3c8b5ba22a0d8c3584e3ac0fdd73dfa
cross-origin-opener-policy: same-origin-allow-popups
etag: "a1a9d4b978cb42a342abb9dc5063a7f4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Mon, 06 Nov 2023 21:23:29 GMT

GET
H3

200

main.js Show response
www.pbh2.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/61b90d1d/ Frame 3B7B
Redirect Chain

https://www.pbh2.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.pbh2.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/61b90d1d/main.js

7 KB
4 KB

14ms
14ms

Script
application/javascript

2606:4700:3031::ac43:9eb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pbh2.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/61b90d1d/main.js

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Server

2606:4700:3031::ac43:9eb4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c48c6e2c0b711069b5ff1103bf251a6cf86269a61bbb207ccff65f1f122f66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:47 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bx9ypig7BmJMkT17eGns5ULMC841zQyXODDYhdn7z28a3pm%2BvzggCBVj8QyvWU51Vox3NFCInQl73BiS0c%2BaVlDtK21c78u6WOK6M3c8oM3n%2Fy1%2FbD1IGThaPf4fY8S6iI9nAwQJvEHJjl8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 822051c98c1f1c9f-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 06 Nov 2023 21:09:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOI7QJ39D6lyw22H6QIWYafI3b2eKxWtUA1Sc1edDaxIzii9pQpvqpE0EX7wzol8aFZWjO8LWS8vA4GOaws2B8sUnyLdL3ijuLgkuB%2BymH4hqgc4KzhjPHRlksgHgp2zbnr%2F1Sk%2FvYum2nA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/61b90d1d/main.js
cache-control: max-age=300, public
cf-ray: 822051c95bd51c9f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 297 KB
85 KB 15ms
7ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=056d84d94650c100a326b5861590ab88

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8cedae6be4017c63e86021242d81c65cfb2ccd7526d8592958b9335cf5b415cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.pbh2.com/
Origin: https://www.pbh2.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Nov 2023 21:09:47 GMT
content-md5: 7VkEPpSqaQmAi+3qMhNSEg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86881
reporting-endpoints
x-fb-debug: ha0Na+Bbn/OmwHT0aHTWm8zoC2HPTjWGMqoC4cuJ3irXZSqOuxUS0kcStxkRtW30Y/InBL7+FYXOEcNjd93z7Q==
x-fb-content-md5: 112c9d6d84c60ad96c2a590ac02ff8c2
cross-origin-opener-policy: same-origin-allow-popups
etag: "a913117b4138f3b17ea43db00bd9bd2d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 05 Nov 2024 20:31:46 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
219 B 14ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1860488744&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pbh2.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=GIF%20Collections%2C%20Epic%20Galleries%20%26%20Viral%20Videos%20-%20PBH2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAgAABAAAAACAAIAB~&jid=478354572&gjid=823544339&cid=528727689.1699304987&tid=UA-1279303-6&_gid=1700283630.1699304987&_slc=1&z=1020322620

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

afd08aea9c2d2c2e5592d0c0ab3f23a9008f0240e966422e001fc267fb2e1f34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pbh2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pbh2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
344 B 51ms
16ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1279303-6&cid=528727689.1699304987&jid=478354572&gjid=823544339&_gid=1700283630.1699304987&_u=IGDAgAABAAAAAGAAIAB~&z=1721518485

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pbh2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 06 Nov 2023 21:09:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pbh2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
601 B 140ms
116ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10842&site_id=25232&rp_floor=0.01&tk_flint=pbjs.lite&zone_id=449930&size_id=15&alt_size_ids=10,54,9&p_pos=atf&p_screen_res=1600x1200&rand=0.8783074496158831&rf=https://www.pbh2.com/
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js?ver=6.0.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9dbcbffbbbfb753f5286863dd780c44144fe5edfa6123d9b61ebe1e7622ca3ec

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.pbh2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:47 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.pbh2.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 259 B
599 B 171ms
148ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10842&site_id=25232&rp_floor=0.01&tk_flint=pbjs.lite&zone_id=449932&size_id=15&alt_size_ids=10,54&p_pos=btf&p_screen_res=1600x1200&rand=0.8843864068034006&rf=https://www.pbh2.com/
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js?ver=6.0.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 37d6c5750c6536e41024249d7c4a647a1d0d069c3498e10aaec88cd3d1141ca3

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.pbh2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:47 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.pbh2.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 259
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 264 B
777 B 134ms
111ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10842&site_id=25232&rp_floor=0.01&tk_flint=pbjs.lite&zone_id=410802&size_id=15&alt_size_ids=2,55,57&p_pos=btf&p_screen_res=1600x1200&rand=0.8449753350281017&rf=https://www.pbh2.com/
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js?ver=6.0.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e47b2863da55087bd15b5544c0cdf3c5364bdb4b12680118542f57afa6f1a861

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.pbh2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:47 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.pbh2.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 264
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
601 B 172ms
149ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10842&site_id=25232&rp_floor=0.01&tk_flint=pbjs.lite&zone_id=410794&size_id=2&alt_size_ids=55,57&p_pos=atf&p_screen_res=1600x1200&rand=0.09230687356848222&rf=https://www.pbh2.com/
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js?ver=6.0.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 908e9db9839884c507dc48b18e4256522d403528cbab539424b1a9d5e3084310

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.pbh2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:47 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.pbh2.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 265 KB
65 KB 40ms
8ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/wordpress/wp-content/plugins/bwp-minify/min/?f=wordpress/wp-content/plugins/pbh-common/jquery.dotdotdot.min.js,wordpress/wp-content/plugins/pbh-common/js.cookie.min.js,wordpress/wp-content/plugins/pbh-common/pbh-header.js,wordpress/wp-content/plugins/pbh-common/pbh-pb.js,wordpress/wp-content/plugins/pbh-common/pbh-pau-bundle.js,wordpress/wp-content/plugins/gif-dog/gif-dog.js,wordpress/wp-content/plugins/pbh-popup/bpopup.js,wordpress/wp-content/plugins/pbh-popup/pbh-popup.js,wordpress/wp-content/plugins/pbh-popup/pbh-slideout.js,wordpress/wp-content/themes/is-theme/header-pbh2.js,wordpress/wp-content/plugins/psp-emu/jquery.touchSwipe.min.js,wordpress/wp-content/plugins/psp-emu/psp-emu.js&ver=1667228920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a15af42dcf8e6705a1ecea1dc8a864ce0c050b8c2dc5365d760f6f8b2477825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:41:39 GMT
content-encoding: gzip
via: 1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront), 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
last-modified: Wed, 01 Nov 2023 21:46:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 1689
x-amz-server-side-encryption: AES256
etag: W/"952090f32d44601808d121a61e707826"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: IfkmpeAmGhPjA2lChgWwrul2vWWzBmVsLkjxmxudAXZoL21HAAos9g==

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
111 B 100ms
21ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/wordpress/wp-content/plugins/bwp-minify/min/?f=wordpress/wp-content/plugins/pbh-common/jquery.dotdotdot.min.js,wordpress/wp-content/plugins/pbh-common/js.cookie.min.js,wordpress/wp-content/plugins/pbh-common/pbh-header.js,wordpress/wp-content/plugins/pbh-common/pbh-pb.js,wordpress/wp-content/plugins/pbh-common/pbh-pau-bundle.js,wordpress/wp-content/plugins/gif-dog/gif-dog.js,wordpress/wp-content/plugins/pbh-popup/bpopup.js,wordpress/wp-content/plugins/pbh-popup/pbh-popup.js,wordpress/wp-content/plugins/pbh-popup/pbh-slideout.js,wordpress/wp-content/themes/is-theme/header-pbh2.js,wordpress/wp-content/plugins/psp-emu/jquery.touchSwipe.min.js,wordpress/wp-content/plugins/psp-emu/psp-emu.js&ver=1667228920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pbh2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.pbh2.com
date: Mon, 06 Nov 2023 21:09:46 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
pbhmedia-d.openx.net/w/1.0/ 73 B
376 B 70ms
35ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pbhmedia-d.openx.net/w/1.0/arj?ju=https://www.pbh2.com/&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=c025d1f3-a6b3-4350-8d49-9bacee6dc8e9,648af47d-8aa8-4ae9-9d33-79da40aa5bb3,722cb8f8-e7b0-4e8c-a217-88618a38d808,f41760a6-a0f2-494a-aced-fce8684d4934&nocache=1699304987165&aus=300x250,300x600,300x1050,160x600|300x250,300x600,300x1050|300x250,728x90,970x90,970x250|728x90,970x90,970x250&divIds=div-gpt-ad-1374154100505-2,div-gpt-ad-1374154100505-3,div-gpt-ad-1374154100505-0,div-gpt-ad-1374154100505-4&auid=538436652,538436643,538436654,538436645
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/wordpress/wp-content/plugins/bwp-minify/min/?f=wordpress/wp-content/plugins/pbh-common/jquery.dotdotdot.min.js,wordpress/wp-content/plugins/pbh-common/js.cookie.min.js,wordpress/wp-content/plugins/pbh-common/pbh-header.js,wordpress/wp-content/plugins/pbh-common/pbh-pb.js,wordpress/wp-content/plugins/pbh-common/pbh-pau-bundle.js,wordpress/wp-content/plugins/gif-dog/gif-dog.js,wordpress/wp-content/plugins/pbh-popup/bpopup.js,wordpress/wp-content/plugins/pbh-popup/pbh-popup.js,wordpress/wp-content/plugins/pbh-popup/pbh-slideout.js,wordpress/wp-content/themes/is-theme/header-pbh2.js,wordpress/wp-content/plugins/psp-emu/jquery.touchSwipe.min.js,wordpress/wp-content/plugins/psp-emu/psp-emu.js&ver=1667228920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 9c8d3a4d349116265d6d0082835942478877628adabcfe8ff55ee9eea26fbccc

Request headers

Referer: https://www.pbh2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:47 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.pbh2.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
123 B 426ms
186ms XHR
text/plain 34.237.83.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=mRzpLDJd6uaDsZVJ8f6Y5acE&bidId=12eb2a9462de743&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.19.0&strVersion=3.2.1&secure=true
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/wordpress/wp-content/plugins/bwp-minify/min/?f=wordpress/wp-content/plugins/pbh-common/jquery.dotdotdot.min.js,wordpress/wp-content/plugins/pbh-common/js.cookie.min.js,wordpress/wp-content/plugins/pbh-common/pbh-header.js,wordpress/wp-content/plugins/pbh-common/pbh-pb.js,wordpress/wp-content/plugins/pbh-common/pbh-pau-bundle.js,wordpress/wp-content/plugins/gif-dog/gif-dog.js,wordpress/wp-content/plugins/pbh-popup/bpopup.js,wordpress/wp-content/plugins/pbh-popup/pbh-popup.js,wordpress/wp-content/plugins/pbh-popup/pbh-slideout.js,wordpress/wp-content/themes/is-theme/header-pbh2.js,wordpress/wp-content/plugins/psp-emu/jquery.touchSwipe.min.js,wordpress/wp-content/plugins/psp-emu/psp-emu.js&ver=1667228920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-83-209.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pbh2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.pbh2.com
date: Mon, 06 Nov 2023 21:09:47 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 588 B
1 KB 146ms
113ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/wordpress/wp-content/plugins/bwp-minify/min/?f=wordpress/wp-content/plugins/pbh-common/jquery.dotdotdot.min.js,wordpress/wp-content/plugins/pbh-common/js.cookie.min.js,wordpress/wp-content/plugins/pbh-common/pbh-header.js,wordpress/wp-content/plugins/pbh-common/pbh-pb.js,wordpress/wp-content/plugins/pbh-common/pbh-pau-bundle.js,wordpress/wp-content/plugins/gif-dog/gif-dog.js,wordpress/wp-content/plugins/pbh-popup/bpopup.js,wordpress/wp-content/plugins/pbh-popup/pbh-popup.js,wordpress/wp-content/plugins/pbh-popup/pbh-slideout.js,wordpress/wp-content/themes/is-theme/header-pbh2.js,wordpress/wp-content/plugins/psp-emu/jquery.touchSwipe.min.js,wordpress/wp-content/plugins/psp-emu/psp-emu.js&ver=1667228920

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

cb73ac0139a4cb657008d45a79af185594ebbc1f56279cb8f105668a47f2cb3d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pbh2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:47 GMT
content-encoding: gzip
an-x-request-uuid: 170536de-10d3-4d25-b092-268e66b757f1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pbh2.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 138.199.38.134; 138.199.38.134; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 udm_header_lib.js Show response
bid.underdog.media/ 517 KB
166 KB 100ms
16ms Script
application/javascript 2600:9000:25e8:5a00:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/udm_header_lib.js
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/wordpress/wp-content/plugins/bwp-minify/min/?f=wordpress/wp-content/plugins/pbh-common/jquery.dotdotdot.min.js,wordpress/wp-content/plugins/pbh-common/js.cookie.min.js,wordpress/wp-content/plugins/pbh-common/pbh-header.js,wordpress/wp-content/plugins/pbh-common/pbh-pb.js,wordpress/wp-content/plugins/pbh-common/pbh-pau-bundle.js,wordpress/wp-content/plugins/gif-dog/gif-dog.js,wordpress/wp-content/plugins/pbh-popup/bpopup.js,wordpress/wp-content/plugins/pbh-popup/pbh-popup.js,wordpress/wp-content/plugins/pbh-popup/pbh-slideout.js,wordpress/wp-content/themes/is-theme/header-pbh2.js,wordpress/wp-content/plugins/psp-emu/jquery.touchSwipe.min.js,wordpress/wp-content/plugins/psp-emu/psp-emu.js&ver=1667228920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25e8:5a00:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0cfd84634f91254e293d62bd6aeb48040b1edda4c7d88c9edad5efd142cd397b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 11:29:46 GMT
content-encoding: gzip
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
last-modified: Wed, 09 Aug 2023 20:24:42 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P3
age: 34817
x-amz-server-side-encryption: AES256
etag: "e9066b998600392a5d77afaf471626e0"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 169245
x-amz-cf-id: 4Hpal8efoyzBhNxGkib36f0z7PH6KbgYThOQXOKeRqxKXgY7cDSaxg==

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
541 B 321ms
246ms XHR
application/json 3.74.50.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=3.19.0&referrer=https%3A%2F%2Fwww.pbh2.com%2F&tmax=1980

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.74.50.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-74-50-207.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pbh2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:47 GMT
accept-ch: sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pbh2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
81 KB 58ms
34ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1XXVVGFRMB&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb364691cbabb7b4720077c41ec92a9027d4e1531f6f00a01e80a257597a974f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82538
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Nov 2023 21:09:47 GMT

POST
H3 200 822051c6d8e3198f Show response
www.pbh2.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 3B7B 0
556 B 31ms
30ms XHR
text/plain 2606:4700:3031::ac43:9eb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pbh2.com/cdn-cgi/challenge-platform/h/b/jsd/r/822051c6d8e3198f
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:9eb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Nov 2023 21:09:47 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=grFnK5es5N3fAgwJ5ZnuKMqFOoOAB6wmJkdFP79q3kLUBI0pNTtcgnSSaN8%2BI%2FkP%2BNwcXO%2FUlczdifNNJ2%2BSIrG2Cd8U1KBO%2FoCaMExjk06PplM6R23vb%2Fsedq9a1zBjknDpBfCTk%2BGEMi8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 822051caad661c9f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 8ca1281f-81ad-492f-b453-e86651035f60 Show response
config.aps.amazon-adsystem.com/configs/ 537 B
814 B 81ms
30ms Script
application/javascript 3.162.38.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/8ca1281f-81ad-492f-b453-e86651035f60
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.38.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-38-75.cdg52.r.cloudfront.net
Software: CloudFront /
Resource Hash: e978e7dfd8cf2ec724d5325916c809146b0d659cc22f27faf4682d725a5b0293

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:01:47 GMT
via: 1.1 f3ecb7d9889971a19731c9dc77982e54.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: CDG52-P6
age: 480
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: fVyE3I56dO2VMq0HHLKv9XEXfrUUuEAk5RGLqf6rdRersMkIp1Ux9Q==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
2 KB 11ms
11ms XHR
application/json 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.pbh2.com&pubid=8ca1281f-81ad-492f-b453-e86651035f60
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e1993fa9a23a480a9669e2cd2eac22b7be4c16c70ed28751e24a7c6ce7f7fa24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:48:56 GMT
via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 19251
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.pbh2.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2120
x-amz-cf-id: b_jCAXlE1m1SaqSHzYm4ymNbM4WqP1syU9fRbXIdcjYgIUVWNLYWBw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
501 B 106ms
57ms XHR
text/javascript 18.244.35.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.pbh2.com%2F&pid=tPdxFa9JP09d2&cb=0&ws=1600x1200&v=23.1027.1921&t=1980&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1374154100505-2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F1017773%2FPBH2Rectangle%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1374154100505-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22%2F1017773%2FPBH2SecondRectangle%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1374154100505-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F1017773%2FPBH2Floorboard%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1374154100505-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F1017773%2FPBH2Skybox%22%7D%5D&pubid=8ca1281f-81ad-492f-b453-e86651035f60&gdpre=0&gdprl=%7B%22status%22%3A%22explicit-no-gdpr%22%2C%22enabled%22%3Afalse%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.35.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-35-29.cdg52.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:47 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 67ffdd2ec6e280830e7ef1d09212a7dc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CDG52-P5
x-amz-rid: FS64VKQ68DRV4PCQ8PWW
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.pbh2.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: AE8qcQ-Q3rgqDcRB0Fd3q7XZvH7RhoP99w4Vz68ROfaexiXOexuNZA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 21ms
7ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
date: Mon, 06 Nov 2023 20:42:23 GMT
x-amz-cf-pop: FRA56-P6
age: 52258
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: pkjoKWy8tw2mZxwZFbu4uXy-LvEj6YEeWj7qYJ5Wh5xT9HMkslVvkQ==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 36ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1XXVVGFRMB&gtm=45je3b11v9135291511&_p=1699304987176&gcd=11l1l1l1l2&ul=en-us&sr=1600x1200&cid=528727689.1699304987&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.pbh2.com%2F&dp=%2F&dt=GIF%20Collections%2C%20Epic%20Galleries%20%26%20Viral%20Videos%20-%20PBH2&sid=1699304987&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=835
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1XXVVGFRMB&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pbh2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ 6 KB
2 KB 661ms
166ms Script
application/x-javascript 68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to

Full URL: https://udmserve.net/udm/img.fetch?tid=1;dt=9;sid=13382;sizes=300x250,300x600,300x1050,160x600,300x250,300x600,300x1050,300x250,728x90,970x90,970x250,728x90,970x90,970x250;callback=udm_header_lib.bid49487757;udmref=www.pbh2.com;
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm_header_lib.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: c2ff1acab05771e2e7b788068aaf62f52d71e1335d463f0b61f0b30c0bac6a83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Nov 2023 21:09:47 GMT
Content-Encoding: gzip
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Type: application/x-javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Length: 1808
Expires: 0

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/4f5360dd-767e-4d14-b247-1a416cc6f6b6/ 2 KB
2 KB 65ms
19ms Script
text/javascript 18.155.129.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/4f5360dd-767e-4d14-b247-1a416cc6f6b6/launchpad-liveramp.js
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-5.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa1c5176e44938c4b2204b5a3089ac02873a4fb097250e781b9afef42babe040

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: V6lk34EFfDMrpnToL0zce3DL3S6zhmp2
content-encoding: gzip
via: 1.1 bf37fcd05a816a7fa3bda09195cf83b2.cloudfront.net (CloudFront)
date: Mon, 06 Nov 2023 02:47:38 GMT
x-amz-cf-pop: CDG52-P4
age: 66130
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Fri, 18 Aug 2023 19:20:42 GMT
server: AmazonS3
etag: W/"5122e39777d8e31b1b6400902b11dd88"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: L4M6bYmVXMX8p1erJge1ECgsLLXftZWxicnBLPJA-iVlv69rStLGjw==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 73ms
10ms Script
application/javascript 23.57.19.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-57-19-78.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:47 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Mon, 06 Nov 2023 21:24:47 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 49ms
13ms Script
text/javascript 18.239.18.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-78.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 02:02:17 GMT
content-encoding: gzip
via: 1.1 ed8a64af6e81621f0f4bbf3ca72f2da4.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P6
age: 68849
x-amz-server-side-encryption: AES256
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: TXzSEOxvZXZavKEJ7o97mfDZf7Eo0tQIUU0a8-M7OK4NSGOMBUiDoA==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 142 KB
31 KB 44ms
20ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3225c9376cd8f731c5d65175d9ca584616403f157a9e14c3e3439c7362d9486f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 06 Nov 2023 12:11:14 GMT
server: cloudflare
x-amz-request-id: QYYA2BR8GSY205QM
age: 2561
etag: W/"6ce75de2ac970b38b3610ecd0ccc9b5c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 822051cb8f192c43-FRA
x-amz-id-2: MHhzFfbJG/pF7WEwIGvFSturTsXuoSRuaM8+jRaaD1m+zqkpSqLTPQYGxkORPLh+Z+k/0ZiUH+8=

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 109ms
30ms XHR
application/json 34.254.54.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.54.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-54-88.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: f66717183469ec7983f321be0d30930d2f4b29eeb2817cea73790573d03385ce

Request headers

Referer: https://www.pbh2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:47 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.pbh2.com
cache-control: no-cache
x-server: 10.45.6.16
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/latest/ 128 KB
26 KB 78ms
20ms Script
application/x-javascript 18.155.129.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by: Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/4f5360dd-767e-4d14-b247-1a416cc6f6b6/launchpad-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-7.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53fcbdb394dab3494945cd64fbd897b641057715860ee624ec0d3c5e701edac2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: PnaJdxHydHN9eEuWHl7A1SeLMo27G9Y2
content-encoding: br
via: 1.1 9737f42d74643b8e3ceb7ecfa2015ed2.cloudfront.net (CloudFront)
date: Mon, 06 Nov 2023 20:33:05 GMT
last-modified: Fri, 27 Oct 2023 11:56:06 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 2203
x-amz-server-side-encryption: AES256
etag: W/"8f65165dbe6028fe7739c568043840fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: TC5HRE0FceVm_RGjve9biNVpRNAkMSXVsDTZAFQzfyev66YB3zrc3A==

