Submitted URL: http://www.drawturk.com/
Effective URL: https://www.drawturk.com/
Submission: On January 14 via api from US — Scanned from DE

Summary

This website contacted 44 IPs in 7 countries across 33 domains to perform 251 HTTP transactions. The main IP is 157.90.169.159, located in Frankfurt am Main, Germany and belongs to HETZNER-AS, DE. The main domain is www.drawturk.com.
TLS certificate: Issued by R3 on December 25th 2023. Valid for: 3 months.
This is the only time www.drawturk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 157.90.169.159 24940 (HETZNER-AS)
7 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
56 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 27 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
41 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
4 142.250.185.226 15169 (GOOGLE)
3 5 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
11 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 18 216.58.212.130 15169 (GOOGLE)
2 4 172.64.151.101 13335 (CLOUDFLAR...)
2 3 37.252.171.21 29990 (ASN-APPNEX)
1 130.211.44.5 396982 (GOOGLE-CL...)
6 2a00:1450:400... 15169 (GOOGLE)
1 142.251.168.155 15169 (GOOGLE)
4 34.98.64.218 396982 (GOOGLE-CL...)
2 8 23.32.185.35 16625 (AKAMAI-AS)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 4 142.250.184.198 15169 (GOOGLE)
1 2 2620:116:800d... 16509 (AMAZON-02)
2 2 18.197.162.124 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 178.250.1.9 44788 (ASN-CRITE...)
1 1 51.89.9.254 16276 (OVH)
4 159.69.70.9 24940 (HETZNER-AS)
3 142.250.186.34 15169 (GOOGLE)
1 4 138.201.63.165 24940 (HETZNER-AS)
1 142.250.74.194 15169 (GOOGLE)
2 91.121.248.44 16276 (OVH)
1 2a0b:4d07:102::1 44239 (PROINITY ...)
1 13.42.201.144 16509 (AMAZON-02)
1 2 142.250.186.166 15169 (GOOGLE)
1 1 94.23.99.218 16276 (OVH)
1 23.192.250.178 16625 (AKAMAI-AS)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 151.101.194.49 54113 (FASTLY)
1 52.223.40.198 16509 (AMAZON-02)
2 2 37.157.3.20 198622 (ADFORM)
1 52.222.139.129 16509 (AMAZON-02)
1 99.86.4.52 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.42.80.79 ()
251 44
Apex Domain
Subdomains
Transfer
98 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
ade.googlesyndication.com — Cisco Umbrella Rank: 356
794 KB
55 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
bid.g.doubleclick.net — Cisco Umbrella Rank: 917
ad.doubleclick.net — Cisco Umbrella Rank: 163
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 126874
361 KB
19 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
201 KB
14 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
gcdn.2mdn.net — Cisco Umbrella Rank: 1402
r5---sn-4g5e6nz7.c.2mdn.net — Cisco Umbrella Rank: 748674
4 MB
12 drawturk.com
www.drawturk.com
527 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
imasdk.googleapis.com — Cisco Umbrella Rank: 485
142 KB
8 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 38309
hal90005.redintelligence.net — Cisco Umbrella Rank: 252814
63 KB
8 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1376
2 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
454 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 98
1 KB
4 openx.net
us-u.openx.net — Cisco Umbrella Rank: 524
572 B
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
2 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
301 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 28599
api.webgains.io
19 KB
3 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 41332
medialead.de — Cisco Umbrella Rank: 40963
851 B
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
3 KB
3 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 604
tps.doubleverify.com — Cisco Umbrella Rank: 650
166 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2029
21 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 583
1 KB
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 608
725 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 875
2 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
796 B
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 69384
3 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
149 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 716
546 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3445
104 B
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16092
703 B
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 55633
2 KB
1 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 148117
923 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 707
388 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1552
587 B
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
251 33
Domain Requested by
56 pagead2.googlesyndication.com www.drawturk.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
41 tpc.googlesyndication.com googleads.g.doubleclick.net
www.drawturk.com
tpc.googlesyndication.com
imasdk.googleapis.com
pagead2.googlesyndication.com
27 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.drawturk.com
18 cm.g.doubleclick.net 9 redirects googleads.g.doubleclick.net
12 www.drawturk.com 1 redirects www.drawturk.com
11 s0.2mdn.net googleads.g.doubleclick.net
www.drawturk.com
s0.2mdn.net
8 sync.teads.tv 2 redirects googleads.g.doubleclick.net
7 www.gstatic.com googleads.g.doubleclick.net
7 www.googletagservices.com googleads.g.doubleclick.net
www.drawturk.com
7 fonts.googleapis.com www.drawturk.com
googleads.g.doubleclick.net
hal90005.redintelligence.net
6 csi.gstatic.com imasdk.googleapis.com
6 fonts.gstatic.com fonts.googleapis.com
5 www.google.com 3 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
4 hal90005.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal90005.redintelligence.net
4 hal9000.redintelligence.net googleads.g.doubleclick.net
hal90005.redintelligence.net
4 ad.doubleclick.net 1 redirects www.drawturk.com
googleads.g.doubleclick.net
4 us-u.openx.net googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 www.googleadservices.com www.drawturk.com
4 www.googletagmanager.com www.drawturk.com
www.googletagmanager.com
adv.office-partner.de
3 googleads4.g.doubleclick.net www.drawturk.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
2 api.webgains.io analytics.webgains.io
2 c1.adform.net 2 redirects
2 5994599.fls.doubleclick.net 1 redirects www.drawturk.com
2 pv.medialead.de hal90005.redintelligence.net
googleads.g.doubleclick.net
2 dis.criteo.com googleads.g.doubleclick.net
2 pm.w55c.net 2 redirects
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 r5---sn-4g5e6nz7.c.2mdn.net www.drawturk.com
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 cdn.doubleverify.com www.drawturk.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 adservice.google.com 5994599.fls.doubleclick.net
1 cdn.track.production.webgains.team googleads.g.doubleclick.net
1 analytics.webgains.io track.webgains.com
1 match.adsrvr.org googleads.g.doubleclick.net
1 sync-tm.everesttech.net 1 redirects
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 www.awin1.com googleads.g.doubleclick.net
1 medialead.de 1 redirects
1 track.webgains.com www.drawturk.com
1 adv.office-partner.de hal90005.redintelligence.net
1 ade.googlesyndication.com www.drawturk.com
1 onetag-sys.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 tps.doubleverify.com cdn.doubleverify.com
1 region1.google-analytics.com www.googletagmanager.com
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
251 51

This site contains links to these domains. Also see Links.