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
618 B 18ms
18ms Fetch
application/json 52.222.174.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-81.cdg50.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept: application/json
Referer: https://www.pbh2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Nov 2023 01:28:39 GMT
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront), 1.1 9603ab49d77e9b1b00dc0c80e48bd7e8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, CDG50-P2
age: 70868
x-amzn-requestid: c7e4cb68-ecf8-4327-884b-9a75067b182a
x-amzn-trace-id: Root=1-65484147-6a4295a0304ee1df1382c771;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: N88jLFnbDoEEsjg=
content-length: 30
x-amz-cf-id: snVa1TvZNShkRVW3y5N_vSHxXQ-GkZCgODiRBdxWdOttEuR5-_2PyA==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 205ms
48ms Preflight
application/json 52.222.174.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-81.cdg50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.pbh2.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Mon, 06 Nov 2023 21:09:47 GMT
via: 1.1 ddcc5754acfb5d436bc0a20046a15158.cloudfront.net (CloudFront), 1.1 9603ab49d77e9b1b00dc0c80e48bd7e8.cloudfront.net (CloudFront)
x-amz-apigw-id: N_pkYFamDoEEVyw=
x-amz-cf-id: ZuQtzxFd5dbYmOwSu-1ck5JbUUenNiZM_ZkNJtwCJec0QeBi373Azg==
x-amz-cf-pop: CDG50-C1 CDG50-P2
x-amzn-requestid: 63bbe2b9-a888-45a8-a0ca-f53f55bc80d2
x-cache: Miss from cloudfront

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 63ms
12ms Script
application/javascript 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?tid=1;dt=9;sid=13382;sizes=300x250,300x600,300x1050,160x600,300x250,300x600,300x1050,300x250,728x90,970x90,970x250,728x90,970x90,970x250;callback=udm_header_lib.bid49487757;udmref=www.pbh2.com;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:48 GMT
content-encoding: gzip
etag: "0nVqEbFaTM2zzuiWgn9NwQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 13 Nov 2023 21:09:48 GMT

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.7547713
https://udmserve.net/udm/fetch.pix?dt=1;apnid=7938940150429392467;cb=0.7547713

43 B
612 B

159ms
159ms

Image
image/gif

68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;apnid=7938940150429392467;cb=0.7547713
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/
Protocol: HTTP/1.1
Server: 68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 21:09:48 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
an-x-request-uuid: 72a44407-ac23-4a65-87c5-251cc2a1bf49
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://udmserve.net/udm/fetch.pix?dt=1;apnid=7938940150429392467;cb=0.7547713
x-proxy-origin: 138.199.38.134; 138.199.38.134; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ 0
42 B 82ms
17ms Image
text/plain 185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.7547713
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:47 GMT
content-length: 0

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.7547713%3Bindx%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.7547713%3Bindx%3D&s=199174&C=1
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.7547713;indx=ZUlWHBdi9ekZJo7EaIUusgAABKUAAAIB

43 B
624 B

264ms
159ms

Image
image/gif

68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;cb=0.7547713;indx=ZUlWHBdi9ekZJo7EaIUusgAABKUAAAIB
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/
Protocol: HTTP/1.1
Server: 68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 21:09:48 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ako3Tkiax%2BBK4AfET7C6JHap6KTXObldfxPP5DpYrYxvE5x6QjyAiDhtMf7lAI7H7XM%2FF%2BDI4s4Y%2BBTQlITxQkuqoUz7PQPU0TIwIJ%2FbYQ7Oh1yXs%2BRpTQ6iAmM5xgP427%2FlXt2gmdpYkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://udmserve.net/udm/fetch.pix?dt=1;cb=0.7547713;indx=ZUlWHBdi9ekZJo7EaIUusgAABKUAAAIB
cache-control: no-cache
cf-ray: 822051cfdb223661-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58806/ 0
125 B 36ms
10ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58806/sync?redir=true&cb=0.7547713

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:48 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 us
sync.go.sonobi.com/ 0
401 B 294ms
91ms Image
text/plain 69.166.1.34
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.7547713%3Bsonobi%3D%5BUID%5D

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-111
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel-us-west.rubiconproject.com/exchange/ 0
239 B 696ms
156ms Image
image/gif 8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=24042&cb=0.7547713
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 187e82019178d54b7a252bfda4b0880c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://cm-x.mgid.com/4c7eda2d9428691cd8f54d15244a36a7.gif?ccpa=0&gdpr=0&redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bmgid%3D%5BUID%5D
https://udmserve.net/udm/fetch.pix?dt=1;mgid=c7a61b40-c236-4321-8552-62bb2bab8345

43 B
628 B

159ms
159ms

Image
image/gif

68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;mgid=c7a61b40-c236-4321-8552-62bb2bab8345
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/
Protocol: HTTP/1.1
Server: 68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 21:09:48 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 06 Nov 2023 21:09:48 GMT
Transfer-Encoding: chunked
Location: https://udmserve.net/udm/fetch.pix?dt=1;mgid=c7a61b40-c236-4321-8552-62bb2bab8345
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
168 B 75ms
16ms XHR
text/plain 145.40.97.67
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm_header_lib.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pbh2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Mon, 06 Nov 2023 21:09:47 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://www.pbh2.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3

GET
H2 200 rules-p-effSsmMYCbAck.js Show response
rules.quantcount.com/ 160 B
633 B 93ms
21ms Script
application/javascript 2600:9000:2551:2400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2551:2400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:24:59 GMT
via: 1.1 80836ce32819cf946e10c3b85dbce514.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P7
age: 2690
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 22:21:01 GMT
server: AmazonS3
etag: "435cbd9bc4b3440e866ad1f4f7d1ef02"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 1AbtJ28DQ-IBipGAZw0gp6NHr73ThoK1h1Zd8TK2fx4tahQbvlCJKA==

GET
H2 200 rules-p-Pz67dCqdsHfxh.js Show response
rules.quantcount.com/ 160 B
632 B 94ms
22ms Script
application/javascript 2600:9000:2551:2400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2551:2400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:04:52 GMT
via: 1.1 80836ce32819cf946e10c3b85dbce514.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P7
age: 297
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 23:00:33 GMT
server: AmazonS3
etag: "eee1bd1fc55b604b66cd9e63c4f811b8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: LxBxYjsvchcsYXd5ruS0NmaP3f9rrREBfLX9jB_DDYKtFA58QCd1YA==

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 238 B
295 B 126ms
126ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10842&site_id=25232&rp_floor=0.01&tk_flint=pbjs.lite&zone_id=295950&size_id=2&p_pos=atf&p_screen_res=1600x1200&rand=0.9606477886651832&rf=https://www.pbh2.com/
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js?ver=6.0.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ac3ef44ef182cdae2e6ed3eceddbf8707276fc1c6e9011cac17b3d4d76a3202e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.pbh2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.pbh2.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 238
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
460 B 53ms
53ms XHR
text/javascript 18.244.35.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.pbh2.com%2F&pid=tPdxFa9JP09d2&cb=1&ws=1600x1200&v=23.1027.1921&t=1350&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1374154100505-6%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1017773%2FPBH2Adhesion%22%7D%5D&cfgv=1&pubid=8ca1281f-81ad-492f-b453-e86651035f60&gdpre=0&gdprl=%7B%22status%22%3A%22explicit-no-gdpr%22%2C%22enabled%22%3Afalse%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.35.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-35-29.cdg52.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:48 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 67ffdd2ec6e280830e7ef1d09212a7dc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CDG52-P5
x-amz-rid: J7F7YV3BBCE1QPTYN2V6
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.pbh2.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: x1Cvg5s4x5duCYKUwY-omrvvCW0MZNRhJkCZHXf1TbDGfvw_-khfkQ==

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
524 B 91ms
89ms XHR
application/json 3.74.50.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=3.19.0&referrer=https%3A%2F%2Fwww.pbh2.com%2F&tmax=1350

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.74.50.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-74-50-207.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pbh2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
accept-ch: sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pbh2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 arj Show response
pbhmedia-d.openx.net/w/1.0/ 73 B
145 B 27ms
26ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pbhmedia-d.openx.net/w/1.0/arj?ju=https://www.pbh2.com/&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=f9b9b164-3af2-47a4-ba9e-1494bc48924c&nocache=1699304988185&aus=728x90&divIds=div-gpt-ad-1374154100505-6&auid=538693244
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/wordpress/wp-content/plugins/bwp-minify/min/?f=wordpress/wp-content/plugins/pbh-common/jquery.dotdotdot.min.js,wordpress/wp-content/plugins/pbh-common/js.cookie.min.js,wordpress/wp-content/plugins/pbh-common/pbh-header.js,wordpress/wp-content/plugins/pbh-common/pbh-pb.js,wordpress/wp-content/plugins/pbh-common/pbh-pau-bundle.js,wordpress/wp-content/plugins/gif-dog/gif-dog.js,wordpress/wp-content/plugins/pbh-popup/bpopup.js,wordpress/wp-content/plugins/pbh-popup/pbh-popup.js,wordpress/wp-content/plugins/pbh-popup/pbh-slideout.js,wordpress/wp-content/themes/is-theme/header-pbh2.js,wordpress/wp-content/plugins/psp-emu/jquery.touchSwipe.min.js,wordpress/wp-content/plugins/psp-emu/psp-emu.js&ver=1667228920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a17052cb55d072c407e63153cad7abdcf0160f0d11480ef8d3250961bf84e708

Request headers

Referer: https://www.pbh2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.pbh2.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
55 B 49ms
48ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/wordpress/wp-content/plugins/bwp-minify/min/?f=wordpress/wp-content/plugins/pbh-common/jquery.dotdotdot.min.js,wordpress/wp-content/plugins/pbh-common/js.cookie.min.js,wordpress/wp-content/plugins/pbh-common/pbh-header.js,wordpress/wp-content/plugins/pbh-common/pbh-pb.js,wordpress/wp-content/plugins/pbh-common/pbh-pau-bundle.js,wordpress/wp-content/plugins/gif-dog/gif-dog.js,wordpress/wp-content/plugins/pbh-popup/bpopup.js,wordpress/wp-content/plugins/pbh-popup/pbh-popup.js,wordpress/wp-content/plugins/pbh-popup/pbh-slideout.js,wordpress/wp-content/themes/is-theme/header-pbh2.js,wordpress/wp-content/plugins/psp-emu/jquery.touchSwipe.min.js,wordpress/wp-content/plugins/psp-emu/psp-emu.js&ver=1667228920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pbh2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.pbh2.com
date: Mon, 06 Nov 2023 21:09:48 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 254 B
1 KB 213ms
212ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

ec13a97b2f9ddb0c1785e88f3ab940d2bda5b202366db53aaa40b425034fdd60

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pbh2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
an-x-request-uuid: 1f89b23c-56c2-4190-a88e-c3462d3ff055
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pbh2.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 138.199.38.134; 138.199.38.134; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 254
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 16ms
13ms Script
text/javascript 18.239.18.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-78.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 03:16:17 GMT
content-encoding: gzip
via: 1.1 ed8a64af6e81621f0f4bbf3ca72f2da4.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P6
age: 64412
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: TuJUieK1RwMxzcHiN_SO9VGOZjQsI-_JPGtTdM01ZrP9sOR_ecaJYg==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 80ms
16ms Script
text/javascript 2600:9000:2117:5c00:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2117:5c00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Mon, 06 Nov 2023 12:05:25 GMT
Via: 1.1 0f8d42bdd4e806bc0112f0b6ba3f2334.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-C1
Age: 32664
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: XxXqMzJjxLxStkR3LfJtj2LikC4wZZBxl8JOD8zOBZMzcssuKByc-w==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 57ms
22ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:48 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 65805d54378fce7452ee7daa8965eefc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 78ms
21ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:17:52 GMT
content-encoding: gzip
age: 1133516
x-guploader-uploadid: ADPycdsxLlKLCVb5W3Djj1V0MEZiayMLPqEhV9H3fgXZaELS3ccW0PQo2-GKz1rWI_UNhL9w3-cScigVqDHesSZuOcxycA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Wed, 23 Oct 2024 18:17:52 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 52ms
25ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 07 Nov 2023 21:09:48 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 46ms
18ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 20:31:13 GMT
server: cloudflare
age: 601823
etag: W/"65401291-2b7d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 822051d0bc771989-FRA
expires: Thu, 09 Nov 2023 21:09:48 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 143 KB
31 KB 23ms
21ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af1a77e7360b28cb730e0f5e56566b51a4d620f2cc411f8e32e5581ddf546e09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 06 Nov 2023 12:11:14 GMT
server: cloudflare
x-amz-request-id: J4ZA86135DYSV1TW
age: 2634
etag: W/"a8dc95d1ffeb5ca5c8e29b69dd9f17dd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 822051d07d272c43-FRA
x-amz-id-2: gfktbHqQFOCgGxJ+n37mt91jtWvGqu8/ESyGMQi8N+WeyhCLKPRrIUfeuM/8ge67H7kPySpxjY0=

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 230ms
228ms Fetch
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=859206319235326&correlator=2829847570563141&eid=31079466%2C31079420%2C31078660&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&tfcd=0&iu_parts=1017773%2CPBH2Skybox&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1699304988208&lmt=1699301274&adxs=436&adys=195&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.pbh2.com%2F&vis=1&psz=1600x2451&msz=1240x150&fws=4&ohw=1240&ga_vid=528727689.1699304987&ga_sid=1699304988&ga_hid=1860488744&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYrbzhs7oxSABSAghkEhsKDDMzYWNyb3NzLmNvbRitvOGzujFIAFICCGQSFwoIcnRiaG91c2UYrbzhs7oxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGK284bO6MUgAUgIIZBIZCgp1aWRhcGkuY29tGK284bO6MUgAUgIIZBIUCgVvcGVueBitvOGzujFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGK284bO6MUgAUgIIZA..&dlt=1699304986718&idt=414&cust_params=session_visits%3D0%26campaign%3Dnocampaign%26tags%3D%26bidder%3Dolder%26ab%3Dpbh_control&adks=2102622896&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09ba0a245473fd605a7cccdfde1c26373d67ea42fc4164984dadb09aec5b7bd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:48 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11005
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.pbh2.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 90 KB
42 KB 494ms
493ms Fetch
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=859206319235326&correlator=2829847570563141&eid=31079466%2C31079420%2C31078660&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&tfcd=0&iu_parts=1017773%2CPBH2Floorboard&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C728x90%7C970x90%7C970x250&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1699304988217&lmt=1699301274&adxs=529&adys=2532&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.pbh2.com%2F&vis=1&psz=826x2301&msz=760x90&fws=4&ohw=760&ga_vid=528727689.1699304987&ga_sid=1699304988&ga_hid=1860488744&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYrbzhs7oxSABSAghkEhsKDDMzYWNyb3NzLmNvbRitvOGzujFIAFICCGQSFwoIcnRiaG91c2UYrbzhs7oxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGK284bO6MUgAUgIIZBIZCgp1aWRhcGkuY29tGK284bO6MUgAUgIIZBIUCgVvcGVueBitvOGzujFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGK284bO6MUgAUgIIZA..&dlt=1699304986718&idt=414&cust_params=session_visits%3D0%26campaign%3Dnocampaign%26tags%3D%26bidder%3Dolder%26ab%3Dpbh_control&adks=672504615&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d4e748701e4f8a7cd2343c922a05b544e29dfec59959ce611fc2cd74df5d9a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:48 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42456
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.pbh2.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 91 KB
42 KB 965ms
964ms Fetch
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=859206319235326&correlator=2829847570563141&eid=31079466%2C31079420%2C31078660&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&tfcd=0&iu_parts=1017773%2CPBH2Rectangle&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600%7C300x1050%7C160x600&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1699304988221&lmt=1699301274&adxs=1160&adys=320&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.pbh2.com%2F&vis=1&psz=245x836&msz=300x250&fws=0&ohw=0&ga_vid=528727689.1699304987&ga_sid=1699304988&ga_hid=1860488744&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYrbzhs7oxSABSAghkEhsKDDMzYWNyb3NzLmNvbRitvOGzujFIAFICCGQSFwoIcnRiaG91c2UYrbzhs7oxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGK284bO6MUgAUgIIZBIZCgp1aWRhcGkuY29tGK284bO6MUgAUgIIZBIUCgVvcGVueBitvOGzujFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGK284bO6MUgAUgIIZA..&dlt=1699304986718&idt=414&cust_params=session_visits%3D0%26campaign%3Dnocampaign%26tags%3D%26bidder%3Dolder%26ab%3Dpbh_control&adks=3885494050&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fea03786e6782c616f0dcd2ed8af3f3cc686118e75c981beb0d11ad3056f336f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:49 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42591
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.pbh2.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 86 KB
38 KB 740ms
739ms Fetch
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=859206319235326&correlator=2829847570563141&eid=31079466%2C31079420%2C31078660&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&tfcd=0&iu_parts=1017773%2CPBH2SecondRectangle&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600%7C300x1050&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1699304988224&lmt=1699301274&adxs=1160&adys=906&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.pbh2.com%2F&vis=1&psz=245x836&msz=300x250&fws=0&ohw=0&ga_vid=528727689.1699304987&ga_sid=1699304988&ga_hid=1860488744&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYrbzhs7oxSABSAghkEhsKDDMzYWNyb3NzLmNvbRitvOGzujFIAFICCGQSFwoIcnRiaG91c2UYrbzhs7oxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGK284bO6MUgAUgIIZBIZCgp1aWRhcGkuY29tGK284bO6MUgAUgIIZBIUCgVvcGVueBitvOGzujFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGK284bO6MUgAUgIIZA..&dlt=1699304986718&idt=414&cust_params=session_visits%3D0%26campaign%3Dnocampaign%26tags%3D%26bidder%3Dolder%26ab%3Dpbh_control&adks=583341497&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0da9cb12e2f1fcc862fcd7a21804d541511a651165857f7245fc21824dc05f35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:48 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39201
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.pbh2.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BF1F 6 KB
3 KB 103ms
42ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pbh2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 21:09:48 GMT
expires: Tue, 05 Nov 2024 21:09:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 32ms
31ms XHR
application/json 34.254.54.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.54.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-54-88.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 416e539fa59fbbab94e9e044b52bd932175e218e0028204aa2109fdbfa5ed925

Request headers

Referer: https://www.pbh2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.pbh2.com
cache-control: no-cache
x-server: 10.45.19.120
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 pixel;r=1124628810;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.pbh2.com%2F;uht=2;fpan=1;fpa=P0-2041549057-1699304988150;pbc=;ns=0;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=;gdpr=0;ref=;d=pbh2.com;d...
pixel.quantserve.com/ 35 B
372 B 15ms
14ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1124628810;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.pbh2.com%2F;uht=2;fpan=1;fpa=P0-2041549057-1699304988150;pbc=;ns=0;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=;gdpr=0;ref=;d=pbh2.com;dst=1;et=1699304988254;tzo=-60;ogl=locale.en_US%2Ctype.website%2Ctitle.GIF%20Collections%252C%20Epic%20Galleries%20%26%20Viral%20Videos%20-%20PBH2%2Cdescription.Come%20pay%20a%20visit%20to%20PBH2%252C%20home%20to%20the%20internet's%20best%20GIF%20collections%252C%20epic%20GIFs%2Curl.https%3A%2F%2Fwww%252Epbh2%252Ecom%2F%2Csite_name.PBH2%2Cimage.http%3A%2F%2Fwww%252Epbh2%252Ecom%2Fwordpress%2Fwp-content%2Fuploads%2F2018%2F05%2Fnaked-gal-gadot%252Ejpg%2Cimage.http%3A%2F%2Fwww%252Epbh2%252Ecom%2Fwordpress%2Fwp-content%2Fuploads%2F2018%2F05%2Fswimsuit%252Ejpg%2Cimage.http%3A%2F%2Fwww%252Epbh2%252Ecom%2Fwordpress%2Fwp-content%2Fuploads%2F2018%2F05%2Fgal-gadot-featured%252Ejpg;ses=c13550f6-8844-4ea5-8e25-493ce6f38df0;mdl=

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=377445041;labels=edge.0%2Csid.13382;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.pbh2.com%2F;uht=2;fpan=1;fpa=P0-2041549057-1699304988150;pbc=;ns=0;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=...
pixel.quantserve.com/ 35 B
210 B 9ms
9ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=377445041;labels=edge.0%2Csid.13382;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.pbh2.com%2F;uht=2;fpan=1;fpa=P0-2041549057-1699304988150;pbc=;ns=0;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=;gdpr=0;ref=;d=pbh2.com;dst=1;et=1699304988255;tzo=-60;ogl=locale.en_US%2Ctype.website%2Ctitle.GIF%20Collections%252C%20Epic%20Galleries%20%26%20Viral%20Videos%20-%20PBH2%2Cdescription.Come%20pay%20a%20visit%20to%20PBH2%252C%20home%20to%20the%20internet's%20best%20GIF%20collections%252C%20epic%20GIFs%2Curl.https%3A%2F%2Fwww%252Epbh2%252Ecom%2F%2Csite_name.PBH2%2Cimage.http%3A%2F%2Fwww%252Epbh2%252Ecom%2Fwordpress%2Fwp-content%2Fuploads%2F2018%2F05%2Fnaked-gal-gadot%252Ejpg%2Cimage.http%3A%2F%2Fwww%252Epbh2%252Ecom%2Fwordpress%2Fwp-content%2Fuploads%2F2018%2F05%2Fswimsuit%252Ejpg%2Cimage.http%3A%2F%2Fwww%252Epbh2%252Ecom%2Fwordpress%2Fwp-content%2Fuploads%2F2018%2F05%2Fgal-gadot-featured%252Ejpg;ses=c13550f6-8844-4ea5-8e25-493ce6f38df0;mdl=

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
228 B 31ms
7ms XHR
text/plain 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.pbh2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.pbh2.com
date: Mon, 06 Nov 2023 21:09:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 157 B
431 B 64ms
25ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 6a4efe162ec78671b4f1455283b47f255baaf8cd43a7d8c21d3d404ea0831ec0

Request headers

Referer: https://www.pbh2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 Nov 2023 21:09:48 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: df6e4ed18b6164d3f9947e33caab2cb5
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With
content-length: 157
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1BFC 15 KB
6 KB 42ms
14ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.pbh2.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.pbh2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 21:09:47 GMT
server: Kestrel
server-processing-duration-in-ticks: 261271
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.pbh2.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.pbh2.com%2F&rid=esp&cc=1

85 B
194 B

119ms
118ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.pbh2.com%2F&rid=esp&cc=1
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 46ebf6fafafbd7a762b638cabfa7136575cfeb63dc6f3e2401e0a49e542de44a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:48 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-4XqYQ70Eoo+QA2UjEKX4tPV6p7E"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pbh2.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Mon, 06 Nov 2023 21:09:48 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.pbh2.com
location: /esp?url=https%3A%2F%2Fwww.pbh2.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1BFC
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=pbh2.com&sn=ChromeSyncframe&so=0&topUrl=www.pbh2.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=k1qmuXw4cW1UVkI1bVp5MUJ6TnhrTmxPUUtZZnVYL2ltazBTcUwvSGtuTVZtMW80aWZ1SEo3aUozWHc0QVNQQnlWbmxzLzZwYU4rem9JYytKdEVidkNSV0Q3SWZzdW9sZDk5andmWk9mSXBsSzZkbVhab0tLUTZUS25pQk...