Domain
www.katibem.com
www.entranet.com
www.verisay.com
Subject Issuer Validity Valid
www.drawturk.com
R3
2023-12-25 -
2024-03-24
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1
2023-05-07 -
2024-05-07
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2
2023-09-29 -
2024-09-28
a year crt.sh
*.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
teads.tv
R3
2023-11-03 -
2024-02-01
3 months crt.sh
quantserve.com
R3
2023-12-27 -
2024-03-26
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-01 -
2024-03-01
3 months crt.sh
redintelligence.net
R3
2023-12-13 -
2024-03-12
3 months crt.sh
*.c.docs.google.com
GTS CA 1C3
2024-01-02 -
2024-03-12
2 months crt.sh
pv.medialead.de
R3
2023-12-04 -
2024-03-03
3 months crt.sh
adv.office-partner.de
R3
2023-12-27 -
2024-03-26
3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01
2023-05-15 -
2024-06-13
a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1
2024-01-10 -
2025-01-10
a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2023-08-15 -
2024-09-15
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.webgains.io
Amazon RSA 2048 M01
2023-07-24 -
2024-08-22
a year crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M03
2023-08-30 -
2024-09-27
a year crt.sh

This page contains 38 frames:

Primary Page: https://www.drawturk.com/
Frame ID: A975911F3E6A4D5174D1BFFC143837F5
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: 32F6DECF8AB46BDE4875562F65F7ED69
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=7014827733&adk=4182805533&adf=884890725&pi=t.ma~as.7014827733&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160749&bpp=3&bdt=445&idt=209&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=1487000310486&frm=20&pv=2&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=220
Frame ID: 29BC4A8BA94F929A178BF54789C9E70E
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=3094219431&adk=2631105463&adf=3797023803&pi=t.ma~as.3094219431&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160753&bpp=1&bdt=449&idt=227&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=228
Frame ID: B028813A7F6D3B49DEC7A525BCD535E4
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&adk=1812271804&adf=3025194257&lmt=1705256160&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160765&bpp=3&bdt=461&idt=219&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C1140x280&nras=1&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=226
Frame ID: 0498EC8EA13DF5EFA95103BF12EFC2E0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Frame ID: 157A44B3973A3BB91848B37E69C41208
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A6DADF80C4FD966EF0E30A6ED4AB1D0B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2944680930&adf=3797023803&pi=t.aa~a.1278048309~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1140x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1737&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0&nras=2&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=5
Frame ID: 07B89D006B1DED52E01D8A752F0EDB0C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Frame ID: ED543D3E7B4299712917A159FB6E9C8C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: E3AAE78751E4D7D44BD7F12EEE4965A1
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 2250426B4151167F7EF8B489A475DA14
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 7C307E8A392EBD04F9100B0EC6C97F5B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 9E97A7E48BBE977DBF2F8983703245D0
Requests: 31 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Frame ID: E0EB6A8B820E438786152DC8049967E7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNaySBDBg5DdBRiv28OCAjAB&v=APEucNW78vvV2KtvCz_b2PiNcTF7gyZ1LW-OvLHnrEMpvutH594QKpsFE2UrWaRF37Qwm8IR5v4IRtSmH4NmkKYqLci8fAr-yt7pEfsOEtWCRJ_IAQ_RtUKs2uw_zF6G9r341LXsU7aZr0jAbQ3M3a3FiaarFgkOje7QpFMGM3mvZlvMrKkxmVs
Frame ID: 015E24F5D3806E7918B7040E8D49E35F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Frame ID: 19928F6C776B8666C773D27FDF1AEC73
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 225AD411826C4AEF253FE919B0572827
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CD9D47C8E38D128A4B5DE4A022235106
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8325561B94FF663CAF8977375DDB1793
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4AEBAAA98D972255CEA770B8C4E29596
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhiwj-GCAjAB&v=APEucNVCakJxlwcNzI0bFeOCSVrn2cZ9nb9l4zpZxJB-sXAgpGW1Vku2DKv-6ijiIX8VEbuS2NQ9yt3iU74Ec-CW-qfHzzatESlL2sv2IYBoikol1j38trTgzfpRml2LIeHwInMwvaGWArqKNGpRNOxu70QJgk5jd4MwBXq98Wqxd356kanJHxY
Frame ID: 7C237F0B01641E7ACD5662128E37DF9D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 96A2CD81980B3ECAE6BB86CD87899DB4
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Frame ID: 6C9C9DE44FDBF1A73027A669A5498050
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Frame ID: 1F2162AD752F3BDFF45C71976AB3A4A6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNWLd4UpJgaPrsZCm1JEyl4Ug82Jc4Abo3CbYhIvx8-hdylX1SE-cXT5TkM6bWJL152Xz0taBLcKZSlbUAqQFFqzOV4-0D8ifz743cXuCEwavuJNbCyRL1o3BkjTIV1pnsPjsfZ4dADnqaisFad6T32ViSIsngPhBku-TPeC1dST7U6s_wk
Frame ID: 5F23F935DCBE636F679B51B7B7FBDB76
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: B5B1726F373888C9F80301DD46AC06D4
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 49BC36A52DD9756258FDAA0FD994FAC0
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D4E07AC0580F06AA45B3FF339C328A78
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 65C70E3E009E8D8E0566B1E1931BA695
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/index.html?ev=01_250
Frame ID: BA21168F072CC6E536619F34EF93ADB7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9185D86C2282D84329E0CEDE8A54997B
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=36318900125401704444550012569005&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 84FE0AB7FB2A14B533AB808C596EC7DF
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: C2B8FD10BC906361FE318905E6D08307
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CImkjZ--3YMDFRTLOwIdhuoDAw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4434435397794.641
Frame ID: 7267DC4169F0C982140BFE07E948422C
Requests: 2 HTTP requests in this frame

Frame: https://hal90005.redintelligence.net/request_content.php?s=36318900125401704444550012569005&a=888dd40e
Frame ID: 402167CE84F5274F4D6E869096FE17AD
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F7C289E0C259216C9AA1184674AD72E2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B14EEE23801AEC5F3B84E8005994C9F9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 103F08FF9CB198CFA01EE76A1BF6F63D
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

DrawTurk - Autocad, 3ds Max, SolidWorks Dersleri ve Teknik Resim Çizimleri

Page URL History Show full URLs

  1. http://www.drawturk.com/ HTTP 301
    https://www.drawturk.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