441 B
653 B

15ms
14ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=k1qmuXw4cW1UVkI1bVp5MUJ6TnhrTmxPUUtZZnVYL2ltazBTcUwvSGtuTVZtMW80aWZ1SEo3aUozWHc0QVNQQnlWbmxzLzZwYU4rem9JYytKdEVidkNSV0Q3SWZzdW9sZDk5andmWk9mSXBsSzZkbVhab0tLUTZUS25pQk40UTZVMmdXb2ZTUGZQcVh3Qy9rdEN0aU5PRkNaWFFibXliOUV6Y2pERVhsY3EwQ1k3NG5FZmxCUDFBZDYreDZJR1B0Z1dCWUc3WlRONHFvMkFYQ1JvUnFoTXFtdWIvNkxYanQrdnpZRTI0SFJmTGF1TGRBWncrTGZqeEtQQWhDaTA3VHc4ZDljUG1RV2VhUlBQcFJJVDhJREhWcnpwdz09fA&cppv=2

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ec1faa0adb1821b70efd452da103c2f51393f990b5c8ecc23a9a1d7708c46423

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:47 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1193505
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=k1qmuXw4cW1UVkI1bVp5MUJ6TnhrTmxPUUtZZnVYL2ltazBTcUwvSGtuTVZtMW80aWZ1SEo3aUozWHc0QVNQQnlWbmxzLzZwYU4rem9JYytKdEVidkNSV0Q3SWZzdW9sZDk5andmWk9mSXBsSzZkbVhab0tLUTZUS25pQk40UTZVMmdXb2ZTUGZQcVh3Qy9rdEN0aU5PRkNaWFFibXliOUV6Y2pERVhsY3EwQ1k3NG5FZmxCUDFBZDYreDZJR1B0Z1dCWUc3WlRONHFvMkFYQ1JvUnFoTXFtdWIvNkxYanQrdnpZRTI0SFJmTGF1TGRBWncrTGZqeEtQQWhDaTA3VHc4ZDljUG1RV2VhUlBQcFJJVDhJREhWcnpwdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 264016
content-length: 0
expires: 0

GET
H2 200 container.html Show response
4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 392D 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pbh2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 21:09:48 GMT
expires: Tue, 05 Nov 2024 21:09:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3298 624 B
826 B 67ms
46ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNW5ZftE_Cb93oeiN6mofQE7EdMj6-xLz1v6uWIcBvsaDWv3Zkz61bh1y8teUDQQMOR90NU88YeAz6hnETcxR91WGBJiHRLK8ro2mcoWEaNAK0-toggQfoUyQeG6v0xV9mFvkfM33Tl9yYq_LZ1neS7M4zk1pB74tpe17bYZ-B_j8vbTDAE

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 21:09:48 GMT
expires: Mon, 06 Nov 2023 21:09:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 392D 89 KB
31 KB 119ms
91ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 06 Nov 2023 21:09:48 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 392D 42 B
110 B 70ms
42ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BblT7wgDYF3kO91oZkcZWTCPTQrnp6s097vDeAJ-d3953cFKDOnv8dErGOHr9oQjPMbN27f-z0erdf6fmQbbIUMOtqzm7QuQN6OC1N8MX7b2Xm4Is

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 392D 0
349 B 69ms
42ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15341851885057282319&x=1&ct=77

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 392D 3 KB
1 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:57:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:57:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 392D 20 KB
9 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:57:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:57:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 392D 189 KB
60 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 21:09:48 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
272 B 34ms
8ms Fetch
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

de0ead93db26f0e67471d9d6551c8d0dcd69142731b8fd14a0b6770a5f99fd40

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin: https://www.pbh2.com
date: Mon, 06 Nov 2023 21:09:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 v2 Show response
id5-sync.com/gm/ 251 B
529 B 22ms
8ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v2

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

7632303ffe94779e27e326444f0d4043c42e680a0d5e3924e88850cd5acb248c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.pbh2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.pbh2.com
date: Mon, 06 Nov 2023 21:09:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3298
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdtigh03Kbixsb_njxJjIA&google_cver=1

43 B
763 B

28ms
28ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdtigh03Kbixsb_njxJjIA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNW5ZftE_Cb93oeiN6mofQE7EdMj6-xLz1v6uWIcBvsaDWv3Zkz61bh1y8teUDQQMOR90NU88YeAz6hnETcxR91WGBJiHRLK8ro2mcoWEaNAK0-toggQfoUyQeG6v0xV9mFvkfM33Tl9yYq_LZ1neS7M4zk1pB74tpe17bYZ-B_j8vbTDAE
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SenVh35HeH84oRvMc0zRorkIDBneOSbzuZf%2FLFPbn3LdT3OXBdPzdCjrRZbcRf9fQK3oLR73ZO8FcpZjEa6AByhiy0ncEARGTFRB0caSQMbt8TwVcuyohqRwHgPda0tkcj37VFY0nTSE1w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 822051d2ed3c9c01-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdtigh03Kbixsb_njxJjIA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3298
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUlWHBdi9ekZJo7EaIUusgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdtigh03Kbixsb_njxJjIA&google_cver=1

43 B
733 B

30ms
29ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdtigh03Kbixsb_njxJjIA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNW5ZftE_Cb93oeiN6mofQE7EdMj6-xLz1v6uWIcBvsaDWv3Zkz61bh1y8teUDQQMOR90NU88YeAz6hnETcxR91WGBJiHRLK8ro2mcoWEaNAK0-toggQfoUyQeG6v0xV9mFvkfM33Tl9yYq_LZ1neS7M4zk1pB74tpe17bYZ-B_j8vbTDAE
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0l%2B2toidqIQu0qLTNgTOp8LNrq3bPCgALXzSxxFrn32LPx27crFk61k2ldwcJyOo7%2FuplAANkToCSzuMyLpl%2BIjZXi9FiuFlMQMDkeTK9WOVwC5J53sJZCo9LNgXkbUTxHcGj7FrVXQUkg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 822051d2ed389c01-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdtigh03Kbixsb_njxJjIA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 3298
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMF1no_3VAUbzwTzpGXlEvc&google_cver=1

43 B
845 B

14ms
13ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMF1no_3VAUbzwTzpGXlEvc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNW5ZftE_Cb93oeiN6mofQE7EdMj6-xLz1v6uWIcBvsaDWv3Zkz61bh1y8teUDQQMOR90NU88YeAz6hnETcxR91WGBJiHRLK8ro2mcoWEaNAK0-toggQfoUyQeG6v0xV9mFvkfM33Tl9yYq_LZ1neS7M4zk1pB74tpe17bYZ-B_j8vbTDAE

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
an-x-request-uuid: 8ffb8528-317b-417f-8d80-619fe9bf615b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.134; 138.199.38.134; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMF1no_3VAUbzwTzpGXlEvc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3298
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkzODk0MDE1MDQyOTM5MjQ2Nw%3D%3D

170 B
243 B

21ms
18ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkzODk0MDE1MDQyOTM5MjQ2Nw%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
an-x-request-uuid: d9c13853-95a5-4c31-bdb6-bd75175d1766
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkzODk0MDE1MDQyOTM5MjQ2Nw%3D%3D
x-proxy-origin: 138.199.38.134; 138.199.38.134; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 13FB 0
91 B 42ms
23ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pbh2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Mon, 06 Nov 2023 21:09:48 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 392D 0
56 B 43ms
42ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3842320481341&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 392D 0
56 B 43ms
41ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3842320481341&version=m202309260101&ct=77&x=1&cor=15341851885057282000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 392D 16 KB
12 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXk0ICNG4u2SMsXuxBryCNlmBQwvx4A5ZtF0Jl1JoiXTZ54ChLOD9iOIIOaZkMLjB7mfm0KGpd6BmzfSPJah1FJ26Qnj5Uu0db0mFUdlDUvyg1B_0YK3b5CCEWRvSXtvVElIt9LhdNeOeVnwCkxwsL1vOHCWvBvfQsxOw6i6z_DV0t4Vc&cry=1&dbm_d=AKAmf-BcurTKFfpp3jCv3Rod--sMA40aLyzNn_9xV9iwCn0fEqe6DyLLIx92nlq6h3ej2HEvW8UJ1XEAIPiSSVDIM_PcuQJMAqvLnfgUCECYkFpijEhT31IqQljiqTzurl7ErfjmhXQoRAuTD9p11qr_YWJ_pD5UpZymDteOpwzVj82jW5Gm4p4pAlAJuOJhl1eWKbIKofMQe8nAUJbqaIWfWWigcPo4Mxw3YH0tTW111xgDfPvWAryIX7sz3-ODsRaHSZCWadKZprWNh4G-9wEGIH5RgNK_ywPb054UVcVLn3erCkq_o4KirrRStqGxtFyVdq0hCKSBx7v_yvbdPY0xy-ro0Cw14fHBSecBKy2LKA2bLbRepF_r6w6JOLP1SnFGvku7ba0qxUccxYycLDbZ_FANRnGt_H5fJ70fXbbjV4JLSAXmaotoeMv4u62jikuPEoewHeInZy3DJ9zLx-FdGktJcJ7yixf9jye_ywmIVYBXnSrbFZwz681dUJL-wA-kYXUbydp45e1Q3gIbEbulqjiJ_zDOh2dAThxP0PbTVVq3EDabYXoNZkiXSeqIRwcnEKFfGNYIV6SSqPthMA10PolrPJu7jEw824c5APYeNrinLboZhFtKlJaAy_NGFIIqCx-PNByXUycm_b2UgIUIHAphPKXqYU1m6TWm4rAcDTO5v0Nk9XO1NSZxGFrk9_ZkV4Vn-eRtm3ALSWpssnJBIpn7by06u7OMaB4GJVlIEnCSW1ealmJMB8HH9ytC49R4lNpboDHjW8T3UoP0FQvA5pSdrF1MUgAoBE--kiXUzAW_usuHnN8erPLGue1Fk_kIljMksqW7f8IFykdaEBU-ooZEnIMuw1f3-r5Q-LnTs94XIcbA6uALm7MKNbaZWsGZ14gejCR-dU1ZiSe-M43Dq3t-C-zx77Wa0TqUk9uLf5zxNFRPqwTCcCPJAOfYKM-cGoUEEGC9GXi774rDogrWUPQ0TUiocRBUQLkvZWWW_NepTHeIb_-CNomsoPij-ewMKRCYUc4k15DmudyvL0gpCM4wkUM_2AfkiowyDJ6gPHNkv6ZJ5QvuQDmtB2YvZQdveV4qNByhYbStGdOOTC1mupaI5vDa6_90-5gVL2Nu3HTGBhd6HfXVWcM3DJwZ_P7y7ycR4CFvPWfs1U8o6n8_0p7qNnfRKMYWIe9AmAjBSV89Gjt8F_l1jC4ynxqHCRjs-VPdbkH04Fqg19oA5IU37CL9q-CfTbqwRSE9DjGxaR6fUWWgkPZTMUFM867vSlqp5ttrFyjQjj2MtFWCFCSbk4jQ0Vj21y2dzNm3R_gduZ_hclEz6wvc3E2KGo5LPyeZXEdSTaAFg5oo9RTvkkTzMm6-WZcVJNyKjYsJEK-OfQRdZRRqAZvVXy3Pejp90BMcKHrC9hNm0d1NxxoZqhpfnRMaTaZcexGsw7vSHCVO0anPrEvU5sXxynN5JN9Q-kZMgUecCRPPFiLXdiF6QgcB51qL-RMVVajwEi_3gut0V_DQHj1J0lDdSCV9jXAjAgj2FtqjOxhqsNl138laeT50z8SVtsU2mV17GMcTU4LjoWHZP-QEcefatt2NI-ljCYJFNlgflX7ZGdf_L9XlfXdgT-hwm2MCGqVgLzdpyJdNI9c1u0kxHRIa7Zqa0RbGkkSIatAfx_m2JY-lbGk8E3l-hGLlQTfBkS6dI6hDnFkr_Rznfv0IE1D_dNQwPIWA4DjTOBQOdOy5SJYS902xV8Pww17aVI76PsPUSvsZMip625x1mBpt62ipS69ekXdyKiMJsPd5Hp4oPnaXGa2BBzEiZO3CL0-znHe4S_Y3sGuYISY6w_FsXFKnVc1SpyjRHxSudhayzOMOteXOvUWrhJHQdgjnR7eQaUvLhcra7uK93NIPBID3afH60-zRZZX2c310kyQjY-PueC9cTuQtDQ-XnB2JO5bwxAPY3WFGxURFeanthmGhiCp9paHjyZt_BpgZSibAs-tJ6EvjFkv4X7Uo8-Q2IZvJPOajlwpQ-czMBFtAQMPj9k-S0FlJbcY8qO942xhAP8l2wNebOVgEGe-ouTIDJtUvZf8iv7HxgwORahrDAC-bXVAEPtEktwv1oStVZ4gYTRhfsoDQzrytJsJPRijpQJC8--2peK-i95VLUe3eOMoCSQejjy0KUR3mITe-s9sguhEuoFjvl3bed__EpaBTwHL3_0Z5CPmgzcpFUQtBa3JURs24Pmf55baEyvpwXjpTJuqeYe6BcK4h0d3Az5oRH7jykPP_6CoK9vmYW3N1J8Fxvh9U_PYHilr0cbkcyaE5CprdJ92fblnHcn97sBYwPxDqkgBTJn3CVfXoIL2BL6KfBLLwK4KPnzwBF5EhSApzkt6vHn1slha-kvYRp8OfnQeS4O8z3712M_JR-9jbYIYMggbXKxyyZ_AP0LMJpdzsNlmoOTa_PyVfIHsoAjoh-DHEHJ3BL27QZ4quqIoQMjvUY89e-K2E_DT2sRRgqb6rIO1_dsn7f39FtsnpBuSA1j1WRHlFYcWpuEjUhNt8pBlwEtRYjag-KzYhVrS2_zdSEs6ZBEMWhhZbY3EOaO7aLhEbGI1MuQcAikEQQ565n7tUjA2da9PTwAyytxTMfxpchs9yEcfnpXNXJh0DUxC8T-Qx4LsSQfBL8NTHOjlQocwBRG9rzHlt2A8f4mNzkIEDRQjj3hgqzyZXjqatSTdRD6imE9qB4RdJxjKM0A4hsBJ0n_pbleXqhtC7oJqJHL6aG6RHV3z0x4EapxLsSG73Rpkd0M9pe0EznysY3kkuxV-lijHzHgVx9QZ_MpnkqiAEwMqSGiwuvnGW6UUdYzcaGui4CRixCX7jpOOnUAS5mEB2QoOJcnCcQD8BehvQrux8SBkpAZzHNU5SD3pIsTwvUXNCmXfik352sTATAdkYNFUjS5qJlnjVy8A4IdNDpzMSLUi6ryURE93JIUSexg9jhhCB2taxdmwuMDEpgxpqc1WTfmwnqKibAMQOcMNJacSLWBO7v9VoRxTDhM-dn1sHmAs5SJUCmVZdjJx4subs1qk-yyenkGvn6AT4k6zWIoP6r_wP2AQaY27suu6hkAM1JFewkKhnGikHjR3eHpbFcOiljQUrPEz1ujRKa9dV09ufTnk6VjGUtPDIJhOZ3phSPvLmSfBZJQ_NzNMX8-xhZgmhbpWaW_SYia_-alX_wdbZLVO5Mm7lZgGcsIZ6RuWorGND18fcdJDsuHRmVkxsXzvTnEB4Sb62f3fOxCD4m15Ao1UuWzuQtLNiXs_057QLfO52M-IbTfg65CilhXdh0CV1T_re6wSWFxlpJgxGJhYAJYBRFU6tMakOENRji0s_GeW8H730FbWtBgvqgQpDSNwwji2AbXm0lF0fsgOxC9Z_s6MmNDKqL_AB7lH6fUecmt_HdGM48WKmYAmqU0QH1jdgJXpGL_zssC_nxJqArirb_mrNkV9BjBXWWvJ8bDZINL3ooAjhtB-lArfLZ8dEfu8F5zp9bNCB0lywXiRA32BCfmyiaHhOR6NEoPfwXMRFZS-N7HmOvqZa-RxBhey3Flyoc3Cj4lSFKb2jOalQFrgs3rwZvUJcDL4wI37_y73gf5i7q-eFcqMzA1g-d6xtNiuGwS3enx3FbrrR2XM8GSFgCAMmLnUpc3Dm_YqtwxRPyJpdSmQTNRpKoG8GI4FTOWt3wGV-mRug-r2rytGSyfO44htpKa19SEOOVVb_55DKE3_kOiSaflbTHSz7HVKOrfExMMpSfsnKTQt9GBlNM9aJk7uJueMMKC22WcyUnadAi0bdTV0ZxlpVwBMXgFn82k22ejsI0BPgjo30WX1H942HREy5x0_bn7_PYsgPiZ3CK1lvt3Z0DndXWjr6YbVQWwyQe3wAd4O1evyB8Cu0D3yWWYCBum8QBgow8O9nlLy7J1tNRQ&cid=CAQSTgDICaaNn7edd5AapkCdwSCj9jUbVGL_oL2ILCioewvq5feCqTeUUlv30QJRhdSjGbARWcvmiSqB4zkwURDIO74JrJiFP-v2ExQ6s1OsWhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.pbh2.com%2F&ds=l&xdt=1&iif=1&cor=15341851885057282000&adk=1964084972&idt=125&cac=0&dtd=22

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83aa6fb166fcd9313eb54292483ede50efd316b14e27ec61b99da9e7f4d25127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12377
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 392D 41 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXk0ICNG4u2SMsXuxBryCNlmBQwvx4A5ZtF0Jl1JoiXTZ54ChLOD9iOIIOaZkMLjB7mfm0KGpd6BmzfSPJah1FJ26Qnj5Uu0db0mFUdlDUvyg1B_0YK3b5CCEWRvSXtvVElIt9LhdNeOeVnwCkxwsL1vOHCWvBvfQsxOw6i6z_DV0t4Vc&cry=1&dbm_d=AKAmf-BcurTKFfpp3jCv3Rod--sMA40aLyzNn_9xV9iwCn0fEqe6DyLLIx92nlq6h3ej2HEvW8UJ1XEAIPiSSVDIM_PcuQJMAqvLnfgUCECYkFpijEhT31IqQljiqTzurl7ErfjmhXQoRAuTD9p11qr_YWJ_pD5UpZymDteOpwzVj82jW5Gm4p4pAlAJuOJhl1eWKbIKofMQe8nAUJbqaIWfWWigcPo4Mxw3YH0tTW111xgDfPvWAryIX7sz3-ODsRaHSZCWadKZprWNh4G-9wEGIH5RgNK_ywPb054UVcVLn3erCkq_o4KirrRStqGxtFyVdq0hCKSBx7v_yvbdPY0xy-ro0Cw14fHBSecBKy2LKA2bLbRepF_r6w6JOLP1SnFGvku7ba0qxUccxYycLDbZ_FANRnGt_H5fJ70fXbbjV4JLSAXmaotoeMv4u62jikuPEoewHeInZy3DJ9zLx-FdGktJcJ7yixf9jye_ywmIVYBXnSrbFZwz681dUJL-wA-kYXUbydp45e1Q3gIbEbulqjiJ_zDOh2dAThxP0PbTVVq3EDabYXoNZkiXSeqIRwcnEKFfGNYIV6SSqPthMA10PolrPJu7jEw824c5APYeNrinLboZhFtKlJaAy_NGFIIqCx-PNByXUycm_b2UgIUIHAphPKXqYU1m6TWm4rAcDTO5v0Nk9XO1NSZxGFrk9_ZkV4Vn-eRtm3ALSWpssnJBIpn7by06u7OMaB4GJVlIEnCSW1ealmJMB8HH9ytC49R4lNpboDHjW8T3UoP0FQvA5pSdrF1MUgAoBE--kiXUzAW_usuHnN8erPLGue1Fk_kIljMksqW7f8IFykdaEBU-ooZEnIMuw1f3-r5Q-LnTs94XIcbA6uALm7MKNbaZWsGZ14gejCR-dU1ZiSe-M43Dq3t-C-zx77Wa0TqUk9uLf5zxNFRPqwTCcCPJAOfYKM-cGoUEEGC9GXi774rDogrWUPQ0TUiocRBUQLkvZWWW_NepTHeIb_-CNomsoPij-ewMKRCYUc4k15DmudyvL0gpCM4wkUM_2AfkiowyDJ6gPHNkv6ZJ5QvuQDmtB2YvZQdveV4qNByhYbStGdOOTC1mupaI5vDa6_90-5gVL2Nu3HTGBhd6HfXVWcM3DJwZ_P7y7ycR4CFvPWfs1U8o6n8_0p7qNnfRKMYWIe9AmAjBSV89Gjt8F_l1jC4ynxqHCRjs-VPdbkH04Fqg19oA5IU37CL9q-CfTbqwRSE9DjGxaR6fUWWgkPZTMUFM867vSlqp5ttrFyjQjj2MtFWCFCSbk4jQ0Vj21y2dzNm3R_gduZ_hclEz6wvc3E2KGo5LPyeZXEdSTaAFg5oo9RTvkkTzMm6-WZcVJNyKjYsJEK-OfQRdZRRqAZvVXy3Pejp90BMcKHrC9hNm0d1NxxoZqhpfnRMaTaZcexGsw7vSHCVO0anPrEvU5sXxynN5JN9Q-kZMgUecCRPPFiLXdiF6QgcB51qL-RMVVajwEi_3gut0V_DQHj1J0lDdSCV9jXAjAgj2FtqjOxhqsNl138laeT50z8SVtsU2mV17GMcTU4LjoWHZP-QEcefatt2NI-ljCYJFNlgflX7ZGdf_L9XlfXdgT-hwm2MCGqVgLzdpyJdNI9c1u0kxHRIa7Zqa0RbGkkSIatAfx_m2JY-lbGk8E3l-hGLlQTfBkS6dI6hDnFkr_Rznfv0IE1D_dNQwPIWA4DjTOBQOdOy5SJYS902xV8Pww17aVI76PsPUSvsZMip625x1mBpt62ipS69ekXdyKiMJsPd5Hp4oPnaXGa2BBzEiZO3CL0-znHe4S_Y3sGuYISY6w_FsXFKnVc1SpyjRHxSudhayzOMOteXOvUWrhJHQdgjnR7eQaUvLhcra7uK93NIPBID3afH60-zRZZX2c310kyQjY-PueC9cTuQtDQ-XnB2JO5bwxAPY3WFGxURFeanthmGhiCp9paHjyZt_BpgZSibAs-tJ6EvjFkv4X7Uo8-Q2IZvJPOajlwpQ-czMBFtAQMPj9k-S0FlJbcY8qO942xhAP8l2wNebOVgEGe-ouTIDJtUvZf8iv7HxgwORahrDAC-bXVAEPtEktwv1oStVZ4gYTRhfsoDQzrytJsJPRijpQJC8--2peK-i95VLUe3eOMoCSQejjy0KUR3mITe-s9sguhEuoFjvl3bed__EpaBTwHL3_0Z5CPmgzcpFUQtBa3JURs24Pmf55baEyvpwXjpTJuqeYe6BcK4h0d3Az5oRH7jykPP_6CoK9vmYW3N1J8Fxvh9U_PYHilr0cbkcyaE5CprdJ92fblnHcn97sBYwPxDqkgBTJn3CVfXoIL2BL6KfBLLwK4KPnzwBF5EhSApzkt6vHn1slha-kvYRp8OfnQeS4O8z3712M_JR-9jbYIYMggbXKxyyZ_AP0LMJpdzsNlmoOTa_PyVfIHsoAjoh-DHEHJ3BL27QZ4quqIoQMjvUY89e-K2E_DT2sRRgqb6rIO1_dsn7f39FtsnpBuSA1j1WRHlFYcWpuEjUhNt8pBlwEtRYjag-KzYhVrS2_zdSEs6ZBEMWhhZbY3EOaO7aLhEbGI1MuQcAikEQQ565n7tUjA2da9PTwAyytxTMfxpchs9yEcfnpXNXJh0DUxC8T-Qx4LsSQfBL8NTHOjlQocwBRG9rzHlt2A8f4mNzkIEDRQjj3hgqzyZXjqatSTdRD6imE9qB4RdJxjKM0A4hsBJ0n_pbleXqhtC7oJqJHL6aG6RHV3z0x4EapxLsSG73Rpkd0M9pe0EznysY3kkuxV-lijHzHgVx9QZ_MpnkqiAEwMqSGiwuvnGW6UUdYzcaGui4CRixCX7jpOOnUAS5mEB2QoOJcnCcQD8BehvQrux8SBkpAZzHNU5SD3pIsTwvUXNCmXfik352sTATAdkYNFUjS5qJlnjVy8A4IdNDpzMSLUi6ryURE93JIUSexg9jhhCB2taxdmwuMDEpgxpqc1WTfmwnqKibAMQOcMNJacSLWBO7v9VoRxTDhM-dn1sHmAs5SJUCmVZdjJx4subs1qk-yyenkGvn6AT4k6zWIoP6r_wP2AQaY27suu6hkAM1JFewkKhnGikHjR3eHpbFcOiljQUrPEz1ujRKa9dV09ufTnk6VjGUtPDIJhOZ3phSPvLmSfBZJQ_NzNMX8-xhZgmhbpWaW_SYia_-alX_wdbZLVO5Mm7lZgGcsIZ6RuWorGND18fcdJDsuHRmVkxsXzvTnEB4Sb62f3fOxCD4m15Ao1UuWzuQtLNiXs_057QLfO52M-IbTfg65CilhXdh0CV1T_re6wSWFxlpJgxGJhYAJYBRFU6tMakOENRji0s_GeW8H730FbWtBgvqgQpDSNwwji2AbXm0lF0fsgOxC9Z_s6MmNDKqL_AB7lH6fUecmt_HdGM48WKmYAmqU0QH1jdgJXpGL_zssC_nxJqArirb_mrNkV9BjBXWWvJ8bDZINL3ooAjhtB-lArfLZ8dEfu8F5zp9bNCB0lywXiRA32BCfmyiaHhOR6NEoPfwXMRFZS-N7HmOvqZa-RxBhey3Flyoc3Cj4lSFKb2jOalQFrgs3rwZvUJcDL4wI37_y73gf5i7q-eFcqMzA1g-d6xtNiuGwS3enx3FbrrR2XM8GSFgCAMmLnUpc3Dm_YqtwxRPyJpdSmQTNRpKoG8GI4FTOWt3wGV-mRug-r2rytGSyfO44htpKa19SEOOVVb_55DKE3_kOiSaflbTHSz7HVKOrfExMMpSfsnKTQt9GBlNM9aJk7uJueMMKC22WcyUnadAi0bdTV0ZxlpVwBMXgFn82k22ejsI0BPgjo30WX1H942HREy5x0_bn7_PYsgPiZ3CK1lvt3Z0DndXWjr6YbVQWwyQe3wAd4O1evyB8Cu0D3yWWYCBum8QBgow8O9nlLy7J1tNRQ&cid=CAQSTgDICaaNn7edd5AapkCdwSCj9jUbVGL_oL2ILCioewvq5feCqTeUUlv30QJRhdSjGbARWcvmiSqB4zkwURDIO74JrJiFP-v2ExQ6s1OsWhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.pbh2.com%2F&ds=l&xdt=1&iif=1&cor=15341851885057282000&adk=1964084972&idt=125&cac=0&dtd=22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 413242
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 02:22:26 GMT