251
Requests

91 %
HTTPS

42 %
IPv6

33
Domains

51
Subdomains

44
IPs

7
Countries

7242 kB
Transfer

12567 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.drawturk.com/ HTTP 301
    https://www.drawturk.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CQ1Y94SSkZZeSAZu878EPr8-eyAzG25_Zcuj5hJi3EuP1-sGQDhABILTj4SBglfrwgYwHoAHzpdeGA8gBCagDAcgDywSqBNYBT9DDVJmg6dBnn_e-ZMIVE7R96RqzMxRwf7e14Q8NQ3DAGQUqwquSpl7EtSvCcHwI62qT7KYae9AQgTzJfldV5cDABYhjwRitKDYUfU25Y8gVNRkEbW6nr-If3n2fPIcXkE0Wzs8f4Mk8JYvkxIhIMg7xpgXzZ-LmLrQYmRMsnQ2g3HDj0Zmc1TXBsNOlZqJ8Ha_eitE1q0ppHN-Ule6R3aR-gtmfkjXnVqwNN3pr3F_t6In-pyUO4LpiNO3KXM2xa6NLrlNYHozI9khm-mXpYZmtgrXA8sAExd3ei60EiAXcs8GlS5IFBAgEGAGSBQQIBRgEoAYugAf12ah5qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQlaAZ0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljH5umdvt2DA5oJb2h0dHBzOi8vZ2V0Y29udmVydHBkZi5jb20vbHA0Lz9sYW5nPWRlJnR5cGU9dmlld3BkZiZjaGFubmVsPWNtLWRpc3BsYXkmdHJhY2tpbmdfaWQ9MTAyJm9pZD0xMDImYWZmaWQ9MTAyMyZscGM9MYAKAcgLAbgT5APYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNjczMzc0OTkzMzUwODQzNhgAshgFGC4iAQA&sigh=ADg8Vq5PfFk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwAvHhf_B2XGHc6nIxA6qJWVJMpd8710PtrBtxgB&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211265377656042077662%22,%22debug_reporting%22:true,%22destination%22:%22https://getconvertpdf.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22819319539%22],%2222%22:[%22true%22],%224%22:[%2201-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222790654267417658769%22}&andc=true
Request Chain 46
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 65
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CbcDk4SSkZbHUAY7j78EP9p2IuAvMj86zdMrjnujxEbCQHxABILTj4SBglfrwgYwHoAH34pu0KMgBAqgDAcgDyQSqBMsBT9DiUsiEc-PeYd0GaCtWNjDcCQm-YJz5BmkywBfNyXUJWbfrWylW6Bmdkc6xLGKBLgx4yLWtP2-vAKt2U9l_NayFXwsoQJ6Ihapi5DyneHVksup-EEBUatkFnbNAzBNWBO53RMg92jp61O7KGdL-Fm2FJsz5418KT3aeuhBF0Z8vRmrrV4Ij8AljPEppprUW90NSF0aJLG5mtQ_Eh6yteARt05qxRHxiLIGZPm2gSPZ415_tfLVmpWO4at6U4FjcooB3fRQic81EQNzABPCi3qmiBIgFnc2AjkSSBQQIBBgBkgUECAUYBKAGAoAH95rskwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDKiQjSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WP-w6p2-3YMDmgk9aHR0cHM6Ly9mcmVlLndlYmNvbXBhbmlvbi5jb20vbWluaW1lL2RlLz9jYW1wYWlnbj0xODI4Mjk4MTAyMYAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi02NzMzNzQ5OTMzNTA4NDM2GAA&sigh=jRofEoaVv3g&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_f9eqN-C6nWYrr6u6ZaSjWv6HtWoR6bHHYgRn2ddtZnSFfEJ4gBga7ekVH9LS8GQrEK-ZwWamrLSMFScWWn1w9Zj_eHP7zQvrjbMYAQ&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212041135024246052753%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2201-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225027365832507785201%22}&andc=true
Request Chain 111
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 112
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 113
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGSdHI-rJaDESNXFHG2i_o&google_cver=1
Request Chain 114
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaQk4tNXbRIGy3T86aZLmQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGSdHI-rJaDESNXFHG2i_o&google_cver=1
Request Chain 115
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKzy2A6LIcpzPSQHcrQ06b0&google_cver=1
Request Chain 116
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU2NzI5Njc2MzI5MDg3OTE4MA%3D%3D
Request Chain 136
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIqxEAPM2cVey_q7CB9rHTs&google_cver=1
Request Chain 138
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESECzVYFaDPjFjFQhLkhmmz5c&google_cver=1
Request Chain 151
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIqxEAPM2cVey_q7CB9rHTs&google_cver=1
Request Chain 153
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESECzVYFaDPjFjFQhLkhmmz5c&google_cver=1
Request Chain 157
  • https://gcdn.2mdn.net/videoplayback/id/e83bf8e7db06f43f/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736792162/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/ABE115C77A2121CA2B8D936A9BEBC4FFCCE5284C.5ACC1B1EF91A724831C9984E6E2DE37A02C90226/key/ck2/file/file.mp4 HTTP 302
  • https://r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/e83bf8e7db06f43f/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736792162/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4FD58F20CD5C085D811F56C14A50566C5B492F98.7F938767DB28782671C9DF53085510DF68C4017A/key/cms1/cms_redirect/yes/mh/M0/mip/2a01:4a0:1338:92::9/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1705255568/mv/u/mvi/5/pl/29/file/file.mp4
Request Chain 174
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENKHNzLKN071U38SD5W7J-Y&google_cver=1&google_push=AXcoOmQhM91LaweQDa5_cyl-i127oiUHsAArsGxCb79VKNnHY4JyMQ49rzaQyGrMwZT-SH5LDtWNfpKS2HVCVf96tP65oJsutVJcVM0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENKHNzLKN071U38SD5W7J-Y&google_cver=1&google_push=AXcoOmQhM91LaweQDa5_cyl-i127oiUHsAArsGxCb79VKNnHY4JyMQ49rzaQyGrMwZT-SH5LDtWNfpKS2HVCVf96tP65oJsutVJcVM0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dklhcmlKcFExUnA1MUY1&google_gid=CAESENKHNzLKN071U38SD5W7J-Y&google_cver=1&google_push=AXcoOmQhM91LaweQDa5_cyl-i127oiUHsAArsGxCb79VKNnHY4JyMQ49rzaQyGrMwZT-SH5LDtWNfpKS2HVCVf96tP65oJsutVJcVM0
Request Chain 175
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGggTWfYnkXNraKpGtqqP0A&google_cver=1&google_push=AXcoOmQybW1ZXmjTkj7zS1fgspVNM07OEW17BHViRTcaGe_Ark8xS5w5T3DD44VNNxb-8Jqu4Gt3voojH2M0YWis8ZePT-XU8Tw8zqI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNDAxOTQ1MTM4OTg2ODE3Mw%3D%3D&google_push=AXcoOmQybW1ZXmjTkj7zS1fgspVNM07OEW17BHViRTcaGe_Ark8xS5w5T3DD44VNNxb-8Jqu4Gt3voojH2M0YWis8ZePT-XU8Tw8zqI
Request Chain 177
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEH2-B8xDW-Kz-sgBVU2TM5w&google_cver=1&google_push=AXcoOmQPEm_g_t66qi8mGiH1113mHrcn4s2jTHFCwlGI4Pg7AeI-I3fQC6Q80DGkrAFT3Sg1RtcFBeM_PDNLCIdVcqF_4xkNTpurs40 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQPEm_g_t66qi8mGiH1113mHrcn4s2jTHFCwlGI4Pg7AeI-I3fQC6Q80DGkrAFT3Sg1RtcFBeM_PDNLCIdVcqF_4xkNTpurs40
Request Chain 179
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBACmIB_CXsbvr2Qd3FEGwo&google_cver=1&google_push=AXcoOmRDJVbyvRiWh5y_yljnHXa9uo_SRUjBNZatmUipApteHvo-i2FQsQZQFQzpv3cnA-jemOUHNEy4V2Uf5ZEwzjlYH5uAGRJh8S0u HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRDJVbyvRiWh5y_yljnHXa9uo_SRUjBNZatmUipApteHvo-i2FQsQZQFQzpv3cnA-jemOUHNEy4V2Uf5ZEwzjlYH5uAGRJh8S0u HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 200
  • https://hal90005.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=6c236eb702&subid=&uid=94eb1722cd5ff90c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDyUz4iSkZajVDvycs8IPxPiByAym5b2gaYWVnKfJD_AuEAEgtOPhIGCV-vCBjAfIAQmpApxeTIt2X7I-qAMByAObBKoE7QFP0Dsvck8tgO_ccsQLcH-x3eSzDicwKYuPGCF9WjGI8CTB3oav5ndnnY2QaRc9ml-oyoTGKG_7ILPXM055kdB9oCUrs108NTFnVKEZ9LQ2eh14OoiSjnRCcdQtdXmagXTqjDmKL4ikd7hzkQJcYGVvst-dxrwVbY4nyx0_BYOSaDykSacdUmQGYbqzFFbxUrZN5KWYXuwLOGKGKaNxjGPYxfKRd7nOcIRZU3nN1DPiP2SUi6FSLeUDhQPIK6Rh-bgmJ4JUZT3SLPj6W0I_Vqqhrm6xAuFTyI-3vB4Xn3myciERKb7EaxjOF7IS0_7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjdCrnr7dgwOACgGYCwHICwGADAGiDAgqBgoErLqxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_ksZhkVpSmpsik6z0LBa_dao55qDxOUr9dDagFK1wHghqxE0PHDu5jU78aExXlB-xCIwkJxRKtBgB%26sig%3DAOD64_2YHgLraYdsQbK0nnYpqfx-jGFTFg%26client%3Dca-pub-6733749933508436%26dbm_c%3DAKAmf-AlTJ_bh4XMGLOc1mDF1VZV67OnH9TcigqTlZyhPIVV8jAw41glx_OGxpmiapNmuWVd-T5cNa8BkqzvFDNk_MT0APjNO4COmOpuihV87uTk5YqgrqOQlY168elMqlq8GBL305TecPMZG0u6RGl8SKBh3OPBRProAtb3HmVdLKFBESzaPQ8%26cry%3D1%26dbm_d%3DAKAmf-BYkj8HBKo3li_W721C67ykUa5JckPLdFS4DqSbJSPgcB9MTMieJkeuTyPoPzeIVnWTUtyUgpggnD5TFbzaypRvP_6j3AV3LbwYS-a2PdT6tXFxhdHlTmlX01kfM4KcZdG8a0Ez3qEPiklA2ifPQRuw1cpZBm01UtVBviwIdm4ds9lLlp6rF1xgmtv--KYWTy-luBELFrX2rR8xbS42hfcjAYd42ax7PgRq44j8RxdG1TlOxoxvsOg2CYwaB5niS92m7wExUG31pETPMpIFJxV_7wMqLKWxnBHjhoE_SWQ1VzS7QoCLzGY7usRR2DIvXgz7ujFiNU10X85L_p4y_NEpfoc4HS3crvtA8owL_RdQ6N5B8fAiZNS0CDsCgjiascy0Xm_JvKhaX1kkl6MGeS-kvj4a5-dA2feJsXOcn-zOVKTq_zUcvhiw3gEX9aDWgn8bOk0_7uC_g4xAZEMzwTkXCUQgcTzGRqjZPTO1XLJ9vkZMb-gKu0PyP_bTRAYAGkImHmVbdO4mg3SHoK9unKwZuzro6rAGQ6Fw0wThUvL47ocSLOTrX3u5WUaUtWomrmc9UWsK%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6733749933508436%26output%3Dhtml%26h%3D90%26adk%3D2743202993%26adf%3D54630664%26pi%3Dt.aa~a.1182920990~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1705256162%26rafmt%3D1%26to%3Dqs%26pwprc%3D7020666917%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fwww.drawturk.com%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705256162041%26bpp%3D1%26bdt%3D1738%26idt%3D0%26shv%3Dr20240109%26mjsv%3Dm202401080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dae7c977102fab147%253AT%253D1705256161%253ART%253D1705256161%253AS%253DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw%26gpic%3DUID%253D00000d4180fa3c8a%253AT%253D1705256161%253ART%253D1705256161%253AS%253DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA%26prev_fmts%3D1140x280%252C1140x280%252C0x0%252C1140x90%26nras%3D3%26correlator%3D1487000310486%26frm%3D20%26pv%3D1%26ga_vid%3D1196123050.1705256161%26ga_sid%3D1705256161%26ga_hid%3D2056863352%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D2763%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C95320239%252C31079965%252C44807406%252C95321957%252C95320870%252C95320893%252C95321626%26oid%3D2%26psts%3DAOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%252CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma%26pvsid%3D3654893573096511%26tmod%3D885729798%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26dtd%3D8&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.drawturk.com&random=984957035754&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90005.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=6c236eb702&subid=&uid=94eb1722cd5ff90c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDyUz4iSkZajVDvycs8IPxPiByAym5b2gaYWVnKfJD_AuEAEgtOPhIGCV-vCBjAfIAQmpApxeTIt2X7I-qAMByAObBKoE7QFP0Dsvck8tgO_ccsQLcH-x3eSzDicwKYuPGCF9WjGI8CTB3oav5ndnnY2QaRc9ml-oyoTGKG_7ILPXM055kdB9oCUrs108NTFnVKEZ9LQ2eh14OoiSjnRCcdQtdXmagXTqjDmKL4ikd7hzkQJcYGVvst-dxrwVbY4nyx0_BYOSaDykSacdUmQGYbqzFFbxUrZN5KWYXuwLOGKGKaNxjGPYxfKRd7nOcIRZU3nN1DPiP2SUi6FSLeUDhQPIK6Rh-bgmJ4JUZT3SLPj6W0I_Vqqhrm6xAuFTyI-3vB4Xn3myciERKb7EaxjOF7IS0_7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjdCrnr7dgwOACgGYCwHICwGADAGiDAgqBgoErLqxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_ksZhkVpSmpsik6z0LBa_dao55qDxOUr9dDagFK1wHghqxE0PHDu5jU78aExXlB-xCIwkJxRKtBgB%26sig%3DAOD64_2YHgLraYdsQbK0nnYpqfx-jGFTFg%26client%3Dca-pub-6733749933508436%26dbm_c%3DAKAmf-AlTJ_bh4XMGLOc1mDF1VZV67OnH9TcigqTlZyhPIVV8jAw41glx_OGxpmiapNmuWVd-T5cNa8BkqzvFDNk_MT0APjNO4COmOpuihV87uTk5YqgrqOQlY168elMqlq8GBL305TecPMZG0u6RGl8SKBh3OPBRProAtb3HmVdLKFBESzaPQ8%26cry%3D1%26dbm_d%3DAKAmf-BYkj8HBKo3li_W721C67ykUa5JckPLdFS4DqSbJSPgcB9MTMieJkeuTyPoPzeIVnWTUtyUgpggnD5TFbzaypRvP_6j3AV3LbwYS-a2PdT6tXFxhdHlTmlX01kfM4KcZdG8a0Ez3qEPiklA2ifPQRuw1cpZBm01UtVBviwIdm4ds9lLlp6rF1xgmtv--KYWTy-luBELFrX2rR8xbS42hfcjAYd42ax7PgRq44j8RxdG1TlOxoxvsOg2CYwaB5niS92m7wExUG31pETPMpIFJxV_7wMqLKWxnBHjhoE_SWQ1VzS7QoCLzGY7usRR2DIvXgz7ujFiNU10X85L_p4y_NEpfoc4HS3crvtA8owL_RdQ6N5B8fAiZNS0CDsCgjiascy0Xm_JvKhaX1kkl6MGeS-kvj4a5-dA2feJsXOcn-zOVKTq_zUcvhiw3gEX9aDWgn8bOk0_7uC_g4xAZEMzwTkXCUQgcTzGRqjZPTO1XLJ9vkZMb-gKu0PyP_bTRAYAGkImHmVbdO4mg3SHoK9unKwZuzro6rAGQ6Fw0wThUvL47ocSLOTrX3u5WUaUtWomrmc9UWsK%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6733749933508436%26output%3Dhtml%26h%3D90%26adk%3D2743202993%26adf%3D54630664%26pi%3Dt.aa~a.1182920990~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1705256162%26rafmt%3D1%26to%3Dqs%26pwprc%3D7020666917%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fwww.drawturk.com%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705256162041%26bpp%3D1%26bdt%3D1738%26idt%3D0%26shv%3Dr20240109%26mjsv%3Dm202401080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dae7c977102fab147%253AT%253D1705256161%253ART%253D1705256161%253AS%253DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw%26gpic%3DUID%253D00000d4180fa3c8a%253AT%253D1705256161%253ART%253D1705256161%253AS%253DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA%26prev_fmts%3D1140x280%252C1140x280%252C0x0%252C1140x90%26nras%3D3%26correlator%3D1487000310486%26frm%3D20%26pv%3D1%26ga_vid%3D1196123050.1705256161%26ga_sid%3D1705256161%26ga_hid%3D2056863352%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D2763%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C95320239%252C31079965%252C44807406%252C95321957%252C95320870%252C95320893%252C95321626%26oid%3D2%26psts%3DAOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%252CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma%26pvsid%3D3654893573096511%26tmod%3D885729798%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26dtd%3D8&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.drawturk.com&random=984957035754&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 208
  • https://ad.doubleclick.net/ddm/trackimpj/N5788.456584WPPXAXISLLC/B31192665.384682164;dc_trk_aid=575330678;dc_trk_cid=206909196;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimpj/N5788.456584WPPXAXISLLC/B31192665.384682164;dc_pre=CJqX_p6-3YMDFVnsEQgdrlYPDA;dc_trk_aid=575330678;dc_trk_cid=206909196;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1
Request Chain 217
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4434435397794.641 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CImkjZ--3YMDFRTLOwIdhuoDAw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4434435397794.641
Request Chain 219
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=36318900125401704444550012569005&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=36318900125401704444550012569005&t=htlp&gdpr=1&consent=1&gdpr_consent=
Request Chain 223
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENn-t_LgSAMKF2kEcVCyQhU&google_cver=1&google_push=AXcoOmTwsJGmOuWXvCLS-M781iroo93h1Q7psLp_CSV-Yl7k16sxCi-NP93auCVH8_eEUGK-BN_6SwoXRzg9QyyvA90_b-75K8bRdIo HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTwsJGmOuWXvCLS-M781iroo93h1Q7psLp_CSV-Yl7k16sxCi-NP93auCVH8_eEUGK-BN_6SwoXRzg9QyyvA90_b-75K8bRdIo&google_hm=oyxCf9QxL76KeTWS5Fv_RA
Request Chain 225
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEWT_WzFFfvaBj-3ZacgcZM&google_cver=1&google_push=AXcoOmRqRUo5v6uwzc9tV5rGcSRA1RBDgsBZjXCaA7H8jvtsuEQMWr44Fw7TKfx3gszv0EJbkxjTlAHdwkoUr7iIiQzzKQvUB5RFbgM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEWT_WzFFfvaBj-3ZacgcZM&google_push=AXcoOmRqRUo5v6uwzc9tV5rGcSRA1RBDgsBZjXCaA7H8jvtsuEQMWr44Fw7TKfx3gszv0EJbkxjTlAHdwkoUr7iIiQzzKQvUB5RFbgM
Request Chain 228
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDUA4KWxjBQ-5lwNT_Q36Mo&google_cver=1&google_push=AXcoOmTlXxVP1xjhDe4McrXvwliaZZUBoPnWQIDMOzRE6FfgzyrdJJ_xCOwGZ1MsGOjiJHqVD05BWFQnIGBNvzLUQis8uqpTE26mbg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDUA4KWxjBQ-5lwNT_Q36Mo&google_cver=1&google_push=AXcoOmTlXxVP1xjhDe4McrXvwliaZZUBoPnWQIDMOzRE6FfgzyrdJJ_xCOwGZ1MsGOjiJHqVD05BWFQnIGBNvzLUQis8uqpTE26mbg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQxMDcyODI3MjIwMzIzMDg5NA&google_push=AXcoOmTlXxVP1xjhDe4McrXvwliaZZUBoPnWQIDMOzRE6FfgzyrdJJ_xCOwGZ1MsGOjiJHqVD05BWFQnIGBNvzLUQis8uqpTE26mbg
Request Chain 229
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBACmIB_CXsbvr2Qd3FEGwo&google_cver=1&google_push=AXcoOmRrgFwgXX2IM7t6_fNjVJc4l3dsPNebXFXbMAf915bC5hK4C6r9DSB74Am7tV8QWBUoJfwI1_g1YIQWpHWk4lbfOaO-BfqiIy5W HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRrgFwgXX2IM7t6_fNjVJc4l3dsPNebXFXbMAf915bC5hK4C6r9DSB74Am7tV8QWBUoJfwI1_g1YIQWpHWk4lbfOaO-BfqiIy5W HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