GET
H/1.1 200
OK vjdy8w6hewcq Show response
hal9000.redintelligence.net/zone/ Frame 392D 11 KB
4 KB 69ms
12ms Script
text/html 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/vjdy8w6hewcq?subid=&gdpr=&gdpr_consent=&rnd=1699304988265107&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTtOaHFZJZZOXENXVgQe656ToAablvaBplZOcp8kP8C4QASD_6OlpYJXikIKgB8gBCakC88WoHA4Dsj6oAwHIA5sEqgSQAk_QHAdIiPx3MP5Y7g2v6hjTzS7_QdF6YNo51ebW_OJG-RT8YhLnLNDqMR-15DFMBCSq6dcysqp3eKDSRNDNcV0WYBxm0YMmMt-wpKlglXcAeeX9YXZTVhEyUEvRx3vcc_aClTmtl7lm33dylzvN9VOa4woxfeJGh-_8r6xdERB17bExOHi0Z86aloNDKDYK2ZG7ctE6OJbuy0IMptgVki0wtapYLbJeeFylNY2e6vNqQkfadUSxl_B7_kHgpKUsYSb_m8XTEbQvsFUS0hLTXJoHWfSBsiGRCJXbtr8qtetXJ62NUOYZEYF-rOFhEJ-we_ZGFfcG1Xb1qbf2tYYZwoB-c9OpTADp2ohLBVJYXQxpwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXiDRMImpfCsaSwggMV1WrgCh26MwkdsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNn7edd5AapkCdwSCj9jUbVGL_oL2ILCioewvq5feCqTeUUlv30QJRhdSjGbARWcvmiSqB4zkwURDIO74JrJiFP-v2ExQ6s1OsWhgB%26sig%3DAOD64_3nD9aDKf1puw1gvMHLzjes8-HaKg%26client%3Dca-pub-6630993153956715%26dbm_c%3DAKAmf-B7yAKEQNevgymi7AuiHMKyLU04HXpGQdoHddS4bkj_HZNcNGj5KjgsnUH9qbHh0bIDKdrWBJ_eKcEmmNSBupEacRBQ0lYAS8NKypOaPb4XUqiCix6CL3xGL3uyzHcML1twA8PUGYnOgfRmBlzrzdNytkks_hFQOPbG-qyNMQYy-_90xn4%26cry%3D1%26dbm_d%3DAKAmf-Cjued28S-CFsDVrK7rxMlCmD7p4IiPVELDjKIycmzquhuNZ_AONL9tGrCbg9FKNvcphU1ZETGqhwFJGsA2359rX_Sh-san7NznCzXhFAQAEPZriZm7AUE3wTEecZxW46VkIF_CLM8gdHFFceoiNLdXHJkkFTqPteBfrtgx0AIejnOM_yJUXq64Q-vGbMJ0lhPnx-QmHgd-PINBghavnTEpR5XyatnWu34wDo1GKoU9xTjsGOFN4BWOHUNgiFypefYJjmJ7kmxgkkfucM_o7EVnOaKi4t7_k6cQGoXFpEkaDp08PsYrpnVQYLoRoQ1IIq-WPCfeYaKh2HWxZe5eBV5mGv-hYHdwy2k76BrVAV9JrSR545XwUdLIP5Mo5mgcLo7KumUkIYoPEluGrtZ9dnnGKNbqx63BzwNxd73Bljc1YIkHhPTvqkGkjuqlbGfNe8AZ6KQv0ymHI4N6Dtpk5HcdU3Q4JqPpSV_VStxsecWRJKy2HHUSEckZVN2Zsip-dsnXeeTQpx9_Ho8VKdVCeZLVBAk0khSaMQLWRTcthHiXE7dxQ4Q%26adurl%3D
Requested by: Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 1ff498aa733920d4d7b713b0480ee4ce116e04858d781ba701a23018eb979fa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 21:09:48 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4205
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame A73A 38 KB
13 KB 13ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 305728
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 08:14:20 GMT
expires: Sat, 02 Nov 2024 08:14:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6D27 6 KB
3 KB 9ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pbh2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 21:09:48 GMT
expires: Tue, 05 Nov 2024 21:09:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame A73A 38 KB
15 KB 15ms
11ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 20:13:02 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 735A 624 B
245 B 52ms
49ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMWK-AIQ5fS9hwIYhJfO_AEwAQ&v=APEucNUUQv02ruVVFE4-TtA1E5syvKTyDD0kxt9f5mNNoa-pe00CfiR42t-PYR0cpCj0bY4SawKRWYrryGx84-H_pyKD2ugNuvOmYO5id3_IYr9e3yKu0uuPGyprhGrbkWd_B1E-p9yxOVYnUcbuXF0aQ8Ths06UGFXWMgjHxxg5pg1ztr_Albk

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 21:09:48 GMT
expires: Mon, 06 Nov 2023 21:09:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/ Frame 6D27 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/abg_lite_fy2021.js

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:58:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25879
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:58:29 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/ Frame 6D27 7 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:58:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25879
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:58:29 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6D27 0
0 102ms
55ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss3I-jqxEGOvwzXz1HmZrLZWA0VMw6VCCAJS-ckQ088QDYa_C5XkCzaVlZURq06u16xsJI__rYGiXAccaMTIKIs4tVw7BX9qATuOLsVxvluSh4Vl3jlmUiC1tOTJTVpNXCyuHK8MVJ3SBGqsM5yhTC7cTTaPF18nyjX2JQljb9holq0kO7eH217z2JxMyIo0U9FXNmvRi7E7LsIyntQ8DJBrSEoj9R-0dTEFvR45Q3F7OZgbzVCW5MFvGZV9SGi1TF9--yiFXCxZ1UHPAbehkDmXPKG6Ksj783DSNFFoWo5u1Mzz6Y6tZESZyeO-9C8yy_dNpWyjFovhsDmC7YMx_EasOBWvtcG7yIIQovDwBuS6Jg2tDGfNo4Qj362yPGt51ekTFuNHPI3Er_ImxArmLYsZRjYKuHRPN-LdJSbI0hbeDKVH3K12GDgJjosGXVaqPxcTypdW5iL7Yjr4YG3_dtxt8_ybbZpq_20AzIIWZeH0Tip0qlb_3aOxmmJVySIxWVNouX7ZrzFVw72aicqg1NWqRQmrdPt3hguR5w2CksqyowxhADmu7FFypRMzheMp-kYuEiUdppul-G1ZVgV--VfEniz768JPtCRZa2dzpNstD9r8rNicHJFjTOtOHRJbcdIbIT72eJU9Zky2WEOm_N94Bk1ocpwysxrVnsF9HYBCzFdk7g2GpdxLzc0sgoDb4VGK0InO2CW3rK7CfVytkDmFxhZqXyg22GQrYl_FXgineBtRKi2B_fECWhIIY9vi98o6G3m9Tci4G9RQQmJgd-z_l6EgwfmYINhikH1YFZcKZy3QVBNcb9EsyXyG7z7PNpyB1NQn5lfmQraTkjZPwbaPNFCxmUHMiZWe5x6KvRNmHQnv59EsAoPu6LqKacrScw-p7vNqdvWdA47e0PVsklpB5lS3FOMBoSDU45her7rX5HEsYkTxOKslcl2yGabQVDTgi2xP-rzxkPF4pa9oMmAVTfb--Ht0JaheJ-iBpucjpLMAqy1tKqncTYDKjQMRT7MEiyF2kryjhrmVs4TEyVkqWa5k21Vdf5hlFI8h4GDsv3IUJolWsDJ7TwrQUyBRZh3ovN0GJxDp6qrqEVVn8JNe2VNIcmym34_xTdrmoL7MadR1Gyd4txcqmOhCi9_tDkqb21mNeq5NF6fMwKY6uLTM2LryWxXuhRbprFxXMefd-cR89c5VE_rUD6F47amVUTslHCakosajsIS0DIhvsIzTpMNXLAZn2dyImsKkMcAH0jGg5Rn3NMS5lIKA4mICzw0cCIvXkbQ92DjWbnc67i9WvQ9YSI5iY4JiX5EjuHMjspIcpatNo8Ju5QV8e4pJZ_maZg646I&sai=AMfl-YQAUyK5pR5gw0X1pku6y0Lxgqj3EybmEFGMvfKkp-CMEwuKVSI3ukWRuEhOQq1N7OY5PA6I8iyBH1ayooSU3vBmWbE2mLyFOL4vStK2YfngFqlfvu3MfB-KMp3NjdgSgczGEZBaViNrQXklOS8lSEOzFNyoV0qtzKZGmXke_xQhOBvdiNCm08VozyUgNsla9HTGty4kZUBJgBWNASRpL4-eCPZOPaR2XCuoilhGHABPgKnkZgL_ZRZ4EyqaF6fAXH3kRwCNW6VByLpqezNDV8mKGyR3KBmgA6k9pMUQ3snQNR-ZKEIbMSzb7hq-D-mGPLCWSuI4ouVhGizS0v5egikbaEkWSDVZhPKnmuRPCA6HKYTzkaZVwyVuraR4aDo0wGH9uX2csVMiGC3ye3bSB6KxpgT5YFX_sQl5CFk9Nr0egK0ZeWZuQhhE8Zny6yrdoa7qbHY2zqQCxADasn61jj4rtP9J1vnqLPBlGjtW&sig=Cg0ArKJSzBCPAdKlqT3UEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231102.45125&arae=0&ftch=1&adurl=

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Nov 2023 21:09:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 6D27 41 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 413242
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 02:22:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 6D27 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:57:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:57:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 6D27 20 KB
8 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:57:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:57:12 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D27 42 B
63 B 45ms
43ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Duw9HAx3GR6UoQR5cd2MoyynnNWNo7HHenYEhl-hHspErM592e4YqSRI8XL2M2HgVdlHkNbdu9BxEpmLzspbPsMNufaY0kuSOcke0TNbikIBw6GAo

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ai.aspx
tagm.tchibo.de/ Frame 6D27 43 B
1 KB 140ms
22ms Image
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tagm.tchibo.de/ai.aspx?extProvId=300&extProvApi=129768&extPu=tchibo-dv360&extLi=15415936&extPm=16022336557&extCr=529763204&adslotid=1

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.14.248.72 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 06 Nov 2023 21:09:48 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://tagm.tchibo.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mo, 06 Nov 2023 09:09:48 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 821
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6D27 189 KB
59 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 21:09:48 GMT

GET
H2 200 5510633474278261625
s0.2mdn.net/simgad/ Frame 6D27 149 KB
149 KB 67ms
15ms Image
image/gif 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5510633474278261625

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5444b8316e4780be64a305e03627981e6c8c8af824ffe290071aebb19944861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 09:39:57 GMT
x-content-type-options: nosniff
age: 473391
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 152228
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 08:12:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Oct 2024 09:39:57 GMT

GET
H/1.1

200
OK

request.php Show response
hal90004.redintelligence.net/ Frame 392D
Redirect Chain

https://hal90004.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=91df451827&subid=&uid=009e294e93834cfc&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90004.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=91df451827&subid=&uid=009e294e93834cfc&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

3 KB
2 KB

118ms
96ms

Script
application/x-javascript

138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90004.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=91df451827&subid=&uid=009e294e93834cfc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTtOaHFZJZZOXENXVgQe656ToAablvaBplZOcp8kP8C4QASD_6OlpYJXikIKgB8gBCakC88WoHA4Dsj6oAwHIA5sEqgSQAk_QHAdIiPx3MP5Y7g2v6hjTzS7_QdF6YNo51ebW_OJG-RT8YhLnLNDqMR-15DFMBCSq6dcysqp3eKDSRNDNcV0WYBxm0YMmMt-wpKlglXcAeeX9YXZTVhEyUEvRx3vcc_aClTmtl7lm33dylzvN9VOa4woxfeJGh-_8r6xdERB17bExOHi0Z86aloNDKDYK2ZG7ctE6OJbuy0IMptgVki0wtapYLbJeeFylNY2e6vNqQkfadUSxl_B7_kHgpKUsYSb_m8XTEbQvsFUS0hLTXJoHWfSBsiGRCJXbtr8qtetXJ62NUOYZEYF-rOFhEJ-we_ZGFfcG1Xb1qbf2tYYZwoB-c9OpTADp2ohLBVJYXQxpwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXiDRMImpfCsaSwggMV1WrgCh26MwkdsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNn7edd5AapkCdwSCj9jUbVGL_oL2ILCioewvq5feCqTeUUlv30QJRhdSjGbARWcvmiSqB4zkwURDIO74JrJiFP-v2ExQ6s1OsWhgB%26sig%3DAOD64_3nD9aDKf1puw1gvMHLzjes8-HaKg%26client%3Dca-pub-6630993153956715%26dbm_c%3DAKAmf-B7yAKEQNevgymi7AuiHMKyLU04HXpGQdoHddS4bkj_HZNcNGj5KjgsnUH9qbHh0bIDKdrWBJ_eKcEmmNSBupEacRBQ0lYAS8NKypOaPb4XUqiCix6CL3xGL3uyzHcML1twA8PUGYnOgfRmBlzrzdNytkks_hFQOPbG-qyNMQYy-_90xn4%26cry%3D1%26dbm_d%3DAKAmf-Cjued28S-CFsDVrK7rxMlCmD7p4IiPVELDjKIycmzquhuNZ_AONL9tGrCbg9FKNvcphU1ZETGqhwFJGsA2359rX_Sh-san7NznCzXhFAQAEPZriZm7AUE3wTEecZxW46VkIF_CLM8gdHFFceoiNLdXHJkkFTqPteBfrtgx0AIejnOM_yJUXq64Q-vGbMJ0lhPnx-QmHgd-PINBghavnTEpR5XyatnWu34wDo1GKoU9xTjsGOFN4BWOHUNgiFypefYJjmJ7kmxgkkfucM_o7EVnOaKi4t7_k6cQGoXFpEkaDp08PsYrpnVQYLoRoQ1IIq-WPCfeYaKh2HWxZe5eBV5mGv-hYHdwy2k76BrVAV9JrSR545XwUdLIP5Mo5mgcLo7KumUkIYoPEluGrtZ9dnnGKNbqx63BzwNxd73Bljc1YIkHhPTvqkGkjuqlbGfNe8AZ6KQv0ymHI4N6Dtpk5HcdU3Q4JqPpSV_VStxsecWRJKy2HHUSEckZVN2Zsip-dsnXeeTQpx9_Ho8VKdVCeZLVBAk0khSaMQLWRTcthHiXE7dxQ4Q%26adurl%3D&documentReferer=https%3A%2F%2Fwww.pbh2.com%2F&ancestorOrigins=https%3A%2F%2Fwww.pbh2.com&random=56616351551&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 5cd1aad2b9d6fe4fbb0c1cfd76708b8f537c3629c151a10ed0c49bfae2d29ec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Nov 2023 21:09:48 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 65230400169887204444990012500004
Connection: close
Content-Length: 1044
Expires: Mon, 06 Nov 2023 21:09:48 +0100

Redirect headers

Pragma: no-cache
Date: Mon, 06 Nov 2023 21:09:48 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=91df451827&subid=&uid=009e294e93834cfc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTtOaHFZJZZOXENXVgQe656ToAablvaBplZOcp8kP8C4QASD_6OlpYJXikIKgB8gBCakC88WoHA4Dsj6oAwHIA5sEqgSQAk_QHAdIiPx3MP5Y7g2v6hjTzS7_QdF6YNo51ebW_OJG-RT8YhLnLNDqMR-15DFMBCSq6dcysqp3eKDSRNDNcV0WYBxm0YMmMt-wpKlglXcAeeX9YXZTVhEyUEvRx3vcc_aClTmtl7lm33dylzvN9VOa4woxfeJGh-_8r6xdERB17bExOHi0Z86aloNDKDYK2ZG7ctE6OJbuy0IMptgVki0wtapYLbJeeFylNY2e6vNqQkfadUSxl_B7_kHgpKUsYSb_m8XTEbQvsFUS0hLTXJoHWfSBsiGRCJXbtr8qtetXJ62NUOYZEYF-rOFhEJ-we_ZGFfcG1Xb1qbf2tYYZwoB-c9OpTADp2ohLBVJYXQxpwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXiDRMImpfCsaSwggMV1WrgCh26MwkdsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNn7edd5AapkCdwSCj9jUbVGL_oL2ILCioewvq5feCqTeUUlv30QJRhdSjGbARWcvmiSqB4zkwURDIO74JrJiFP-v2ExQ6s1OsWhgB%26sig%3DAOD64_3nD9aDKf1puw1gvMHLzjes8-HaKg%26client%3Dca-pub-6630993153956715%26dbm_c%3DAKAmf-B7yAKEQNevgymi7AuiHMKyLU04HXpGQdoHddS4bkj_HZNcNGj5KjgsnUH9qbHh0bIDKdrWBJ_eKcEmmNSBupEacRBQ0lYAS8NKypOaPb4XUqiCix6CL3xGL3uyzHcML1twA8PUGYnOgfRmBlzrzdNytkks_hFQOPbG-qyNMQYy-_90xn4%26cry%3D1%26dbm_d%3DAKAmf-Cjued28S-CFsDVrK7rxMlCmD7p4IiPVELDjKIycmzquhuNZ_AONL9tGrCbg9FKNvcphU1ZETGqhwFJGsA2359rX_Sh-san7NznCzXhFAQAEPZriZm7AUE3wTEecZxW46VkIF_CLM8gdHFFceoiNLdXHJkkFTqPteBfrtgx0AIejnOM_yJUXq64Q-vGbMJ0lhPnx-QmHgd-PINBghavnTEpR5XyatnWu34wDo1GKoU9xTjsGOFN4BWOHUNgiFypefYJjmJ7kmxgkkfucM_o7EVnOaKi4t7_k6cQGoXFpEkaDp08PsYrpnVQYLoRoQ1IIq-WPCfeYaKh2HWxZe5eBV5mGv-hYHdwy2k76BrVAV9JrSR545XwUdLIP5Mo5mgcLo7KumUkIYoPEluGrtZ9dnnGKNbqx63BzwNxd73Bljc1YIkHhPTvqkGkjuqlbGfNe8AZ6KQv0ymHI4N6Dtpk5HcdU3Q4JqPpSV_VStxsecWRJKy2HHUSEckZVN2Zsip-dsnXeeTQpx9_Ho8VKdVCeZLVBAk0khSaMQLWRTcthHiXE7dxQ4Q%26adurl%3D&documentReferer=https%3A%2F%2Fwww.pbh2.com%2F&ancestorOrigins=https%3A%2F%2Fwww.pbh2.com&random=56616351551&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Mon, 06 Nov 2023 21:09:48 +0100