251 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.drawturk.com/
Redirect Chain
  • http://www.drawturk.com/
  • https://www.drawturk.com/
15 KB
5 KB
Document
General
Full URL
https://www.drawturk.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.169.159 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.169.90.157.clients.your-server.de
Software
Microsoft-IIS/10.0 /
Resource Hash
6aa5e846d23f4b88dce1e44f898f83cfcaef44d21e162fa59d00bd557a77ae37

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
5036
content-type
text/html; charset=UTF-8
date
Sun, 14 Jan 2024 18:15:59 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Microsoft-IIS/10.0
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
148
Content-Type
text/html; charset=UTF-8
Date
Sun, 14 Jan 2024 18:15:59 GMT
Location
https://www.drawturk.com/
Server
Microsoft-IIS/10.0
css
fonts.googleapis.com/
27 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8084d84c1e675edb5f7bc65fbe327170d9eecc3613c2d050b4393d28997c96d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Jan 2024 18:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 18:16:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Jan 2024 18:16:00 GMT
43b829ed5628c49d9df97ab8ae0569ad~color.css
www.drawturk.com/compiled/
272 KB
94 KB
Stylesheet
General
Full URL
https://www.drawturk.com/compiled/43b829ed5628c49d9df97ab8ae0569ad~color.css
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.169.159 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.169.90.157.clients.your-server.de
Software
Microsoft-IIS/10.0 /
Resource Hash
a3091c06f9445e294372ee472a18e5aa16a2186dc95c407d24c63eafe8c552a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:15:59 GMT
content-encoding
gzip
last-modified
Fri, 25 Sep 2020 09:28:40 GMT
server
Microsoft-IIS/10.0
etag
"88b2a411e93d61:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
jquery.min.js
www.drawturk.com/themes/metrostyle/js/
82 KB
37 KB
Script
General
Full URL
https://www.drawturk.com/themes/metrostyle/js/jquery.min.js
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.169.159 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.169.90.157.clients.your-server.de
Software
Microsoft-IIS/10.0 /
Resource Hash
0108cf57a5359cdecc80699650b912a11731d0aeaec300d884a9d658ed96b295