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 991B 38 KB
13 KB 8ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 305728
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 08:14:20 GMT
expires: Sat, 02 Nov 2024 08:14:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 735A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdtigh03Kbixsb_njxJjIA&google_cver=1

43 B
735 B

28ms
23ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdtigh03Kbixsb_njxJjIA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMWK-AIQ5fS9hwIYhJfO_AEwAQ&v=APEucNUUQv02ruVVFE4-TtA1E5syvKTyDD0kxt9f5mNNoa-pe00CfiR42t-PYR0cpCj0bY4SawKRWYrryGx84-H_pyKD2ugNuvOmYO5id3_IYr9e3yKu0uuPGyprhGrbkWd_B1E-p9yxOVYnUcbuXF0aQ8Ths06UGFXWMgjHxxg5pg1ztr_Albk
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=av0lIlnO4fMOdzmdyDcVzEK4du5VabLuVaY8Gc%2FKFL5ctYaKQKR6Nl7sxyKyjR%2BUbyIJYdIrUJIxKF%2FFdjQadrX1uuYrUerCEX0ZOpsNvay6VWhkKYSQOWKyBoEzFZrXoIl%2FhD0XhMk6WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 822051d49f4f9c01-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdtigh03Kbixsb_njxJjIA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 735A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUlWHBdi9ekZJo7EaIUusgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdtigh03Kbixsb_njxJjIA&google_cver=1

43 B
734 B

59ms
58ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdtigh03Kbixsb_njxJjIA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMWK-AIQ5fS9hwIYhJfO_AEwAQ&v=APEucNUUQv02ruVVFE4-TtA1E5syvKTyDD0kxt9f5mNNoa-pe00CfiR42t-PYR0cpCj0bY4SawKRWYrryGx84-H_pyKD2ugNuvOmYO5id3_IYr9e3yKu0uuPGyprhGrbkWd_B1E-p9yxOVYnUcbuXF0aQ8Ths06UGFXWMgjHxxg5pg1ztr_Albk
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6nTs6j8R2KOJi1yLXmyMR3NDxWFQ83f42UtpGGdrzGEqfdFBTMoLjXkvRyx1CbnEFUxf827I2JRvgWIfkch5pup9d2U%2FR8GEw%2FAe4RK5khkecTDopDGDWOrYNVYyNtRNi9F3aX%2BW%2FaK8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 822051d50ff89c01-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdtigh03Kbixsb_njxJjIA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 735A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMF1no_3VAUbzwTzpGXlEvc&google_cver=1

43 B
844 B

27ms
21ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMF1no_3VAUbzwTzpGXlEvc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMWK-AIQ5fS9hwIYhJfO_AEwAQ&v=APEucNUUQv02ruVVFE4-TtA1E5syvKTyDD0kxt9f5mNNoa-pe00CfiR42t-PYR0cpCj0bY4SawKRWYrryGx84-H_pyKD2ugNuvOmYO5id3_IYr9e3yKu0uuPGyprhGrbkWd_B1E-p9yxOVYnUcbuXF0aQ8Ths06UGFXWMgjHxxg5pg1ztr_Albk

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
an-x-request-uuid: a8f15487-818f-4b6d-b775-de073a72acd4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.134; 138.199.38.134; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMF1no_3VAUbzwTzpGXlEvc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 735A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkzODk0MDE1MDQyOTM5MjQ2Nw%3D%3D

170 B
232 B

17ms
16ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkzODk0MDE1MDQyOTM5MjQ2Nw%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:48 GMT
an-x-request-uuid: b7ebecbc-fb27-4a02-8d9f-d51d9a7a8370
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkzODk0MDE1MDQyOTM5MjQ2Nw%3D%3D
x-proxy-origin: 138.199.38.134; 138.199.38.134; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 6D27 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eca09f0209c6448bdb527722bd8cd3e8eb8245cf59799f3a81c1765a6020af60

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 991B 38 KB
15 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 20:13:02 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6D27 0
0 54ms
47ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss3I-jqxEGOvwzXz1HmZrLZWA0VMw6VCCAJS-ckQ088QDYa_C5XkCzaVlZURq06u16xsJI__rYGiXAccaMTIKIs4tVw7BX9qATuOLsVxvluSh4Vl3jlmUiC1tOTJTVpNXCyuHK8MVJ3SBGqsM5yhTC7cTTaPF18nyjX2JQljb9holq0kO7eH217z2JxMyIo0U9FXNmvRi7E7LsIyntQ8DJBrSEoj9R-0dTEFvR45Q3F7OZgbzVCW5MFvGZV9SGi1TF9--yiFXCxZ1UHPAbehkDmXPKG6Ksj783DSNFFoWo5u1Mzz6Y6tZESZyeO-9C8yy_dNpWyjFovhsDmC7YMx_EasOBWvtcG7yIIQovDwBuS6Jg2tDGfNo4Qj362yPGt51ekTFuNHPI3Er_ImxArmLYsZRjYKuHRPN-LdJSbI0hbeDKVH3K12GDgJjosGXVaqPxcTypdW5iL7Yjr4YG3_dtxt8_ybbZpq_20AzIIWZeH0Tip0qlb_3aOxmmJVySIxWVNouX7ZrzFVw72aicqg1NWqRQmrdPt3hguR5w2CksqyowxhADmu7FFypRMzheMp-kYuEiUdppul-G1ZVgV--VfEniz768JPtCRZa2dzpNstD9r8rNicHJFjTOtOHRJbcdIbIT72eJU9Zky2WEOm_N94Bk1ocpwysxrVnsF9HYBCzFdk7g2GpdxLzc0sgoDb4VGK0InO2CW3rK7CfVytkDmFxhZqXyg22GQrYl_FXgineBtRKi2B_fECWhIIY9vi98o6G3m9Tci4G9RQQmJgd-z_l6EgwfmYINhikH1YFZcKZy3QVBNcb9EsyXyG7z7PNpyB1NQn5lfmQraTkjZPwbaPNFCxmUHMiZWe5x6KvRNmHQnv59EsAoPu6LqKacrScw-p7vNqdvWdA47e0PVsklpB5lS3FOMBoSDU45her7rX5HEsYkTxOKslcl2yGabQVDTgi2xP-rzxkPF4pa9oMmAVTfb--Ht0JaheJ-iBpucjpLMAqy1tKqncTYDKjQMRT7MEiyF2kryjhrmVs4TEyVkqWa5k21Vdf5hlFI8h4GDsv3IUJolWsDJ7TwrQUyBRZh3ovN0GJxDp6qrqEVVn8JNe2VNIcmym34_xTdrmoL7MadR1Gyd4txcqmOhCi9_tDkqb21mNeq5NF6fMwKY6uLTM2LryWxXuhRbprFxXMefd-cR89c5VE_rUD6F47amVUTslHCakosajsIS0DIhvsIzTpMNXLAZn2dyImsKkMcAH0jGg5Rn3NMS5lIKA4mICzw0cCIvXkbQ92DjWbnc67i9WvQ9YSI5iY4JiX5EjuHMjspIcpatNo8Ju5QV8e4pJZ_maZg646I&sai=AMfl-YQAUyK5pR5gw0X1pku6y0Lxgqj3EybmEFGMvfKkp-CMEwuKVSI3ukWRuEhOQq1N7OY5PA6I8iyBH1ayooSU3vBmWbE2mLyFOL4vStK2YfngFqlfvu3MfB-KMp3NjdgSgczGEZBaViNrQXklOS8lSEOzFNyoV0qtzKZGmXke_xQhOBvdiNCm08VozyUgNsla9HTGty4kZUBJgBWNASRpL4-eCPZOPaR2XCuoilhGHABPgKnkZgL_ZRZ4EyqaF6fAXH3kRwCNW6VByLpqezNDV8mKGyR3KBmgA6k9pMUQ3snQNR-ZKEIbMSzb7hq-D-mGPLCWSuI4ouVhGizS0v5egikbaEkWSDVZhPKnmuRPCA6HKYTzkaZVwyVuraR4aDo0wGH9uX2csVMiGC3ye3bSB6KxpgT5YFX_sQl5CFk9Nr0egK0ZeWZuQhhE8Zny6yrdoa7qbHY2zqQCxADasn61jj4rtP9J1vnqLPBlGjtW&sig=Cg0ArKJSzBCPAdKlqT3UEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=148&vt=11&dtpt=147&dett=2&cstd=0&cisv=r20231102.45125&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 container.html Show response
4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DF43 6 KB
3 KB 36ms
30ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pbh2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 21:09:48 GMT
expires: Tue, 05 Nov 2024 21:09:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame A3AC
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=65230400169887204444990012500004&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=65230400169887204444990012500004&actionid=879111&produktid=ratenkredit&dt_url=

0
179 B

67ms
33ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=65230400169887204444990012500004&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=91df451827&subid=&uid=009e294e93834cfc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTtOaHFZJZZOXENXVgQe656ToAablvaBplZOcp8kP8C4QASD_6OlpYJXikIKgB8gBCakC88WoHA4Dsj6oAwHIA5sEqgSQAk_QHAdIiPx3MP5Y7g2v6hjTzS7_QdF6YNo51ebW_OJG-RT8YhLnLNDqMR-15DFMBCSq6dcysqp3eKDSRNDNcV0WYBxm0YMmMt-wpKlglXcAeeX9YXZTVhEyUEvRx3vcc_aClTmtl7lm33dylzvN9VOa4woxfeJGh-_8r6xdERB17bExOHi0Z86aloNDKDYK2ZG7ctE6OJbuy0IMptgVki0wtapYLbJeeFylNY2e6vNqQkfadUSxl_B7_kHgpKUsYSb_m8XTEbQvsFUS0hLTXJoHWfSBsiGRCJXbtr8qtetXJ62NUOYZEYF-rOFhEJ-we_ZGFfcG1Xb1qbf2tYYZwoB-c9OpTADp2ohLBVJYXQxpwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXiDRMImpfCsaSwggMV1WrgCh26MwkdsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNn7edd5AapkCdwSCj9jUbVGL_oL2ILCioewvq5feCqTeUUlv30QJRhdSjGbARWcvmiSqB4zkwURDIO74JrJiFP-v2ExQ6s1OsWhgB%26sig%3DAOD64_3nD9aDKf1puw1gvMHLzjes8-HaKg%26client%3Dca-pub-6630993153956715%26dbm_c%3DAKAmf-B7yAKEQNevgymi7AuiHMKyLU04HXpGQdoHddS4bkj_HZNcNGj5KjgsnUH9qbHh0bIDKdrWBJ_eKcEmmNSBupEacRBQ0lYAS8NKypOaPb4XUqiCix6CL3xGL3uyzHcML1twA8PUGYnOgfRmBlzrzdNytkks_hFQOPbG-qyNMQYy-_90xn4%26cry%3D1%26dbm_d%3DAKAmf-Cjued28S-CFsDVrK7rxMlCmD7p4IiPVELDjKIycmzquhuNZ_AONL9tGrCbg9FKNvcphU1ZETGqhwFJGsA2359rX_Sh-san7NznCzXhFAQAEPZriZm7AUE3wTEecZxW46VkIF_CLM8gdHFFceoiNLdXHJkkFTqPteBfrtgx0AIejnOM_yJUXq64Q-vGbMJ0lhPnx-QmHgd-PINBghavnTEpR5XyatnWu34wDo1GKoU9xTjsGOFN4BWOHUNgiFypefYJjmJ7kmxgkkfucM_o7EVnOaKi4t7_k6cQGoXFpEkaDp08PsYrpnVQYLoRoQ1IIq-WPCfeYaKh2HWxZe5eBV5mGv-hYHdwy2k76BrVAV9JrSR545XwUdLIP5Mo5mgcLo7KumUkIYoPEluGrtZ9dnnGKNbqx63BzwNxd73Bljc1YIkHhPTvqkGkjuqlbGfNe8AZ6KQv0ymHI4N6Dtpk5HcdU3Q4JqPpSV_VStxsecWRJKy2HHUSEckZVN2Zsip-dsnXeeTQpx9_Ho8VKdVCeZLVBAk0khSaMQLWRTcthHiXE7dxQ4Q%26adurl%3D&documentReferer=https%3A%2F%2Fwww.pbh2.com%2F&ancestorOrigins=https%3A%2F%2Fwww.pbh2.com&random=56616351551&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 06 Nov 2023 21:09:49 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 06 Nov 2023 10:09:49 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript
date: Mon, 06 Nov 2023 21:09:49 GMT
host: pv.medialead.de
keep-alive: timeout=20
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=65230400169887204444990012500004&actionid=879111&produktid=ratenkredit&dt_url=
proxy-host: pv.medialead.de
server: nginx/1.17.5
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40027
x-iplb-request-id: 8AC72686:A54E_91EFC182:01BB_6549561D_1C05E14:1E879

GET
H2

200

htlp Show response
futalis.de/ Frame E9ED
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=65230400169887204444990012500004&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3276808382

350 B
401 B

90ms
16ms

Document
text/html

49.12.16.151
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3276808382
Requested by: Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=91df451827&subid=&uid=009e294e93834cfc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTtOaHFZJZZOXENXVgQe656ToAablvaBplZOcp8kP8C4QASD_6OlpYJXikIKgB8gBCakC88WoHA4Dsj6oAwHIA5sEqgSQAk_QHAdIiPx3MP5Y7g2v6hjTzS7_QdF6YNo51ebW_OJG-RT8YhLnLNDqMR-15DFMBCSq6dcysqp3eKDSRNDNcV0WYBxm0YMmMt-wpKlglXcAeeX9YXZTVhEyUEvRx3vcc_aClTmtl7lm33dylzvN9VOa4woxfeJGh-_8r6xdERB17bExOHi0Z86aloNDKDYK2ZG7ctE6OJbuy0IMptgVki0wtapYLbJeeFylNY2e6vNqQkfadUSxl_B7_kHgpKUsYSb_m8XTEbQvsFUS0hLTXJoHWfSBsiGRCJXbtr8qtetXJ62NUOYZEYF-rOFhEJ-we_ZGFfcG1Xb1qbf2tYYZwoB-c9OpTADp2ohLBVJYXQxpwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXiDRMImpfCsaSwggMV1WrgCh26MwkdsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNn7edd5AapkCdwSCj9jUbVGL_oL2ILCioewvq5feCqTeUUlv30QJRhdSjGbARWcvmiSqB4zkwURDIO74JrJiFP-v2ExQ6s1OsWhgB%26sig%3DAOD64_3nD9aDKf1puw1gvMHLzjes8-HaKg%26client%3Dca-pub-6630993153956715%26dbm_c%3DAKAmf-B7yAKEQNevgymi7AuiHMKyLU04HXpGQdoHddS4bkj_HZNcNGj5KjgsnUH9qbHh0bIDKdrWBJ_eKcEmmNSBupEacRBQ0lYAS8NKypOaPb4XUqiCix6CL3xGL3uyzHcML1twA8PUGYnOgfRmBlzrzdNytkks_hFQOPbG-qyNMQYy-_90xn4%26cry%3D1%26dbm_d%3DAKAmf-Cjued28S-CFsDVrK7rxMlCmD7p4IiPVELDjKIycmzquhuNZ_AONL9tGrCbg9FKNvcphU1ZETGqhwFJGsA2359rX_Sh-san7NznCzXhFAQAEPZriZm7AUE3wTEecZxW46VkIF_CLM8gdHFFceoiNLdXHJkkFTqPteBfrtgx0AIejnOM_yJUXq64Q-vGbMJ0lhPnx-QmHgd-PINBghavnTEpR5XyatnWu34wDo1GKoU9xTjsGOFN4BWOHUNgiFypefYJjmJ7kmxgkkfucM_o7EVnOaKi4t7_k6cQGoXFpEkaDp08PsYrpnVQYLoRoQ1IIq-WPCfeYaKh2HWxZe5eBV5mGv-hYHdwy2k76BrVAV9JrSR545XwUdLIP5Mo5mgcLo7KumUkIYoPEluGrtZ9dnnGKNbqx63BzwNxd73Bljc1YIkHhPTvqkGkjuqlbGfNe8AZ6KQv0ymHI4N6Dtpk5HcdU3Q4JqPpSV_VStxsecWRJKy2HHUSEckZVN2Zsip-dsnXeeTQpx9_Ho8VKdVCeZLVBAk0khSaMQLWRTcthHiXE7dxQ4Q%26adurl%3D&documentReferer=https%3A%2F%2Fwww.pbh2.com%2F&ancestorOrigins=https%3A%2F%2Fwww.pbh2.com&random=56616351551&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-1.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 06 Nov 2023 21:09:49 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3276808382
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 4DE2
Redirect Chain

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=65230400169887204444990012500004&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=6549561d22d4c960ab3c3602&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

0
607 B

70ms
28ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=6549561d22d4c960ab3c3602&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 06 Nov 2023 21:09:49 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 06 Nov 2023 10:09:49 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"25200521800103636","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript
date: Mon, 06 Nov 2023 21:09:49 GMT
host: pv.medialead.de
keep-alive: timeout=20
location: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=6549561d22d4c960ab3c3602&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
proxy-host: pv.medialead.de
server: nginx/1.17.5
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: 8AC72686:A548_91EFC182:01BB_6549561D_1C237F6:1A42B

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 392D
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=65230400169887204444990012500004&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=65230400169887204444990012500004&actionid=879111&produktid=ratenkredit&dt_url=

0
179 B

28ms
28ms

Script
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=65230400169887204444990012500004&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:49 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 06 Nov 2023 10:09:49 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 06 Nov 2023 21:09:49 GMT
strict-transport-security: max-age=15768000
x-iplb-instance: 40028
content-length: 0
proxy-host: pv.medialead.de
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: 8AC72686:A54A_91EFC182:01BB_6549561D_1C237F7:1A42B
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=65230400169887204444990012500004&actionid=879111&produktid=ratenkredit&dt_url=
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 392D 43 B
666 B 149ms
84ms Image
image/gif 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=65230400169887204444990012500004&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:49 GMT
strict-transport-security: max-age=15768000
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: 8AC72686:A54C_91EFC182:01BB_6549561D_1C00D06:1E878
x-iplb-instance: 40027
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20
content-length: 43
proxy-host: pv.medialead.de

GET
H2 200 impression.php
t23.intelliad.de/ Frame 392D 43 B
557 B 79ms
14ms Image
image/gif 3.124.138.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t23.intelliad.de/impression.php?cl=2353636373136323131303&cp=101&ag=248&bm=100&bmcl=5373735313236323131303&crid=101&timestamp=1699304988&co=
Requested by: Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=91df451827&subid=&uid=009e294e93834cfc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTtOaHFZJZZOXENXVgQe656ToAablvaBplZOcp8kP8C4QASD_6OlpYJXikIKgB8gBCakC88WoHA4Dsj6oAwHIA5sEqgSQAk_QHAdIiPx3MP5Y7g2v6hjTzS7_QdF6YNo51ebW_OJG-RT8YhLnLNDqMR-15DFMBCSq6dcysqp3eKDSRNDNcV0WYBxm0YMmMt-wpKlglXcAeeX9YXZTVhEyUEvRx3vcc_aClTmtl7lm33dylzvN9VOa4woxfeJGh-_8r6xdERB17bExOHi0Z86aloNDKDYK2ZG7ctE6OJbuy0IMptgVki0wtapYLbJeeFylNY2e6vNqQkfadUSxl_B7_kHgpKUsYSb_m8XTEbQvsFUS0hLTXJoHWfSBsiGRCJXbtr8qtetXJ62NUOYZEYF-rOFhEJ-we_ZGFfcG1Xb1qbf2tYYZwoB-c9OpTADp2ohLBVJYXQxpwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXiDRMImpfCsaSwggMV1WrgCh26MwkdsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNn7edd5AapkCdwSCj9jUbVGL_oL2ILCioewvq5feCqTeUUlv30QJRhdSjGbARWcvmiSqB4zkwURDIO74JrJiFP-v2ExQ6s1OsWhgB%26sig%3DAOD64_3nD9aDKf1puw1gvMHLzjes8-HaKg%26client%3Dca-pub-6630993153956715%26dbm_c%3DAKAmf-B7yAKEQNevgymi7AuiHMKyLU04HXpGQdoHddS4bkj_HZNcNGj5KjgsnUH9qbHh0bIDKdrWBJ_eKcEmmNSBupEacRBQ0lYAS8NKypOaPb4XUqiCix6CL3xGL3uyzHcML1twA8PUGYnOgfRmBlzrzdNytkks_hFQOPbG-qyNMQYy-_90xn4%26cry%3D1%26dbm_d%3DAKAmf-Cjued28S-CFsDVrK7rxMlCmD7p4IiPVELDjKIycmzquhuNZ_AONL9tGrCbg9FKNvcphU1ZETGqhwFJGsA2359rX_Sh-san7NznCzXhFAQAEPZriZm7AUE3wTEecZxW46VkIF_CLM8gdHFFceoiNLdXHJkkFTqPteBfrtgx0AIejnOM_yJUXq64Q-vGbMJ0lhPnx-QmHgd-PINBghavnTEpR5XyatnWu34wDo1GKoU9xTjsGOFN4BWOHUNgiFypefYJjmJ7kmxgkkfucM_o7EVnOaKi4t7_k6cQGoXFpEkaDp08PsYrpnVQYLoRoQ1IIq-WPCfeYaKh2HWxZe5eBV5mGv-hYHdwy2k76BrVAV9JrSR545XwUdLIP5Mo5mgcLo7KumUkIYoPEluGrtZ9dnnGKNbqx63BzwNxd73Bljc1YIkHhPTvqkGkjuqlbGfNe8AZ6KQv0ymHI4N6Dtpk5HcdU3Q4JqPpSV_VStxsecWRJKy2HHUSEckZVN2Zsip-dsnXeeTQpx9_Ho8VKdVCeZLVBAk0khSaMQLWRTcthHiXE7dxQ4Q%26adurl%3D&documentReferer=https%3A%2F%2Fwww.pbh2.com%2F&ancestorOrigins=https%3A%2F%2Fwww.pbh2.com&random=56616351551&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.138.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-138-165.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:49 GMT
server: Apache
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
content-type: image/gif
cache-control: no-store, no-cache, max-age=0, must-revalidate
content-length: 43
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7D67 640 B
265 B 48ms
48ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNH5hYEEEJO5m6oFGPiolfkBMAE&v=APEucNWLutr3Ht8x1awgXT2AgduNEprNtCvhbCMs4CTP9VeaSv714_UKthNHfehjSiVdDmls1VyjFyXkGL7QljPv-mQ73g1RnoDwNfDKWo1SU_v2ZRIkxd8jyqXpq9I8zKnAGBZa-hl9VBC_-8YIS6zzB5ircd9ChBaFixUHP_WUlXeM4Z0gzwE