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:15:59 GMT
content-encoding
gzip
last-modified
Wed, 08 Aug 2018 10:34:26 GMT
server
Microsoft-IIS/10.0
etag
"06596132fd41:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
37728
jquery-ui.js
www.drawturk.com/themes/metrostyle/js/
296 KB
97 KB
Script
General
Full URL
https://www.drawturk.com/themes/metrostyle/js/jquery-ui.js
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.169.159 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.169.90.157.clients.your-server.de
Software
Microsoft-IIS/10.0 /
Resource Hash
4c78e1910b29cebe5737b75ea7b6ad5f246b066db2eecbcbd3de6d2babe58a2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:15:59 GMT
content-encoding
gzip
last-modified
Wed, 08 Aug 2018 10:34:26 GMT
server
Microsoft-IIS/10.0
etag
"06596132fd41:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
js
www.googletagmanager.com/gtag/
188 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-112310332-1
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cd44cfa296f2ec55829fd313e521becc2bd085e1a04355ea3ef56f211d491f92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69656
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 14 Jan 2024 18:16:00 GMT
site-logo-alt-tr.png
www.drawturk.com/themes/metrostyle/files/
16 KB
16 KB
Image
General
Full URL
https://www.drawturk.com/themes/metrostyle/files/site-logo-alt-tr.png
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.169.159 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.169.90.157.clients.your-server.de
Software
Microsoft-IIS/10.0 /
Resource Hash
4eab0927d5cdc1d3174017856713e001fc5b1a97d5dd2c4ce8d7317bf26acbcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:15:59 GMT
last-modified
Fri, 05 Jan 2018 17:44:26 GMT
server
Microsoft-IIS/10.0
etag
"0b938d44c86d31:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
16697
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
149 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc2cd62155a90e293c098df8c97d2c72f1e419c4d77906161ceaeee8009574e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51496
x-xss-protection
0
server
cafe
etag
12607537209896845331
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 14 Jan 2024 18:16:00 GMT
katibem.png
www.drawturk.com/files/2018/11/
4 KB
5 KB
Image
General
Full URL
https://www.drawturk.com/files/2018/11/katibem.png
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.169.159 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.169.90.157.clients.your-server.de
Software
Microsoft-IIS/10.0 /
Resource Hash
c05875c2b14dc0a7503bb8296337721f16fb889636fe8216cb09e6a586d8db5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:15:59 GMT
last-modified
Thu, 22 Nov 2018 10:22:26 GMT
server
Microsoft-IIS/10.0
etag
"09dab434d82d41:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
4552
entranet.png
www.drawturk.com/files/2018/11/
3 KB
3 KB
Image
General
Full URL
https://www.drawturk.com/files/2018/11/entranet.png
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.169.159 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.169.90.157.clients.your-server.de
Software
Microsoft-IIS/10.0 /
Resource Hash
3a0b5981e09f4d04a06ac037b9c9517e5251a4d40d60f09000b47bfc9d7cfe58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:15:59 GMT
last-modified
Thu, 22 Nov 2018 10:23:10 GMT
server
Microsoft-IIS/10.0
etag
"07be55d4d82d41:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
3075
verisay.png
www.drawturk.com/files/2019/01/
20 KB
20 KB
Image
General
Full URL
https://www.drawturk.com/files/2019/01/verisay.png
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.169.159 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.169.90.157.clients.your-server.de
Software
Microsoft-IIS/10.0 /
Resource Hash
717f924e3ff14c563108841492836bcf45408b81d6e025a7f77afea99d82e45b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:15:59 GMT
last-modified
Mon, 14 Jan 2019 08:33:36 GMT
server
Microsoft-IIS/10.0
etag
"07061d7e3abd41:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
20584
30cf76b22ca2d25d48a0dea0f56c403d.js
www.drawturk.com/compiled/
450 KB
147 KB
Script
General
Full URL
https://www.drawturk.com/compiled/30cf76b22ca2d25d48a0dea0f56c403d.js
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.169.159 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.169.90.157.clients.your-server.de
Software
Microsoft-IIS/10.0 /
Resource Hash
f1548b81b347bc3e28b2f06737c29f5c8cec8a45308e231b7ea893605bc76aaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:15:59 GMT
content-encoding
gzip
last-modified
Tue, 30 Apr 2019 23:27:19 GMT
server
Microsoft-IIS/10.0
etag
"d4265641acffd41:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
bg-image.jpg
www.drawturk.com/themes/metrostyle/objects/a87-v1-metrostyle-r2/
40 KB
40 KB
Image
General
Full URL
https://www.drawturk.com/themes/metrostyle/objects/a87-v1-metrostyle-r2/bg-image.jpg
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/compiled/43b829ed5628c49d9df97ab8ae0569ad~color.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.169.159 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.169.90.157.clients.your-server.de
Software
Microsoft-IIS/10.0 /
Resource Hash
e1c9b5037eac316540c758b601423db9e317382c1e10486794680d70df50d1b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/compiled/43b829ed5628c49d9df97ab8ae0569ad~color.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:15:59 GMT
last-modified
Tue, 27 Nov 2018 11:53:50 GMT
server
Microsoft-IIS/10.0
etag
"05b74dc4786d41:0"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
40757
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.drawturk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:05:18 GMT
x-content-type-options
nosniff
age
195042
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 12:05:18 GMT
fontawesome-webfont.woff2
www.drawturk.com/themes/metrostyle/objects/h2-v1-metrostyle-r2/
63 KB
63 KB
Font
General
Full URL
https://www.drawturk.com/themes/metrostyle/objects/h2-v1-metrostyle-r2/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/compiled/43b829ed5628c49d9df97ab8ae0569ad~color.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.169.159 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.169.90.157.clients.your-server.de
Software
Microsoft-IIS/10.0 /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer
https://www.drawturk.com/compiled/43b829ed5628c49d9df97ab8ae0569ad~color.css
Origin
https://www.drawturk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:15:59 GMT
last-modified
Sat, 10 Sep 2016 10:03:28 GMT
server
Microsoft-IIS/10.0
etag
"058a9934abd21:0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
64464
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/
35 KB
35 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.drawturk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:10:14 GMT
x-content-type-options
nosniff
age
194746
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35328
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 12:10:14 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/
402 KB
136 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6733749933508436&plah=www.drawturk.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f365771e708b9a96faec914d6a8aacd7f0dc4d82a37355614cbd8174a94544b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139388
x-xss-protection
0
server
cafe
etag
16933820827014883544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 14 Jan 2024 18:16:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 32F6
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.drawturk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
77748
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 20:40:12 GMT
etag
9219409622527106327
expires
Sat, 27 Jan 2024 20:40:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/
219 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y9LK9B4WJB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-112310332-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4f4bed4024c82d2eaa312ee16fade3e9d4c909a4109af742ee16cd827736a611
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79890
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 14 Jan 2024 18:16:00 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-112310332-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 14 Jan 2024 17:48:13 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1668
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 14 Jan 2024 19:48:13 GMT
collect
region1.google-analytics.com/g/
0
255 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Y9LK9B4WJB&gtm=45je41a0v9108721086&_p=1705256160487&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1196123050.1705256161&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1705256160&sct=1&seg=0&dl=https%3A%2F%2Fwww.drawturk.com%2F&dt=DrawTurk%20-%20Autocad%2C%203ds%20Max%2C%20SolidWorks%20Dersleri%20ve%20Teknik%20Resim%20%C3%87izimleri&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1201
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y9LK9B4WJB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.drawturk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 29BC
120 KB
40 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=7014827733&adk=4182805533&adf=884890725&pi=t.ma~as.7014827733&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160749&bpp=3&bdt=445&idt=209&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=1487000310486&frm=20&pv=2&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=220
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6733749933508436&plah=www.drawturk.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc9729d15239e93bcfb65f49a6de63555759e68f89aa473db7049a828931f604
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.drawturk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
41151
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 18:16:01 GMT
expires
Sun, 14 Jan 2024 18:16:01 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B028
135 KB
42 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=3094219431&adk=2631105463&adf=3797023803&pi=t.ma~as.3094219431&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160753&bpp=1&bdt=449&idt=227&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=228
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6733749933508436&plah=www.drawturk.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efa92cc29f47561729eadd95b9de2f36356a18d3c4efb8379f10e5bb4966f1b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.drawturk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
43098
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 18:16:01 GMT
expires
Sun, 14 Jan 2024 18:16:01 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0498
603 KB
140 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&adk=1812271804&adf=3025194257&lmt=1705256160&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160765&bpp=3&bdt=461&idt=219&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C1140x280&nras=1&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=226
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6733749933508436&plah=www.drawturk.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b481eec16f993009a96642906f09c67070550d9b33b0de6584e4bd09d0af3cf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.drawturk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
143192
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 18:16:01 GMT
expires
Sun, 14 Jan 2024 18:16:01 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/
1 B
207 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2056863352&t=pageview&_s=1&dl=https%3A%2F%2Fwww.drawturk.com%2F&ul=en-us&de=UTF-8&dt=DrawTurk%20-%20Autocad%2C%203ds%20Max%2C%20SolidWorks%20Dersleri%20ve%20Teknik%20Resim%20%C3%87izimleri&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=261508258&gjid=1002193868&cid=1196123050.1705256161&tid=UA-112310332-1&_gid=1517017342.1705256161&_r=1&gtm=457e41a0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=711241851
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.drawturk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.drawturk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 29BC