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 21:09:49 GMT
expires: Mon, 06 Nov 2023 21:09:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/ Frame DF43 23 KB
9 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/abg_lite_fy2021.js

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:58:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25880
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:58:29 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/ Frame DF43 7 KB
3 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:58:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25880
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:58:29 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame DF43 0
0 56ms
52ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssk2QrFnPpTCFg2xBoYxNfmKnJ2do2ge0eVN7OxMOaIJFfLGEiivg9qLiWkknyderaJeaJQ6Gc8BADWNvGag3XVAMsH88gwP-Y91MGA23kACxwUVLnbP9CWPnEjXqox3j-KNLymvEapYU2EjuQzUUcLMh2eNxsmkKuxNbm0_ZQ9yEdllJcEcCrYVHhrQwF-AcVas2uuEAvWW43vAYete6aH9McfBWobz8cuZqRGEy9fVXq7m9og_nbCzjQQBzpmtyMT6L0uUUMh6MhvW5Cf8_g4E4OOnax4B5sc2h60TT-nYE9Mqu1_y01UL-H-VojzK0UIj1we-TsGcmknmHxbNmxcbWcMyd6b00yddncop-kmfMipiPWwt-K22Xbu4BaKMBzfMbd6GEhdGwS5TSsT5Ud9SmCAhPTMQtAFc5Em60iUrah7HA2YpO6qhuB7z3GGeCAiaX8fW9CTTlYE9IwFkyh_Xk_bjdpJCtGyi8V8FFGvRXrWPpLuuOEEymZWctXCEWDq9plvay_pTJJhPvQsW1ldPNbM0sSYhMh-gDqsnjNBFiq6pfyPIgleyLbP0wxSd7BLUAlFiDkkrsOPdElkLRbnRBs84xyOZdrM4N_kB1NaQRxZ-nXyGsyjJsB76c1Lkp6gPxEcDSWPFXNzjD1FZbOqa61EIPZS-DSpFitGDaGxzr1WSbP8wwxfDvVbmAMK_qGFklkU2kw_FuzWKniR3WlR9h7VzTjFuApIziNh3FLk1aiHMp5SJL-Sld-4-T8U0LATE-C1wZfdBDkLCZS7JXAAxK1MZlezzg_5QQGE0vCbPp-kFlsYiZ2NUsSarokT6x062jbU6q94uFF7nTCxyLVuhZHylpjAkdNyZyLyjdWxWcNNysTbx-S7iOUezKwe2UGfghAzOXDVQ3ioQe6Hn45TW26R2alD2QC0JtLLKPyPBjP5eScBNYDM0vKN-AIv_f7iOPTGNkdGcpnAwt0KeQ_UjmXfcbsksjVNpUBs7alLBk_ioF10pTuvIh4E0-FDImDIleT_BWwwXGj9NbQrNLZcNyLFmZljp1haocPpsA2iQ9H1HuoVa2yRplWBL1tVzgcyestdOphJTG69SSgSaw3kd6HZTZlXO4GE4mkbXX-U_Gq9oQGxnRosV8VevHpaoHFQUk2TLf0O8ich8F2uS5H7I9FPHhBR0Xex8mltiprfwBjiiexK28q5EOBSHAMGTwpQ8v1LDMVLnwaO01PjHs0blu6wEk5-l1iqXHOhO7yEB7FQlVHd-3nKCR_FYwNoeOc-fDkab9qniYmRf-CrHp6IZLwkJlb38px6kI3CcjtyLtQllZ56lz6DQ6ptGH11-5c_rE6TzQYEZDLWE6yn8rr0jtJzMrbjl3eNpoYm9KcI&sai=AMfl-YSLRzPp8HDM_nYJ9HwsPyxskQj9KyauEOMtwqWGsRiyp9oqQOXWf5zJhdRJ7q6r7xntkAIz6uPkdeX4oGOhfzQjiH9JkAB1VHNRaxOfuovFcSqOI8M-pIBJ2_D3L7Ua6P1CKIBLj-x8DIc-Lv0XB9DyFaUgGWclOixAs7kMioxjyaGGfwIpftg5t6tMJQ_w8k6cgwFkHh6gykPvw5KU2-AOF9s9FJiZ0LyGJtmR68Bl3cPvcHLhfHPFVjiEBfg-8IKuIG1YlAN5YMIwnhAqrXa1mERIoYXOzKMdEkODsTyYPIUbP0zelez4I14LaaLYWr69X-kDjLVFlqbQJUqRcFLb7j6_n5IaHmcb77JdOkGxFuAv4YAEa0sNkanTDJq8Fb_b12BXZwH0lB_IYay3QwdB-V8rAxofyPH3avg_OU4GMwXvSBYCeQVQjLTBnJFpLfh2lc7GhcWL9zAtvYuwdZlxe_74tcT-dvSNVBZwFol5uog&sig=Cg0ArKJSzPT1iBZAWUTmEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231102.09137&arae=0&ftch=1&adurl=

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Nov 2023 21:09:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame DF43 41 KB
14 KB 15ms
11ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 413243
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 02:22:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame DF43 3 KB
1 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:57:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25967
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:57:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame DF43 20 KB
8 KB 19ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:57:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25957
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:57:12 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF43 42 B
63 B 44ms
40ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BR9-bl_Tn7D7nhF0wK6Ps2LmNunT6h9L6u1r7ur5jLW6LZuZT9zlzvNyyCX1wOWfAqVVgV3QMGw9TNoK3-TG90ZQPfRh8DWMCUrY0jtk1FQDFdQyQ

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF43 189 KB
59 KB 52ms
48ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 21:09:49 GMT

GET
H2 200 17779644100527070502
s0.2mdn.net/simgad/ Frame DF43 108 KB
109 KB 14ms
2ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17779644100527070502

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0b2c7adb6044ef27f0bdbe9ebee577dd54f01c62aacc436ee280bea058b92ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 05:42:47 GMT
x-content-type-options: nosniff
age: 487622
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110937
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 17:32:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Oct 2024 05:42:47 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame DF43 0
0 45ms
44ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssk2QrFnPpTCFg2xBoYxNfmKnJ2do2ge0eVN7OxMOaIJFfLGEiivg9qLiWkknyderaJeaJQ6Gc8BADWNvGag3XVAMsH88gwP-Y91MGA23kACxwUVLnbP9CWPnEjXqox3j-KNLymvEapYU2EjuQzUUcLMh2eNxsmkKuxNbm0_ZQ9yEdllJcEcCrYVHhrQwF-AcVas2uuEAvWW43vAYete6aH9McfBWobz8cuZqRGEy9fVXq7m9og_nbCzjQQBzpmtyMT6L0uUUMh6MhvW5Cf8_g4E4OOnax4B5sc2h60TT-nYE9Mqu1_y01UL-H-VojzK0UIj1we-TsGcmknmHxbNmxcbWcMyd6b00yddncop-kmfMipiPWwt-K22Xbu4BaKMBzfMbd6GEhdGwS5TSsT5Ud9SmCAhPTMQtAFc5Em60iUrah7HA2YpO6qhuB7z3GGeCAiaX8fW9CTTlYE9IwFkyh_Xk_bjdpJCtGyi8V8FFGvRXrWPpLuuOEEymZWctXCEWDq9plvay_pTJJhPvQsW1ldPNbM0sSYhMh-gDqsnjNBFiq6pfyPIgleyLbP0wxSd7BLUAlFiDkkrsOPdElkLRbnRBs84xyOZdrM4N_kB1NaQRxZ-nXyGsyjJsB76c1Lkp6gPxEcDSWPFXNzjD1FZbOqa61EIPZS-DSpFitGDaGxzr1WSbP8wwxfDvVbmAMK_qGFklkU2kw_FuzWKniR3WlR9h7VzTjFuApIziNh3FLk1aiHMp5SJL-Sld-4-T8U0LATE-C1wZfdBDkLCZS7JXAAxK1MZlezzg_5QQGE0vCbPp-kFlsYiZ2NUsSarokT6x062jbU6q94uFF7nTCxyLVuhZHylpjAkdNyZyLyjdWxWcNNysTbx-S7iOUezKwe2UGfghAzOXDVQ3ioQe6Hn45TW26R2alD2QC0JtLLKPyPBjP5eScBNYDM0vKN-AIv_f7iOPTGNkdGcpnAwt0KeQ_UjmXfcbsksjVNpUBs7alLBk_ioF10pTuvIh4E0-FDImDIleT_BWwwXGj9NbQrNLZcNyLFmZljp1haocPpsA2iQ9H1HuoVa2yRplWBL1tVzgcyestdOphJTG69SSgSaw3kd6HZTZlXO4GE4mkbXX-U_Gq9oQGxnRosV8VevHpaoHFQUk2TLf0O8ich8F2uS5H7I9FPHhBR0Xex8mltiprfwBjiiexK28q5EOBSHAMGTwpQ8v1LDMVLnwaO01PjHs0blu6wEk5-l1iqXHOhO7yEB7FQlVHd-3nKCR_FYwNoeOc-fDkab9qniYmRf-CrHp6IZLwkJlb38px6kI3CcjtyLtQllZ56lz6DQ6ptGH11-5c_rE6TzQYEZDLWE6yn8rr0jtJzMrbjl3eNpoYm9KcI&sai=AMfl-YSLRzPp8HDM_nYJ9HwsPyxskQj9KyauEOMtwqWGsRiyp9oqQOXWf5zJhdRJ7q6r7xntkAIz6uPkdeX4oGOhfzQjiH9JkAB1VHNRaxOfuovFcSqOI8M-pIBJ2_D3L7Ua6P1CKIBLj-x8DIc-Lv0XB9DyFaUgGWclOixAs7kMioxjyaGGfwIpftg5t6tMJQ_w8k6cgwFkHh6gykPvw5KU2-AOF9s9FJiZ0LyGJtmR68Bl3cPvcHLhfHPFVjiEBfg-8IKuIG1YlAN5YMIwnhAqrXa1mERIoYXOzKMdEkODsTyYPIUbP0zelez4I14LaaLYWr69X-kDjLVFlqbQJUqRcFLb7j6_n5IaHmcb77JdOkGxFuAv4YAEa0sNkanTDJq8Fb_b12BXZwH0lB_IYay3QwdB-V8rAxofyPH3avg_OU4GMwXvSBYCeQVQjLTBnJFpLfh2lc7GhcWL9zAtvYuwdZlxe_74tcT-dvSNVBZwFol5uog&sig=Cg0ArKJSzPT1iBZAWUTmEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=39&vt=11&dtpt=37&dett=2&cstd=0&cisv=r20231102.09137&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A73A 0
20 B 46ms
46ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Ba649HFZJZf7MKIbBgQftpoHwDAAAAAA4AeAEAg&bg=!q6ilqOfNAAb4oU7C2KE7ADQBe5WfOGKhleLTJNiVlCflwGdc8cg2Fz74zKC75OaJkAksVx1b5W1-B6Ef6guB6i5NM6bGAgAAAUpSAAAAB2gBB5kDT8hl3k1LQB51OE0NBRZQJpLBuH5yM6do3tbxMOJG-EojSM2kr0ILR1wHfAuecFil2QM5ivv37485QLnflCUZ7IYZChy6X9Oxxv1JmGAL7uFlOwGBYz7EL2a-AghNu75umXO3lE-O_Gc8FUMNalzNdhuJHj6ifSW386xaCilvfZN-Y-bIk9fWHmNsBPlX1iPzGy6Vv3Q6a2s_4cSTtpCf29dCaCUB3-inZMiAci9A8ybaPzpv7Epb3p3qKbAmay6SpjQ1Dk0GpJbmoQKY9LrVfpHw9J0gb52Ektuc6GvpUqn752mJjPt2mJGgze1jaPLoJz7Kknz6mIlOs7MXWPOhpPq8rVsteXz816r7c05D6mNonF2lK0iMWr44CTb7kAmU4_1oU5ZJQW8rOfHM1G6ScnQpehdkBk4QJvc-WePA36qDZxaYA-1p-OlCqKFWwfD9-Z7iQJrnQ0sxrp78TB2N6FXXaubZEKsU7VrYuoUW1eT7XXFhQu6SZLUukCIRJGj2NJTK7cLl54fY3iFDjdOEVTRwsNgV_3l4Yxeb2unhH2nf0YWhb4Ph_4R_qFB3tLr8AvBMuJAH_xsf8G0vlU1kDX9IqISpzu5n1tvXQkkwnd-VWlSywD_yIkQJFMdt2naOSfH3VZHcgk9FSjEdf6QD5h33ld0bknLBBFfeCYJD2sB12Eh1mmC9g1IHo2f4DcyHkNoVAhws9YS3NETrds57Zpw3WeoctfyheB8sh5ZOKvG0JtkKesfcOqnJhnB26uNUyFVleZlGlva59_3icDEu4_BKRsFFhEwdOZXs9fzIcw9E3goHcniA39vvj_HZdeDzQu0p9oXsa0pmseLEgTWAmKCELpeQo39wJJ0Xr_ZEX4tGv2R7acN6rX4e0T1Lo5UMtZWe9_qeTsrW8bEW33tJejn4WBafalW3eW3f0Od2csVhzB8dbah7XmFR4AwhJMc9CsTfKyanzyFFBNl897rPsYTQUxskerDycXLNt7TtizTh5pqs2Ta4IKqK2Nwga1XtZIpC6NMdCk-9aGD9PiFJ-QKDGq8b9E9yw5Q_gzgK-T0nKphGPzVQhzExt26_fzDb_b7ko0dggYDEGFjgpWdsawKy_WGgg_mpqlhryqWkGpo

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame D413 38 KB
13 KB 9ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 305729
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 08:14:20 GMT
expires: Sat, 02 Nov 2024 08:14:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7D67
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAE4yR4GhEAeWaMGMT-JP0o&google_cver=1

43 B
114 B

25ms
25ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAE4yR4GhEAeWaMGMT-JP0o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNH5hYEEEJO5m6oFGPiolfkBMAE&v=APEucNWLutr3Ht8x1awgXT2AgduNEprNtCvhbCMs4CTP9VeaSv714_UKthNHfehjSiVdDmls1VyjFyXkGL7QljPv-mQ73g1RnoDwNfDKWo1SU_v2ZRIkxd8jyqXpq9I8zKnAGBZa-hl9VBC_-8YIS6zzB5ircd9ChBaFixUHP_WUlXeM4Z0gzwE
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:49 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAE4yR4GhEAeWaMGMT-JP0o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 7D67 43 B
131 B 47ms
24ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNH5hYEEEJO5m6oFGPiolfkBMAE&v=APEucNWLutr3Ht8x1awgXT2AgduNEprNtCvhbCMs4CTP9VeaSv714_UKthNHfehjSiVdDmls1VyjFyXkGL7QljPv-mQ73g1RnoDwNfDKWo1SU_v2ZRIkxd8jyqXpq9I8zKnAGBZa-hl9VBC_-8YIS6zzB5ircd9ChBaFixUHP_WUlXeM4Z0gzwE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:49 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 7D67
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEMFn597RiHf0Xk8QUX1njZU&google_cver=1

23 B
163 B

60ms
32ms

Image
image/gif

23.205.93.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEMFn597RiHf0Xk8QUX1njZU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNH5hYEEEJO5m6oFGPiolfkBMAE&v=APEucNWLutr3Ht8x1awgXT2AgduNEprNtCvhbCMs4CTP9VeaSv714_UKthNHfehjSiVdDmls1VyjFyXkGL7QljPv-mQ73g1RnoDwNfDKWo1SU_v2ZRIkxd8jyqXpq9I8zKnAGBZa-hl9VBC_-8YIS6zzB5ircd9ChBaFixUHP_WUlXeM4Z0gzwE
Protocol: H2
Server: 23.205.93.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-93-33.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 06 Nov 2023 21:09:49 GMT
pragma: no-cache
date: Mon, 06 Nov 2023 21:09:49 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEMFn597RiHf0Xk8QUX1njZU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 7D67 23 B
163 B 81ms
34ms Image
image/gif 23.205.93.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNH5hYEEEJO5m6oFGPiolfkBMAE&v=APEucNWLutr3Ht8x1awgXT2AgduNEprNtCvhbCMs4CTP9VeaSv714_UKthNHfehjSiVdDmls1VyjFyXkGL7QljPv-mQ73g1RnoDwNfDKWo1SU_v2ZRIkxd8jyqXpq9I8zKnAGBZa-hl9VBC_-8YIS6zzB5ircd9ChBaFixUHP_WUlXeM4Z0gzwE
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.93.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-93-33.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 06 Nov 2023 21:09:49 GMT
pragma: no-cache
date: Mon, 06 Nov 2023 21:09:49 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame DF43 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 275c80ee9a012aa46e71ad5c47391f9ece27d182b0e4826313fe601f349f3002

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E963 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pbh2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 21:09:48 GMT
expires: Tue, 05 Nov 2024 21:09:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame E9ED 5 KB
5 KB 12ms
11ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3276808382
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:49 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8215 640 B
265 B 48ms
47ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhid-Mr0ATAB&v=APEucNXrQbXCrYbxMj7kiTuzxyWciJpWP-6wruL2dwDVBz0ZeYoRLkVs4uEqKU2gtRrfJDfmg0FIPI-0nVEF_YfNuSJOUTqvEo-XRQYi3uXrJWvH3zkRUrZwxU9xYvXrwiM0KjkeWAkCKxJqmY-jYs8HjOqyYxWiRB0fx-2WfKCRAS5qu1bXE1I

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 21:09:49 GMT
expires: Mon, 06 Nov 2023 21:09:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/ Frame E963 23 KB
9 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/abg_lite_fy2021.js

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:58:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25880
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:58:29 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/ Frame E963 7 KB
3 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:58:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25880
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:58:29 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E963 0
0 59ms
59ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssYZV53fCCd2T11BN4bjNbdMkm2viuvOnk7JZNVuu86hdX_suBujKrETxJ4J1uckIntjI2jOznq2seTn_ejrdfwN14HPVWPpT9BIv9UdOhG35LVpcTT8P4M5WR1vqBHthoEBdKEABXcwpHsorIJz7Vo2xhEK8UCVDiQbt8G4F7jZFdBqC_i14BsJGA4ECzOOYDLluxEwidqGgAsnpBfEjCio463unOZLDjHerDuIldKIB7IlUnyVwLF3GQ62t69Rz_e_BBWg6MmvCDESj_oj9lzfpeZQaJINc2c4SpN_4h69pRUgsomzw0VrZt-Oa7j8OZSsBk1baf4Lpbf0q2vv-at0VIBq7j5Hx8tob97lDwu9qdEw-qsA1557yfEsSP0tUtkKzu4J3GTUxHXv7bus18Ffyiz-MrQYIFyYxufDuXyNA1cL-n96Nk8NE2Yx6J-W0R6ISKyus6pzi-SrVCToLfnFgimniSOf5O3X6EX1Rm_vUnyGWFhsX-Se2n0ONKBiYI19TVsY7PuHvR7hthuxtSw9z9PB2i3r2AFzJ9pVEi6qtc3Taifj6R9is0IR8oEEpGD1DBoByrD17YO03ITzZ5FFokBTbRsMOWRt0tkZajzzGGL-WsQPrDUaW3X3I47pLsjvUXDlxGQTQHe_ko5qN51Tmksgp2aicz4d6em_1Eo6WRomrWXiXOVbAGW852KCrHWq_dOd30fjM92vJX_0s70EvC04MKKoC9XEF21VhvhpwTyHYaotGJ07y02dh6V_z6aM87vz4msztMu-W8WwtF9DYAJXEBxx9PDa7PrD8Pz2ylcSvBBtO_ZU7xPZFBhEHKivmy7d8H0i9NlPNBLqRkgtDH_seSyXWX5h0YOUpzScgO3R_lA0tgR5vdPAKMNY_Z0vk8B-6yuvXS0PLR-QqoRMESr8fVQwHyboYEZ5ZFGV_AP6m0JCgCDOyO2qBGNc3x-oJOplCoO7VqeakXMAbzhPC-1kKinc-ab0f8DHWKhrSHiXkbw1xprpWi_g5BiwqE_BVw5vaXK9_L-mlhWaQ2oR_L16s1Ru3IVbQUnilDWBCWrPh_FgK-BmQEJ8kbpSGcHoiCtIWO20H0wALcMXVTsffb5X_HyUr25chGvUBhO-gcqjGwDggGM6-3wmc8UITGQZ08iaM1Fu7DgmkUElQXkiqa-dXZEOpcuyTccse575GlHT_FoYRUjAtxSrPV1eI72SizdWY4S9FZZDUoHQu1ZBGe7xQS0A3kBPhM9rLRa8Nh60sTiKdYSywUKz2YE4sJAdbmwVMdvmkyenHqDSX1psr4cKPAb2ADEqKdmlISVyg0zqQYoX2c0K6-umY6hf6tVjyA9PMR7qyxI3RpjCCdgKv4hH5xlErpUsO5nfSIsmIW4zF1ZRXf_Ixmj&sai=AMfl-YT-4Bu4siliwT1TumEIiSilz8NBNyPPm6UNoKAtIS9UkXXa9zoB4I1ciIJv3pUrDQA1xlfa35jjJ-k_B2iL5plfYZkQ3lu3rJ3mABZCAje1kSbqc945MDpjRER0ljggeXATykVM5BwpmlR9nX09VKwuEKIEJJyegdEVZ_DkABVuS6HsiLeE2Ghg_I_zUSOaaD_PS2dTErZTfWFljyZLs391c4Q9FbLYEE7J-z6U8DA80fH0f7zv34xx-fwpRERxXR7meX5Jsk3brvh1Fd6dOc52LqA_liY76Gm0xk-_5-aHrCmVgSudrEueOkLXzVVSZcDHQzv4EBEcpipjQyCB7aFgUUl1APItaQ671DPjkOYLUG4QVwrW8VQEdZBBkCnrHoBYqiVGl07wQHk2iHmelJb-O5H92mCu1mjyQN7XqaY41xcIA7O_44a2TcOOpfTsc7rgsZUj6_aoj61vRmZ9S9aec91o1rVlaVHWkKOFSkQt5fg&sig=Cg0ArKJSzCjq73MtFoFMEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231102.46503&arae=0&ftch=1&adurl=

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Nov 2023 21:09:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame E963 41 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 413243
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 02:22:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame E963 3 KB
1 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:57:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25967
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:57:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame E963 20 KB
8 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:57:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25957
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:57:12 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E963 42 B
63 B 43ms
42ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A9D50BoKgn0KIoqFkDssYjY1bzkaq9ILSCi0gTzLTpUTA6SnWQWy0VUJ5mv0tu6REIxVR7SScR__2um9ZGHmEn06w3X25kGzrW2nj6NJmLmD38tHg

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E963 189 KB
59 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Nov 2023 21:09:49 GMT