4 KB
751 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=7014827733&adk=4182805533&adf=884890725&pi=t.ma~as.7014827733&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160749&bpp=3&bdt=445&idt=209&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=1487000310486&frm=20&pv=2&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Jan 2024 18:16:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 17:25:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Jan 2024 18:16:01 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/3070567618874066132/ Frame 29BC
9 KB
9 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3070567618874066132/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=7014827733&adk=4182805533&adf=884890725&pi=t.ma~as.7014827733&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160749&bpp=3&bdt=445&idt=209&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=1487000310486&frm=20&pv=2&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd377053753bd453c477132c25fe540dcfd7618b7bca2886ee5f73eb0c1861cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Tue, 07 Jan 2025 19:57:09 GMT
date
Mon, 08 Jan 2024 19:57:09 GMT
x-content-type-options
nosniff
age
512332
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9315
x-xss-protection
0
last-modified
Fri, 07 Apr 2023 21:05:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 29BC
2 KB
903 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=7014827733&adk=4182805533&adf=884890725&pi=t.ma~as.7014827733&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160749&bpp=3&bdt=445&idt=209&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=1487000310486&frm=20&pv=2&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:28:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
74858
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 21:28:23 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/5162446914575444316/ Frame 29BC
1 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/5162446914575444316/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=7014827733&adk=4182805533&adf=884890725&pi=t.ma~as.7014827733&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160749&bpp=3&bdt=445&idt=209&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=1487000310486&frm=20&pv=2&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
940d6bc6f7597bc747a80fa5a259e2380695c9cdb5da067a7d742f60bbb3a8aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 12:05:29 GMT
date
Fri, 12 Jan 2024 12:05:29 GMT
x-content-type-options
nosniff
age
195032
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1479
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 13:42:12 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 29BC
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=7014827733&adk=4182805533&adf=884890725&pi=t.ma~as.7014827733&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160749&bpp=3&bdt=445&idt=209&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=1487000310486&frm=20&pv=2&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 11:25:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
24613
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 11:25:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 29BC
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=7014827733&adk=4182805533&adf=884890725&pi=t.ma~as.7014827733&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160749&bpp=3&bdt=445&idt=209&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=1487000310486&frm=20&pv=2&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:19:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
6979
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 16:19:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 29BC
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=7014827733&adk=4182805533&adf=884890725&pi=t.ma~as.7014827733&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160749&bpp=3&bdt=445&idt=209&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=1487000310486&frm=20&pv=2&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
82550
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 19:20:11 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 29BC
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=7014827733&adk=4182805533&adf=884890725&pi=t.ma~as.7014827733&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160749&bpp=3&bdt=445&idt=209&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=1487000310486&frm=20&pv=2&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jan 2024 18:16:01 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame 29BC
37 KB
16 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=7014827733&adk=4182805533&adf=884890725&pi=t.ma~as.7014827733&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160749&bpp=3&bdt=445&idt=209&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=1487000310486&frm=20&pv=2&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:24:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125474
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 04:29:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 12 Apr 2024 07:24:47 GMT
truncated
/ Frame 29BC
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29a0fbef761d990d77e8ee78b3266e9948b656fab243be3543f6b667370d4e5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 29BC
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 17:31:59 GMT
x-content-type-options
nosniff
age
175442
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 17:31:59 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 29BC
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:11:03 GMT
x-content-type-options
nosniff
age
137098
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jan 2025 04:11:03 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 29BC
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CQ1Y94SSkZZeSAZu878EPr8-eyAzG25_Zcuj5hJi3EuP1-sGQDhABILTj4SBglfrwgYwHoAHzpdeGA8gBCagDAcgDywSqBNYBT9DDVJmg6dBnn_e-ZMIVE7R96RqzMxRwf7e14Q8NQ3DAGQU...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211265377656042077662%22,%22debug_reporting%22:true,%22destination%22:%22https://getconvertpdf.com%22,%22event_report_windo...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211265377656042077662%22,%22debug_reporting%22:true,%22destination%22:%22https://getconvertpdf.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22819319539%22],%2222%22:[%22true%22],%224%22:[%2201-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222790654267417658769%22}&andc=true
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"11265377656042077662","debug_reporting":true,"destination":"https://getconvertpdf.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["819319539"],"22":["true"],"4":["01-14"],"6":["true"]},"priority":"500","source_event_id":"2790654267417658769"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 14 Jan 2024 18:16:02 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 14 Jan 2024 18:16:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11265377656042077662","debug_reporting":true,"destination":"https://getconvertpdf.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["819319539"],"22":["true"],"4":["01-14"],"6":["true"]},"priority":"500","source_event_id":"2790654267417658769"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
pagead2.googlesyndication.com/bg/ Frame 157A
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=7014827733&adk=4182805533&adf=884890725&pi=t.ma~as.7014827733&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160749&bpp=3&bdt=445&idt=209&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=1487000310486&frm=20&pv=2&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:33:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
186172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19695
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 14:33:09 GMT
148742464806174268
tpc.googlesyndication.com/simgad/ Frame B028
18 KB
18 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/148742464806174268?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnNnQgcSmGSEKCUC5zdqT6lGRhJ_g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=3094219431&adk=2631105463&adf=3797023803&pi=t.ma~as.3094219431&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160753&bpp=1&bdt=449&idt=227&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=228
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79e2f319a4307b8efa970936f6bf86a8236c2de2cb980c5950ed65b48a28c18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 06:46:19 GMT
x-content-type-options
nosniff
age
473382
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18245
x-xss-protection
0
last-modified
Tue, 18 Jul 2023 17:40:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 08 Jan 2025 06:46:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame B028
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=3094219431&adk=2631105463&adf=3797023803&pi=t.ma~as.3094219431&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160753&bpp=1&bdt=449&idt=227&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=228
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 11:25:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
24613
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 11:25:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame B028
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=3094219431&adk=2631105463&adf=3797023803&pi=t.ma~as.3094219431&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160753&bpp=1&bdt=449&idt=227&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=228
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:19:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
6979
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 16:19:42 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame B028
67 B
196 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=3094219431&adk=2631105463&adf=3797023803&pi=t.ma~as.3094219431&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160753&bpp=1&bdt=449&idt=227&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=228
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 04:10:08 GMT
x-content-type-options
nosniff
server
cafe
age
50753
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67
x-xss-protection
0
expires
Mon, 15 Jan 2024 04:10:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame B028
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=3094219431&adk=2631105463&adf=3797023803&pi=t.ma~as.3094219431&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160753&bpp=1&bdt=449&idt=227&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=228
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
82550
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 19:20:11 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B028
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=3094219431&adk=2631105463&adf=3797023803&pi=t.ma~as.3094219431&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160753&bpp=1&bdt=449&idt=227&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=228
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jan 2024 18:16:02 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame B028
36 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=3094219431&adk=2631105463&adf=3797023803&pi=t.ma~as.3094219431&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160753&bpp=1&bdt=449&idt=227&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=228
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e84408aa66b9c10dd6e2d630f717b4b4f03345cd77fc5360f4ccba99ce1fa74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 23:21:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
68054
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14790
x-xss-protection
0
server
cafe
etag
14910708302111541132
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 23:21:47 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame A6DA
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=3094219431&adk=2631105463&adf=3797023803&pi=t.ma~as.3094219431&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160753&bpp=1&bdt=449&idt=227&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=228