GET
H3 200 17200808098916846917
s0.2mdn.net/simgad/ Frame E963 36 KB
36 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17200808098916846917

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b95804bebbbf752a3d1b381e84f037b27ced0b44933adfbc8238bf48cf29eebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 11:21:22 GMT
x-content-type-options: nosniff
age: 208107
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36650
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 11:59:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Nov 2024 11:21:22 GMT

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame D413 38 KB
15 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 20:13:02 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E963 0
0 54ms
51ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssYZV53fCCd2T11BN4bjNbdMkm2viuvOnk7JZNVuu86hdX_suBujKrETxJ4J1uckIntjI2jOznq2seTn_ejrdfwN14HPVWPpT9BIv9UdOhG35LVpcTT8P4M5WR1vqBHthoEBdKEABXcwpHsorIJz7Vo2xhEK8UCVDiQbt8G4F7jZFdBqC_i14BsJGA4ECzOOYDLluxEwidqGgAsnpBfEjCio463unOZLDjHerDuIldKIB7IlUnyVwLF3GQ62t69Rz_e_BBWg6MmvCDESj_oj9lzfpeZQaJINc2c4SpN_4h69pRUgsomzw0VrZt-Oa7j8OZSsBk1baf4Lpbf0q2vv-at0VIBq7j5Hx8tob97lDwu9qdEw-qsA1557yfEsSP0tUtkKzu4J3GTUxHXv7bus18Ffyiz-MrQYIFyYxufDuXyNA1cL-n96Nk8NE2Yx6J-W0R6ISKyus6pzi-SrVCToLfnFgimniSOf5O3X6EX1Rm_vUnyGWFhsX-Se2n0ONKBiYI19TVsY7PuHvR7hthuxtSw9z9PB2i3r2AFzJ9pVEi6qtc3Taifj6R9is0IR8oEEpGD1DBoByrD17YO03ITzZ5FFokBTbRsMOWRt0tkZajzzGGL-WsQPrDUaW3X3I47pLsjvUXDlxGQTQHe_ko5qN51Tmksgp2aicz4d6em_1Eo6WRomrWXiXOVbAGW852KCrHWq_dOd30fjM92vJX_0s70EvC04MKKoC9XEF21VhvhpwTyHYaotGJ07y02dh6V_z6aM87vz4msztMu-W8WwtF9DYAJXEBxx9PDa7PrD8Pz2ylcSvBBtO_ZU7xPZFBhEHKivmy7d8H0i9NlPNBLqRkgtDH_seSyXWX5h0YOUpzScgO3R_lA0tgR5vdPAKMNY_Z0vk8B-6yuvXS0PLR-QqoRMESr8fVQwHyboYEZ5ZFGV_AP6m0JCgCDOyO2qBGNc3x-oJOplCoO7VqeakXMAbzhPC-1kKinc-ab0f8DHWKhrSHiXkbw1xprpWi_g5BiwqE_BVw5vaXK9_L-mlhWaQ2oR_L16s1Ru3IVbQUnilDWBCWrPh_FgK-BmQEJ8kbpSGcHoiCtIWO20H0wALcMXVTsffb5X_HyUr25chGvUBhO-gcqjGwDggGM6-3wmc8UITGQZ08iaM1Fu7DgmkUElQXkiqa-dXZEOpcuyTccse575GlHT_FoYRUjAtxSrPV1eI72SizdWY4S9FZZDUoHQu1ZBGe7xQS0A3kBPhM9rLRa8Nh60sTiKdYSywUKz2YE4sJAdbmwVMdvmkyenHqDSX1psr4cKPAb2ADEqKdmlISVyg0zqQYoX2c0K6-umY6hf6tVjyA9PMR7qyxI3RpjCCdgKv4hH5xlErpUsO5nfSIsmIW4zF1ZRXf_Ixmj&sai=AMfl-YT-4Bu4siliwT1TumEIiSilz8NBNyPPm6UNoKAtIS9UkXXa9zoB4I1ciIJv3pUrDQA1xlfa35jjJ-k_B2iL5plfYZkQ3lu3rJ3mABZCAje1kSbqc945MDpjRER0ljggeXATykVM5BwpmlR9nX09VKwuEKIEJJyegdEVZ_DkABVuS6HsiLeE2Ghg_I_zUSOaaD_PS2dTErZTfWFljyZLs391c4Q9FbLYEE7J-z6U8DA80fH0f7zv34xx-fwpRERxXR7meX5Jsk3brvh1Fd6dOc52LqA_liY76Gm0xk-_5-aHrCmVgSudrEueOkLXzVVSZcDHQzv4EBEcpipjQyCB7aFgUUl1APItaQ671DPjkOYLUG4QVwrW8VQEdZBBkCnrHoBYqiVGl07wQHk2iHmelJb-O5H92mCu1mjyQN7XqaY41xcIA7O_44a2TcOOpfTsc7rgsZUj6_aoj61vRmZ9S9aec91o1rVlaVHWkKOFSkQt5fg&sig=Cg0ArKJSzCjq73MtFoFMEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=55&vt=11&dtpt=54&dett=2&cstd=0&cisv=r20231102.46503&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 8215
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAE4yR4GhEAeWaMGMT-JP0o&google_cver=1

43 B
61 B

1246ms
1246ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAE4yR4GhEAeWaMGMT-JP0o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhid-Mr0ATAB&v=APEucNXrQbXCrYbxMj7kiTuzxyWciJpWP-6wruL2dwDVBz0ZeYoRLkVs4uEqKU2gtRrfJDfmg0FIPI-0nVEF_YfNuSJOUTqvEo-XRQYi3uXrJWvH3zkRUrZwxU9xYvXrwiM0KjkeWAkCKxJqmY-jYs8HjOqyYxWiRB0fx-2WfKCRAS5qu1bXE1I
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:50 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAE4yR4GhEAeWaMGMT-JP0o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cm
us-u.openx.net/w/1.0/ Frame 8215 43 B
75 B 1010ms
1009ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhid-Mr0ATAB&v=APEucNXrQbXCrYbxMj7kiTuzxyWciJpWP-6wruL2dwDVBz0ZeYoRLkVs4uEqKU2gtRrfJDfmg0FIPI-0nVEF_YfNuSJOUTqvEo-XRQYi3uXrJWvH3zkRUrZwxU9xYvXrwiM0KjkeWAkCKxJqmY-jYs8HjOqyYxWiRB0fx-2WfKCRAS5qu1bXE1I
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:50 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 8215
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEMFn597RiHf0Xk8QUX1njZU&google_cver=1

23 B
163 B

43ms
41ms

Image
image/gif

23.205.93.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEMFn597RiHf0Xk8QUX1njZU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhid-Mr0ATAB&v=APEucNXrQbXCrYbxMj7kiTuzxyWciJpWP-6wruL2dwDVBz0ZeYoRLkVs4uEqKU2gtRrfJDfmg0FIPI-0nVEF_YfNuSJOUTqvEo-XRQYi3uXrJWvH3zkRUrZwxU9xYvXrwiM0KjkeWAkCKxJqmY-jYs8HjOqyYxWiRB0fx-2WfKCRAS5qu1bXE1I
Protocol: H2
Server: 23.205.93.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-93-33.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 06 Nov 2023 21:09:49 GMT
pragma: no-cache
date: Mon, 06 Nov 2023 21:09:49 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEMFn597RiHf0Xk8QUX1njZU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 8215 23 B
163 B 46ms
40ms Image
image/gif 23.205.93.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhid-Mr0ATAB&v=APEucNXrQbXCrYbxMj7kiTuzxyWciJpWP-6wruL2dwDVBz0ZeYoRLkVs4uEqKU2gtRrfJDfmg0FIPI-0nVEF_YfNuSJOUTqvEo-XRQYi3uXrJWvH3zkRUrZwxU9xYvXrwiM0KjkeWAkCKxJqmY-jYs8HjOqyYxWiRB0fx-2WfKCRAS5qu1bXE1I
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.93.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-93-33.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 06 Nov 2023 21:09:49 GMT
pragma: no-cache
date: Mon, 06 Nov 2023 21:09:49 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H/1.1 200
OK request_content.php Show response
hal90004.redintelligence.net/ Frame CB26 7 KB
3 KB 43ms
14ms Document
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90004.redintelligence.net/request_content.php?s=65230400169887204444990012500004&a=909e4aa8
Requested by: Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: ffd371f0379a7c1aca307e7665598b936ae097cc0c4a6036daad9b59949c0668

Request headers

Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2220
Content-Type: text/html; charset=utf-8
Date: Mon, 06 Nov 2023 21:09:49 GMT
Expires: Mon, 06 Nov 2023 21:09:49 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 392D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa9eade4d6b89e4c052267f98460940a460bbc70ba0712d294aab184f264e252

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame CB26 5 KB
682 B 20ms
18ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=65230400169887204444990012500004&a=909e4aa8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90004.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 21:09:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 20:21:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 21:09:49 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame CB26 64 KB
64 KB 44ms
18ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=65230400169887204444990012500004&a=909e4aa8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: dd8ebef4c4febeeb0f12e5479579aba4181c09c7074288c5a027fecd8f4748f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90004.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 21:09:49 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame CB26 40 KB
40 KB 49ms
15ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/71572/creativesup/iQ_Online-Deutschkurse_1200x627px.jpg
Requested by: Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=65230400169887204444990012500004&a=909e4aa8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: d1e756e53ce6c2b501569db4974c7d055dacb0f445492800890c3a296a277889

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90004.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 21:09:49 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 41198
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame CB26 46 KB
46 KB 49ms
21ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=65230400169887204444990012500004&a=909e4aa8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 51fd39bd695a1c7a3fb7665eaf1f8dec155d393d5be5e324297d04c211d3bf84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90004.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 21:09:49 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 47339
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame CB26 40 KB
40 KB 48ms
19ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/50502/creativesup/Fyrst-1200x627.jpg
Requested by: Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=65230400169887204444990012500004&a=909e4aa8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 72bb114011c4242417d71a999e0ee4894c32d2632a4285d31aec4348cfa755b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90004.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 21:09:49 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 41146
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 991B 0
20 B 47ms
46ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BBECPHFZJZemiG86E-gb8p4KACQAAAAA4AeAEAg&bg=!qaqlquXNAAb4oU7C2KE7ADQBe5WfOEZ2DEKVXZnQni3RNVyq-4Q4mpDPXwyGPZ3FRd_cGNnOGWA6RYz6L6n3fBu-738kAgAAAYtSAAAACGgBB5kDIWh5EJF3Dkj3M9HTmvJrwuEu1AslXX51L_Q6NbVdxA5RYPKcAAUG4iX2vewy3Dp7S1EFD0-Nq-F-RfrHwZR16o0vKPoxo9-nQ95kLhkQ_kWmcECh9WwmmLYpeLI3p4rEUCOYGcwQYZmNjaUq29lhW3QgUhXW7rxLdNi-l7u5wuXUzNjBVMR57cx5WEFT0yAuWOLjVKMIaLW8seOXkmoonuuzzuuWPepmCkqWe1ZXMuMxncFJ5sN40PORVhWU3B-8k7tq9vlRdzfy1J7oUe3e2zbyieGtiFNZtbEvjhK0VuY1wPg8mdeYmE7Vz94kPagNCe2TY-3o5-qx9AdFNtOqSyAum61qNVLluc20w-nRnEmaXsIe5DZtMlYRvbfl-mo_8fUCL0zmafYpDFU4hr3AdUHY2PsDgmluo6OGKZqInNLka9qjTgLW64s2QEM5jNy6dsDeAvuu54FcpBlDgqGIelu-14KywLi_3iMxX4JSPBb0NY10APgYpJHpcqp1Z1joR9KEdm118R21H8fs4-FqbPVHoRXR9_mkDZzNx7_nn8CUxw_KeaUurtyZJO6v3CS8bsJoKSXuutpwix5R49xKAxVTk2J2UEIWGy6vQmNRFi8dNCe0qDto5MtHgStfzqWWs3888pJeICphiffkaIeWxuP-oTOCja7LCEGO0qlw9ic5ynTr9mC1I6LOLzufWynRMav6mfNSPVRFIisgGT8CpRkgo3d5kE_6mkbvSs-MgJ6wqx7J17BvFgMNFCdSh4H4DxlNNgA6LIXGvAMiYceLOGMguR2FiFWD0JvKEbwzvmS7iBHVwJ3QoAno2igoxEmuVdurYvisSpbNDZTaisrpAe5khU32UXaZhoXmIwK_Fomlf3OBhbqNXE2kqjsL_2Bus4TTVinDYB2H9WbM0AkcxFEqfNDZCPLn6n6bNlikJ4S9XBTzLYo4vwYZcIAqnB3IWel90EJToSbW6Oab5W8ZPRLjkIFtDHN5zk9PINxUppgOajwX9GRs0WHTm7yrnpElmuuvRC_pj6NnUWq1PKkwPYs6IcmYzaZe8l10IPObOUY8sA

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E963 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 477fb377a53a25c8963efb91976f8f5b614c69c01d455c3263f81ae9015926f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 87B5 38 KB
13 KB 12ms
8ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 305729
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 08:14:20 GMT
expires: Sat, 02 Nov 2024 08:14:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK viewability Show response
hal90004.redintelligence.net/ Frame CB26 0
150 B 36ms
13ms Script
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90004.redintelligence.net/viewability?s=65230400169887204444990012500004&a=edc63701&vb=m
Requested by: Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=65230400169887204444990012500004&a=909e4aa8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90004.redintelligence.net/request_content.php?s=65230400169887204444990012500004&a=909e4aa8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 21:09:49 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame CB26 14 KB
15 KB 12ms
10ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90004.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 23:04:46 GMT
x-content-type-options: nosniff
age: 252303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 23:04:46 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame CB26 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90004.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 03:41:01 GMT
x-content-type-options: nosniff
age: 322128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 03:41:01 GMT

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 87B5 38 KB
15 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 20:13:02 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D413 0
20 B 46ms
44ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Be8uJHFZJZZGwKsCP1PIPltOt4AQAAAAAOAHgBAI&bg=!n5ylnNPNAAb4oU7C2KE7ADQBe5WfOBpVgIr35ciA5sy0YqLZumjQ_QcYYSP4yyvBSJt-Ln8sHEKr4SRr8SevzAEuGcXgAgAAAONSAAAADGgBB5kDLHKQfjQ49ax5tohlZbYJcR6-NUMbzawi1_GH0sxmQ6ksYGhjXXyEc5Uo_T8ScSqJ9y37YKzE0L53QjV9RZ_WeL6jGo7KIqNG8O9Y_-kt6KPCHEO2EfWmmYVv2TaDMJlmR5TEOVsKWmIreU75aaL-r-CZGM0lBKsNRQEXqaFeDweiHsgTrKWd08mC5udETDS2cUiDhCnbPht_gMqaPc1TfK78wVw45FxZMdcbyM9NcNX2WNw5tDX9MMq7VUuhNt-PXtvGmZk2t3BipRyHlDh80ZnekpFHkX-459ybC_VTDKHd39g0SSzSEYI8f3xUc38iPmbKhHm78lrpx19LW2pqzctUdOXzqlJfLtLa-42aY8rFcrjVG23arbJX-kXRgYKhLBh9Bv8MiNxkY16EWPvAZL2EsIrYn_ssZUWZQm3nE2_w574Qxk2MnyFcWXOhcL3lhf6un3jumT2RIVQ8xRtwADAS1ZJS_v3c7lK_y3k80hNQNbRe_U1TD4TJQg6TZAfEVHDknpwAyVWI6EXJd0JMnaAuPmBiSwzgIUCCXJkhwgBMZOJXpaG8YwrdxrFBYSyvTLAXj63y2hEjtee5vO7czEK3THvO6VCggiVFz9Lgr0PARhBAegcBBMC-OH2GOQ8xt6Airib5-CO62LoVgGq7FvaNnFf2z4vSJ9kt9XvsMQqtYqvB2B7wc27_YRm4xGjhDaZQJ6uGvVrbq_SiVAEdAmhh_oabpN2h4WFXsKzoEOy2Pt06Ov1PV6lcBvFlwKOgKRQLHSP1om-aLRy2jFyfqDNPr0uO26-cdU0w-JJVPiOqOboyjr5EFS6viicnfM2n8iTcPnq8opvFboDF6JlD1doI-hGnEA1uA0cNLjFmF9aQdnSep4I794keQvA7o0aY6OvaUkXTi72TxmITKEc8k-x9_HuzNRsnq4ov_cJdUKQ5DBwddFulmuyQSERypwtO32OeI8V18vF9DzK1b2mvVF5nHFa9uUmILUKr47ItqlL4PaYT-jOff6kUiD_6Sl5K_LlqF0lbzIyt51R9RsWbGcsY1YFa7mP0Z1QxrCY3bz-aByqiKAQYDdq5fRia

Requested by

Host: www.pbh2.com
URL: https://www.pbh2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 87B5 0
20 B 50ms
49ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B-_WDHFZJZZW2OZDE7gOS9pewDQAAAAA4AeAEAg&bg=!vL-lv_DNAAb4oU7C2KE7ADQBe5WfODWHtb7ZnVxdxGBz3gCc38U4M-j_QXyVuSGW73TFj7G4s5dLwoq2ZVOIhgFoMkD1AgAAAMVSAAAADWgBB5kDSU9ST4Ykqj0ZLLYmBUmqQpEH6zwezJH08bCLyOLWxhOi1HIHhAS8N4411Rk62rs5QJQhZYtqgn2QUHzf63Y2gCYVrfuHxqvWc2GglR_8q7mEPr64HN7vCZA3IKxddFvj6T4zGWJ84q0HvXSW7T7PQSH-FEuabjsmqaUgA-3drAiaXTgKCFuFbTOVLerkzgKNOJXjJjgUonFLWEvoXnIu10pF1mwkyMZZsQKr5eYdxVAz37K6Tb_dnNUfe1YmKbQtB9ST_7g_eI3QgETA7zgOuNgZtumRO_Uy-bQ1nQCHNUMt9W5hK-cnvoLdvkwPSNXwt7cPk_k7Sv_batxAepWarnXRCZGeiZ1PXYZ4bGyqHiJsLvgrkqJ1Kv8c3JzqYGh5wJtIeRy9XK8JN2LouIjHKw5-UllX6JzUN04LkRhlnXHCLxewNvBpY8UcUirQm8SFgvrll0_Eh8MTt_JtzNQqkNML8NBHs7Yqxb2mpg9KKng331AMd6eV0qHgpdGcxyFvMtpfy_gHjIXaYZXqILlXYZ8orylLplW4MvqCuKcTJIjVfn75I2kbyByfpVwzmUuuBSWN64OLMkRBSUocAmAO5JA20zRyNiTofX1DlNe5LiTvTzvEDBsYTM5TcrVg9tinIuf62eXB-OAxUHuo4PECkotwO0pZtCnGOzPe6jGVSQTgXCxtLn57J08_HAqK_d3zuDCCsYylM0CqdnVos7Oy3WawAoxb0fAhjDb7GhluMw-A3bBhEW-bs5HYuUbVLBzxuZmFEGXvljdlLTVzhh703r9nfdE5mjhcxJu1hgo6jbkYxLJR7kDstu__5DSNV_bvFIqLbb9nYMPR0TfaVCo43RSJqvIduu38odD6RggL0Mfuw-PO4SkLdP_3wJZ_GRYstOOMr31kHD7__ok1h9NunpEUKAYcrWZn1Xxo1OZZcLTStK0j7aYPd5_QUUvBudu24H8JRF4VR1N-1e6DRsqZbOYAUjdK2fUjY740-dwJSEE1Z8OA7FihTHlDTiENEappg7MLIu3GbxSPpdqQRjotkMyTAZQ6Iksj_xPuQwcAnRrT-ZQnYRO2vTsxg5MrzKPvDVKqnfNt_qbRry6VPR2mjXYvfrEPCe3klc0

Requested by

Host: 4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
URL: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 392D 42 B
64 B 77ms
51ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshLWa5JIcpP1uSQkP7aQxKO6nCfSVPnLB5d21UdyjT9Bpyjk5sFRy2u4RHarTssmxJdLlMYtmzua0V-O2tIwLgE08HKsIk8LruhX7DTPpDLeJMTlhGYmb1J9EGA42HNzg&sai=AMfl-YSTZhwQG2e-R8s9nuxxASiPjEbDq0IkiYqpxYJ1A7eIAnSvjjAfap2BYKvC4PZK7bR6G5XuwvdoDUR-jO-wUw0W_W1IgjSgxF4UJR73jHABQXPjSnT6kYyDC7RzBEkgUu6XxjtIutpT8E6Zj0pW&sig=Cg0ArKJSzCKcb8tghslxEAE&cid=CAQSTgDICaaNn7edd5AapkCdwSCj9jUbVGL_oL2ILCioewvq5feCqTeUUlv30QJRhdSjGbARWcvmiSqB4zkwURDIO74JrJiFP-v2ExQ6s1OsWhgB&id=lidar2&mcvt=1000&p=195,315,445,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2102622896&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699304988472&rpt=962&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E963 42 B
64 B 51ms
49ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstc-WOTMmUfkCO_Z7ZGAzGzXR0hgs13ziXlZWMLXk2CuaWB0_CwULauZdoaNU8QVXbLgOpeiKWMVtXCJPlUNlBEcx12dMsJ1kW03m4RntXX4VqT1mcgbC8G-NaxopMYvHV2_3wYj2IwsFtL&sai=AMfl-YRrdC3-EGStgKl43ZFM7SpvnN-qZmcloeRMr_ut4zPEhO8ro9VHI3lNqw2txZ4xkNe8NtDUaISsSox-j_grEV8XI8fcmbTT0186pBV9aUK22soRn50krIML-VbnQKgE3dPilYsKWCYugh6dmQ&sig=Cg0ArKJSzOPnqW15klNkEAE&cid=CAQSTADICaaNLb6EXbjddjkZC1sZ-6G1hWZCm304_RNxqFXwTSzf0P_hO6c0WPnOwhRETZgF2G5XauVTTat6ueg_Z1Pkz-oOfMGbN5BAr6EYAQ&id=lidar2&mcvt=1000&p=460,1159,1060,1459&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3885494050&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699304989222&rpt=303&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90004.redintelligence.net/ Frame CB26 0
150 B 34ms
12ms Script
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90004.redintelligence.net/viewability?s=65230400169887204444990012500004&a=edc63701&vb=v
Requested by: Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=65230400169887204444990012500004&a=909e4aa8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90004.redintelligence.net/request_content.php?s=65230400169887204444990012500004&a=909e4aa8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 21:09:50 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 62ms
60ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b3336893603a17eebf16144d7c24593e00ced70968f49e4d9c975d24c04ebfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12092
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Nov 2023 21:09:50 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2BF3 13 KB
5 KB 25ms
11ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pbh2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 41363
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 09:40:27 GMT
expires: Tue, 05 Nov 2024 09:40:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 883D 829 B
1 KB 107ms
22ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3097468361ebc3067447d28dd72f9b68785c65f0d7224e92a3d1160ae951e141

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ja0OfGIogIC62kdySb_CJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pbh2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Ja0OfGIogIC62kdySb_CJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 21:09:50 GMT
expires: Mon, 06 Nov 2023 21:09:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 392D 0
20 B 56ms
53ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3842320481341&version=m202309260101&ct=77&x=1&cor=15341851885057282000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 2BF3 38 KB
15 KB 17ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 20:13:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 883D 0
0 49ms
49ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311020101&jk=859206319235326&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2BF3 0
10 B 8ms
7ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_zMJjg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
420 B 463ms
33ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=tbx1xrd&fmt=json
Requested by: Host: www.pbh2.com
URL: https://www.pbh2.com/wordpress/wp-content/plugins/bwp-minify/min/?f=wordpress/wp-content/plugins/pbh-common/jquery.dotdotdot.min.js,wordpress/wp-content/plugins/pbh-common/js.cookie.min.js,wordpress/wp-content/plugins/pbh-common/pbh-header.js,wordpress/wp-content/plugins/pbh-common/pbh-pb.js,wordpress/wp-content/plugins/pbh-common/pbh-pau-bundle.js,wordpress/wp-content/plugins/gif-dog/gif-dog.js,wordpress/wp-content/plugins/pbh-popup/bpopup.js,wordpress/wp-content/plugins/pbh-popup/pbh-popup.js,wordpress/wp-content/plugins/pbh-popup/pbh-slideout.js,wordpress/wp-content/themes/is-theme/header-pbh2.js,wordpress/wp-content/plugins/psp-emu/jquery.touchSwipe.min.js,wordpress/wp-content/plugins/psp-emu/psp-emu.js&ver=1667228920
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 247818d85db990b2a6fda0254a6d7f83b6b670ba2e237f065730770cc3d4428d

Request headers

Referer: https://www.pbh2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 Nov 2023 21:09:51 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.pbh2.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Wed, 06 Dec 2023 21:09:51 GMT

GET
H2 200 pd
u.openx.net/w/1.0/ 43 B
120 B 58ms
27ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 21:09:51 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 sync
eb2.3lift.com/ 37 B
140 B 411ms
8ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sync?px=1&src=prebid&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ 0
39 B 20ms
16ms Image
text/plain 185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=160407
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 21:09:51 GMT
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
44ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311020101&jk=859206319235326&bg=!YGOlYyzNAAb4oU7C2KE7ADQBe5WfOCKwv7ey8ycQ93SfukV-MysEX-9X5VAS8yo0jL7WS8QSiIyOIz6XKyN7UHmekT7aAgAAAMhSAAAACGgBB5kC5SONA59I18B0LxrZW4tQC2JM98AtqQ9EA3pfkoo7oArVKNaCRrZQE9GDmC_hTUZ8e5evT-M4iWZzQ53UaCVtF2rDssDJ28oKt41JsYcAXpbAcfeGMXzxLE7gLjqPpD7XxO3bcb01AJcAXocsMygLHWg3rkLU9hJM73FP1pMU67LBPuobZBJ1GJ0qiwomKMIGdlkzABnylltAv29yL1us0thDtcBZQsozB70rBTCkhL-wTGsFsg5Ye9CVscGqLmyiZ3Jds4s2HMMtsagtKlop_0FK0VNuqfnmAEhb8uiqXVPqXGEa9JTlK3vy61ms5aP2mMzCRApwvj42KiSbIBKroOff2LhwGjbGGBmwksjKmM7CqG3PK0A_YGAt7QFMwAS2bu_0osz4DCNpESoqQQ__MQZnP0k3r_S7o8mqBSiHdxdM45QsTgpfz8hQ-KTL4ljCuIniJ0ogkAls-WKNWH5-i--LgGHy4-CLIaRY4nP9SiX3JkwhlE8i0A7pGtRLTAHPZq4ioU80ADgKYuntEX9T44tIwxBmdzT4IVe1yG3pXbY42-xpTx3WRauE678PhNA9mBDluROUfukVpBGvdnPUFQOctnsHTkmqitboMvWTz0aLLpqp0rDs0811Q06T9c9Sr0r19DCjhpKgMDoEbHSkS2kqczyJoqMPpET9BvZD4_INqdvYDsfMkKNIrm36-EZAczaaM-k0jKU6DtdBiKyBVVGkTeLDXEl04vLsg4CnfLN5nMtAupdjW3GF8cFcf9zsdlTTe_EMh5R1qTHMqwGiOiitJ-NZB4receX3-fqdHzDu5GHXPKjyMTzCc936c80BYPUF5c2Tjeb6wPhRUGcxzA8sFGDib7oVeUCekzpBVfDB0np5HyBS16az3B2mrSmZMC28S080ckSE3jk_7f7tAmddwgzCbklr3Q7Gf01RSRXnkBhYDFzI9sJ6pPJ4E_gMFXlSOmtTnAOT34xPCxuzK8s2joUOqQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pbh2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

354 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.pbh2.com/	1970-01-20 16:01:48	Name: campaign Value: nocampaign
.pbh2.com/	1970-01-21 01:37:44	Name: _ga Value: GA1.2.528727689.1699304987
.pbh2.com/	1970-01-20 16:03:11	Name: _gid Value: GA1.2.1700283630.1699304987
www.pbh2.com/	1970-01-21 01:37:44	Name: _ga Value: GA1.1.528727689.1699304987
www.pbh2.com/	1970-01-20 16:03:11	Name: _gid Value: GA1.1.1700283630.1699304987
.pbh2.com/	1970-01-20 16:01:45	Name: _gat Value: 1
www.pbh2.com/	1970-01-20 16:01:48	Name: session_visits Value: 1
.adnxs.com/	1970-01-20 18:11:20	Name: uuid2 Value: 7938940150429392467
.rubiconproject.com/	1970-01-21 00:47:20	Name: khaos Value: LONEBBQJ-12-8A30
.rubiconproject.com/	1970-01-21 00:47:20	Name: audit Value: 1\|hLZGFuTafB3vPZqzIHZJ8Hjc0/aJelRdbjRFtGIHH0u0qxpngu+zMoB1HvD86K76N/FhsXMCLQOjkrb82NJt2gIO+yYzESpRjpQMBuYx62a+xUA9sgf/4bKpUjWTmmg0
.pbh2.com/	1970-01-21 00:47:20	Name: cf_clearance Value: oOjI.jxxy8g6a99zZmhHWuui5i94xN5P17w05VR4bbg-1699304987-0-1-a47ab894.ecc8e2ee.3c5c0bf1-0.2.1699304987
.pbh2.com/	1970-01-21 01:37:44	Name: _ga_1XXVVGFRMB Value: GS1.2.1699304987.1.0.1699304987.0.0.0
www.pbh2.com/	1970-01-20 16:44:56	Name: udmsrc Value: %7B%7D
.pbh2.com/	1970-01-20 16:01:44	Name: lotame_domain_check Value: pbh2.com
.udmserve.net/	1970-01-21 00:47:20	Name: dt Value: DB9FE5AF-FD7A-3815-83F6-38714885114B
.casalemedia.com/	1970-01-21 00:47:20	Name: CMID Value: ZUlWHBdi9ekZJo7EaIUusgAA
.casalemedia.com/	1970-01-20 18:11:20	Name: CMPS Value: 1189
.casalemedia.com/	1970-01-20 18:11:20	Name: CMPRO Value: 1189
.udmserve.net/	1970-01-21 00:47:20	Name: udmts Value: 1699304988.0
.udmserve.net/	1970-01-20 18:11:20	Name: apnid Value: 7938940150429392467
.quantserve.com/	1970-01-21 01:31:59	Name: mc Value: 6549561c-42f38-d7fda-2bdbd
.pbh2.com/	1970-01-21 01:26:13	Name: __qca Value: P0-2041549057-1699304988150
.criteo.com/	1970-01-21 01:23:20	Name: uid Value: 41a4b394-9da8-45aa-b676-0a790a045e42
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s85111\|ZUlWH
.pbh2.com/	1970-01-21 01:23:20	Name: cto_bundle Value: OFtEJl9oYkQxZFhOZzZodXhRZEN4S242czY0UkN4bk5xckZYV0E5OExXUEN4S1czT0FncUVFJTJCJTJGZlUyanklMkJhYnFHYWExMzhXSnAlMkJlZ05lNEFFWjFMJTJCJTJGOXZTY2N5eVlta1IlMkYwRXFySDFuZEphbnNGOFF2c29rM3ZRWENEUVdvMUZheHhSSXlEdzcwT2NSZ3pPbU5xMDVlJTJGZTFRJTNEJTNE
.adnxs.com/	1970-01-20 18:11:20	Name: icu Value: ChgI1f8pEAoYAiACKAIwnKylqgY4AkACSAIQnKylqgYYAQ..
.udmserve.net/	1970-01-20 18:11:20	Name: indx Value: ZUlWHBdi9ekZJo7EaIUusgAABKUAAAIB
.openx.net/	1970-01-21 00:47:20	Name: i Value: a493b0d6-28ce-4883-a9b5-d9232f7c3bbf\|1699304988
.mgid.com/	1970-01-20 16:21:54	Name: lmg_usr Value: c7a61b40-c236-4321-8552-62bb2bab8345
.mgid.com/	1970-01-20 16:21:54	Name: lmg_r Value: 24
.doubleclick.net/	1970-01-21 01:23:20	Name: IDE Value: AHWqTUmOAcTgViJ94Ltm1k2i4TTcASR-4w93XPUSBsw7TlsNJFojifVyIAIEEhGA
.adnxs.com/	1970-01-20 18:11:20	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVJen4MR!]tbPl1M>e)ZlrFUfJ+tGXxpGVuk[TbU)@OFQvnY<9*7k:$q'h_K?yk=6<En3If)y3KL9D3I?+aQEKM[
.udmserve.net/	1970-01-20 18:11:20	Name: mgid Value: c7a61b40-c236-4321-8552-62bb2bab8345
.doubleclick.net/	1970-01-20 20:20:56	Name: APC Value: AfxxVi51srYie6-iFR9zZ-nHeJoIUBGsBV06xu8XsregCDhAOcfybg
.redintelligence.net/	1970-01-20 18:11:20	Name: 8lcfmzhxc8d6_uid Value: db11d37d6475fafc
tagm.tchibo.de/	1970-01-20 18:11:20	Name: tchibo_et_gk Value: bbc46ded05d042f495988e706dc0767d%7C05.01.2024%2021%3A09%3A48
tagm.tchibo.de/	1970-01-20 20:20:56	Name: tchibo_et_uk Value: 4116be6be5dd42fa807d217b70fb8e8b%7c
tagm.tchibo.de/	1969-12-31 23:59:59	Name: session_session Value: e38aef62a572430e84091991
.retailads.net/	1970-01-20 16:44:56	Name: ppb2172 Value: 3276808382
.t23.intelliad.de/	1970-01-20 18:25:44	Name: iact Value: 00016D4B9471DFC0BC294684D5A834CF14E4
.t23.intelliad.de/	1970-01-20 18:25:44	Name: iaimp_42842 Value: 1699304989:42842:100:137:101:248:101:20231106210949138895514fcd5c50
.pbh2.com/	1970-01-21 01:23:20	Name: __gads Value: ID=ebb66607d823715d:T=1699304988:RT=1699304988:S=ALNI_MZrfETmb94amJRSv1A89zyrCDOx7A
.pbh2.com/	1970-01-21 01:23:20	Name: __gpi Value: UID=00000cb7377af3d5:T=1699304988:RT=1699304988:S=ALNI_MaitrMgoa08I8jXF1dk5SYX5YCdEA
pb.media01.eu/	1970-01-21 01:37:44	Name: DTU Value: 8E74F0D19952ACAC37F565BD9BC594D6
.futalis.de/	1970-01-20 17:28:08	Name: raSIDb Value: 3276808382
www.pbh2.com/	1970-01-20 17:28:08	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-11-06T21%3A09%3A51%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4c76105525491e947106fc85aa3942ee.safeframe.googlesyndication.com
aax.amazon-adsystem.com
ajax.googleapis.com
bcp.crwdcntrl.net
bid.underdog.media
btlr.sharethrough.com
c.amazon-adsystem.com
cdn-ima.33across.com
cdn.id5-sync.com
cdn.pbh2.com
cdn.prod.uidapi.com
cdn.retailads.net
cm-x.mgid.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connect.facebook.net
dsum-sec.casalemedia.com
eb2.3lift.com
esp.rtbhouse.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
geo.privacymanager.io
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90004.redintelligence.net
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
image8.pubmatic.com
invstatic101.creativecdn.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lb.eu-1-id5-sync.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pb.media01.eu
pbhmedia-d.openx.net
pixel-us-west.rubiconproject.com
pixel.quantserve.com
prebid.a-mo.net
pv.medialead.de
region1.google-analytics.com
rules.quantcount.com
s0.2mdn.net
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync.go.sonobi.com
sync.teads.tv
t23.intelliad.de
tagm.tchibo.de
tags.crwdcntrl.net
tlx.3lift.com
tpc.googlesyndication.com
u.openx.net
udmserve.net
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.pbh2.com
104.18.36.155
108.138.1.25
138.201.63.116
141.95.33.111
142.250.181.226
142.250.185.226
145.239.193.130
145.40.97.67
15.197.193.217
162.19.138.118
172.64.152.89
18.155.129.5
18.155.129.7
18.239.18.78
18.244.35.29
185.64.189.112
185.64.190.79
2001:4860:4802:34::36
23.205.93.33
23.57.19.78
2600:9000:2117:5c00:a:e047:753:a221
2600:9000:2551:2400:6:44e3:f8c0:93a1
2600:9000:25e8:5a00:5:c4ab:c3c0:93a1
2602:803:c004:200::140
2606:4700:10::6816:3456
2606:4700:3031::6815:4946
2606:4700:3031::ac43:9eb4
2606:4700::6812:bcf
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:803::200a
2a00:1450:4001:806::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2004
2a00:1450:4001:810::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:828::2006
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9d
2a01:4f8:d0a:2321::2
2a02:2638:3::3
2a02:2638:3::c
2a03:2880:f084:105:face:b00c:0:3
3.124.138.165
3.162.38.75
3.71.149.231
3.74.50.207
34.102.146.192
34.120.107.143
34.237.83.209
34.254.54.88
34.96.70.87
34.98.64.218
35.190.39.111
37.252.171.85
49.12.16.151
52.222.174.81
68.71.249.118
69.166.1.34
76.223.111.18
78.46.23.46
8.2.110.161
8.39.36.142
85.14.248.72
88.198.250.30
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06e78d11ebc6abbd04d7542895e694ceeb63d2ec9e20a71bc393151d1d5a66a8
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
09ba0a245473fd605a7cccdfde1c26373d67ea42fc4164984dadb09aec5b7bd3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cfd84634f91254e293d62bd6aeb48040b1edda4c7d88c9edad5efd142cd397b
0da9cb12e2f1fcc862fcd7a21804d541511a651165857f7245fc21824dc05f35
11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74
1ef113c86b2c6a2c187da0e026e898f56f4d70b044300c5bafa6e80bb1736e0d
1ff498aa733920d4d7b713b0480ee4ce116e04858d781ba701a23018eb979fa9
247818d85db990b2a6fda0254a6d7f83b6b670ba2e237f065730770cc3d4428d
275c80ee9a012aa46e71ad5c47391f9ece27d182b0e4826313fe601f349f3002
3097468361ebc3067447d28dd72f9b68785c65f0d7224e92a3d1160ae951e141
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3225c9376cd8f731c5d65175d9ca584616403f157a9e14c3e3439c7362d9486f
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
37d6c5750c6536e41024249d7c4a647a1d0d069c3498e10aaec88cd3d1141ca3
3d4e748701e4f8a7cd2343c922a05b544e29dfec59959ce611fc2cd74df5d9a1
416e539fa59fbbab94e9e044b52bd932175e218e0028204aa2109fdbfa5ed925
417ede8e6672d7f08cb6f4a707ebb200d80795a0a275479f3a574add79aca043
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44ab264ff1b61cbdbd16d56cab424dec53428b3f376cb65315cbe2ccd7827536
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46ebf6fafafbd7a762b638cabfa7136575cfeb63dc6f3e2401e0a49e542de44a
477fb377a53a25c8963efb91976f8f5b614c69c01d455c3263f81ae9015926f2
492b52b5347de84770aec76871623e7f4bbd110a37eb30d4e54da59e67982c86
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d3f3900ac7da212a1d9dfecafa5868edc91ab70ff135c9282d08d07071781dc
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51fd39bd695a1c7a3fb7665eaf1f8dec155d393d5be5e324297d04c211d3bf84
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
53fcbdb394dab3494945cd64fbd897b641057715860ee624ec0d3c5e701edac2
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5cd1aad2b9d6fe4fbb0c1cfd76708b8f537c3629c151a10ed0c49bfae2d29ec4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c48c6e2c0b711069b5ff1103bf251a6cf86269a61bbb207ccff65f1f122f66
6578e96465fba5fbd13d8e90c20e26fa38f8d4573e401a7bca98ce3eb1250039
6a15af42dcf8e6705a1ecea1dc8a864ce0c050b8c2dc5365d760f6f8b2477825
6a4efe162ec78671b4f1455283b47f255baaf8cd43a7d8c21d3d404ea0831ec0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
72bb114011c4242417d71a999e0ee4894c32d2632a4285d31aec4348cfa755b5
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7632303ffe94779e27e326444f0d4043c42e680a0d5e3924e88850cd5acb248c
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
83aa6fb166fcd9313eb54292483ede50efd316b14e27ec61b99da9e7f4d25127
83c54c7d24b82e3bc2d8181f26c787ca986aac7baf87d9308e610ce662eae226
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
8b3336893603a17eebf16144d7c24593e00ced70968f49e4d9c975d24c04ebfb
8cedae6be4017c63e86021242d81c65cfb2ccd7526d8592958b9335cf5b415cd
908e9db9839884c507dc48b18e4256522d403528cbab539424b1a9d5e3084310
9256b482919df4e1b5831f6ee16b9eb345d92afcb820918cbcc4b2bfe8a50660
9c8d3a4d349116265d6d0082835942478877628adabcfe8ff55ee9eea26fbccc
9dbcbffbbbfb753f5286863dd780c44144fe5edfa6123d9b61ebe1e7622ca3ec
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a17052cb55d072c407e63153cad7abdcf0160f0d11480ef8d3250961bf84e708
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a591a8af34ede76cb8c680dd625a27d20dad9c4d0c94f7adb9ddacb697d3642a
a73e6aea0af3e2f0b5c9e522d11b86444b93011702201a130b324f6594f3d286
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
a87d4a4d40583c35087e6af0246f7e54156def5837f14ef2551d89fb9c1330fa
a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9
aa1c5176e44938c4b2204b5a3089ac02873a4fb097250e781b9afef42babe040
ac3ef44ef182cdae2e6ed3eceddbf8707276fc1c6e9011cac17b3d4d76a3202e
af1a77e7360b28cb730e0f5e56566b51a4d620f2cc411f8e32e5581ddf546e09
afd08aea9c2d2c2e5592d0c0ab3f23a9008f0240e966422e001fc267fb2e1f34
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b177eb23c3d965fa29f0163f9676ae5280c69ee45f52c86cf53949536d4a7655
b1885266a3064efde46d5a2ceaf6f0afeb9c742e37b8a7b965e6142664d35048
b31e36330f9e0450e345f9d9cbbd6363b5581870f0edfd72a0018e88040137a4
b95804bebbbf752a3d1b381e84f037b27ced0b44933adfbc8238bf48cf29eebc
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c1732796c9dfafddff16db9660e67a879d723f376b0160cccad730c6c414eed3
c2ff1acab05771e2e7b788068aaf62f52d71e1335d463f0b61f0b30c0bac6a83
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c6aa558d2abf06c6b478c563cb5147692a64fe989ec2340f3c62264ba7732f8c
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cabe7e5353649dbc2fb00734d764dddb0219bc2975b44b4f650f74f3a87d142e
cb73ac0139a4cb657008d45a79af185594ebbc1f56279cb8f105668a47f2cb3d
d0b2c7adb6044ef27f0bdbe9ebee577dd54f01c62aacc436ee280bea058b92ae
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1e756e53ce6c2b501569db4974c7d055dacb0f445492800890c3a296a277889
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
db8bfe4607c037a3bd45e916733a5dbfb57e96d8ed0520b41c164342be3a7a86
dd8ebef4c4febeeb0f12e5479579aba4181c09c7074288c5a027fecd8f4748f8
de0ead93db26f0e67471d9d6551c8d0dcd69142731b8fd14a0b6770a5f99fd40
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e1993fa9a23a480a9669e2cd2eac22b7be4c16c70ed28751e24a7c6ce7f7fa24
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47b2863da55087bd15b5544c0cdf3c5364bdb4b12680118542f57afa6f1a861
e5444b8316e4780be64a305e03627981e6c8c8af824ffe290071aebb19944861
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e978e7dfd8cf2ec724d5325916c809146b0d659cc22f27faf4682d725a5b0293
eb364691cbabb7b4720077c41ec92a9027d4e1531f6f00a01e80a257597a974f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec13a97b2f9ddb0c1785e88f3ab940d2bda5b202366db53aaa40b425034fdd60
ec1faa0adb1821b70efd452da103c2f51393f990b5c8ecc23a9a1d7708c46423
eca09f0209c6448bdb527722bd8cd3e8eb8245cf59799f3a81c1765a6020af60
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60
f51622efa1a89593c528c8e1f973f9c109395c4a8034f6d92d87f64ebc2c5718
f66717183469ec7983f321be0d30930d2f4b29eeb2817cea73790573d03385ce
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f6defe378acad8a898e4eb6068876bc3ded84c7da0c26129729db186490615cb
fa9eade4d6b89e4c052267f98460940a460bbc70ba0712d294aab184f264e252
fea03786e6782c616f0dcd2ed8af3f3cc686118e75c981beb0d11ad3056f336f
ffd371f0379a7c1aca307e7665598b936ae097cc0c4a6036daad9b59949c0668

www.pbh2.com Open in urlscan Pro 2606:4700:3031::ac43:9eb4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

206 Requests

90 %HTTPS

41 %IPv6

49 Domains

76 Subdomains

68 IPs

8 Countries

2590 kBTransfer

6317 kBSize

46 Cookies

9 Outgoing links

Page URL History

Redirected requests

206 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

www.pbh2.com Open in urlscan Pro
2606:4700:3031::ac43:9eb4 Public Scan

Screenshot
Live screenshot

Full Image

206
Requests

90 %
HTTPS

41 %
IPv6

49
Domains

76
Subdomains

68
IPs

8
Countries

2590 kB
Transfer

6317 kB
Size

46
Cookies

206 HTTP transactions
6 data transactions