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=3094219431&adk=2631105463&adf=3797023803&pi=t.ma~as.3094219431&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160753&bpp=1&bdt=449&idt=227&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=228
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2260
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 17:38:21 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame A6DA
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=3094219431&adk=2631105463&adf=3797023803&pi=t.ma~as.3094219431&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160753&bpp=1&bdt=449&idt=227&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=228
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 18:16:02 GMT
expires
Sun, 14 Jan 2024 18:16:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 18:16:02 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211265377656042077662%22,%22debug_reporting%22:true,%22destination%22:%22https://getconvertpdf.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22819319539%22],%2222%22:[%22true%22],%224%22:[%2201-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222790654267417658769%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 14 Jan 2024 18:16:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B028
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8ed731f4a7fd588bdabed763f6ba427ab337a0452f7432c9440c0147cdec06d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/
162 KB
55 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6733749933508436&plah=www.drawturk.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b357c2876a6308f81bf921f86ad10f957cd9a1c57db3ce4d3e92bc318d82ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56403
x-xss-protection
0
server
cafe
etag
967934407519791680
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Jan 2024 18:16:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=4114091312791932&num=0&dvc=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=4114091312791932&num=1&dvc=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=4114091312791932&num=2&dvc=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=4114091312791932&num=3&dvc=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=4114091312791932&num=4&dvc=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=4114091312791932&num=5&dvc=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=4114091312791932&num=6&dvc=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=4114091312791932&num=7&dvc=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=4114091312791932&num=8&dvc=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=4114091312791932&num=9&dvc=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2513984043638171&num=0&dvc=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2513984043638171&num=1&dvc=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 07B8
28 KB
12 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2944680930&adf=3797023803&pi=t.aa~a.1278048309~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1140x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1737&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0&nras=2&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6733749933508436&plah=www.drawturk.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2e37edead715eed23104c46e7a17fab37b2d5546c7946033ed77af9ac972d7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.drawturk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
12532
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 18:16:02 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame ED54
31 KB
13 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6733749933508436&plah=www.drawturk.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e658039ec2c92e05b1f16ed7a5e958979fbe600797fe259dfea9c96aaf1434f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.drawturk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
13422
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 18:16:02 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=2&wpc=ca-pub-6733749933508436&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=true&reatf=true&a=6%2C1%2C5%2C7&apv=20240110_093526&sat=1705250116770&afm=0&as_count=2&d_count=0&ng_count=0&am_count=2&atf_count=1&mdns=0.200&alldns=0.263&allp=38&fd=(0%2C28%2C10)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=2863&abl=false&rr=n&su=www.drawturk.com&pvc=3654893573096511&r=0.1&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame B028
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CbcDk4SSkZbHUAY7j78EP9p2IuAvMj86zdMrjnujxEbCQHxABILTj4SBglfrwgYwHoAH34pu0KMgBAqgDAcgDyQSqBMsBT9DiUsiEc-PeYd0GaCtWNjDcCQm-YJz5BmkywBfNyXUJWbfrWyl...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212041135024246052753%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212041135024246052753%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2201-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225027365832507785201%22}&andc=true
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"12041135024246052753","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["01-14"],"6":["true"]},"priority":"500","source_event_id":"5027365832507785201"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 14 Jan 2024 18:16:02 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12041135024246052753","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["01-14"],"6":["true"]},"priority":"500","source_event_id":"5027365832507785201"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame E3AA
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6733749933508436&plah=www.drawturk.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.drawturk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
73668
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 21:48:14 GMT
etag
9219409622527106327
expires
Sat, 27 Jan 2024 21:48:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 2250
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6733749933508436&plah=www.drawturk.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.drawturk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
73668
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 21:48:14 GMT
etag
9219409622527106327
expires
Sat, 27 Jan 2024 21:48:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 7C30
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6733749933508436&plah=www.drawturk.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.drawturk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
73668
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 21:48:14 GMT
etag
9219409622527106327
expires
Sat, 27 Jan 2024 21:48:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 9E97
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6733749933508436&plah=www.drawturk.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.drawturk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
73668
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 21:48:14 GMT
etag
9219409622527106327
expires
Sat, 27 Jan 2024 21:48:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212041135024246052753%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2201-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225027365832507785201%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 14 Jan 2024 18:16:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
pagead2.googlesyndication.com/bg/ Frame E0EB
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=280&slotname=3094219431&adk=2631105463&adf=3797023803&pi=t.ma~as.3094219431&w=1140&fwrn=4&fwrnh=100&lmt=1705256160&rafmt=1&format=1140x280&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256160753&bpp=1&bdt=449&idt=227&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=228
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:33:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
186173
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19695
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 14:33:09 GMT
css2
fonts.googleapis.com/ Frame E3AA
4 KB
671 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Jan 2024 18:16:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 17:32:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Jan 2024 18:16:02 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E3AA
205 B
296 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 13:30:37 GMT
x-content-type-options
nosniff
age
189925
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 11 Jan 2025 13:30:37 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E3AA
604 B
920 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:30:21 GMT
x-content-type-options
nosniff
age
186341
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 11 Jan 2025 14:30:21 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame E3AA
16 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 22:18:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
71840
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6823
x-xss-protection
0
server
cafe
etag
11129212757755515379
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 22:18:42 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame E3AA
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 23:16:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
68362
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9422
x-xss-protection
0
server
cafe
etag
10624764489894593518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 23:16:40 GMT
4b0ef9dfa83525e0607f42119c034d23.js
www.gstatic.com/mysidia/ Frame 2250
9 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 11:37:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4079
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 04:29:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 11 Apr 2024 11:37:47 GMT
67b2cf2770e31c0fa9735c0b8b540980.js
www.gstatic.com/mysidia/ Frame 2250
11 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/67b2cf2770e31c0fa9735c0b8b540980.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 08:26:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121745
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4763
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 19:47:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 12 Apr 2024 08:26:57 GMT
css
fonts.googleapis.com/ Frame 2250
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Jan 2024 18:16:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 17:25:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Jan 2024 18:16:02 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 2250
2 KB
822 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:28:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
74859
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 21:28:23 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 2250
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 11:25:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
24614
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 11:25:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 2250
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:19:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
6980
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 16:19:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 2250
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
82551
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 19:20:11 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2250
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jan 2024 18:16:02 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame 2250
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:24:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 04:29:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 12 Apr 2024 07:24:47 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 015E
624 B
242 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNaySBDBg5DdBRiv28OCAjAB&v=APEucNW78vvV2KtvCz_b2PiNcTF7gyZ1LW-OvLHnrEMpvutH594QKpsFE2UrWaRF37Qwm8IR5v4IRtSmH4NmkKYqLci8fAr-yt7pEfsOEtWCRJ_IAQ_RtUKs2uw_zF6G9r341LXsU7aZr0jAbQ3M3a3FiaarFgkOje7QpFMGM3mvZlvMrKkxmVs
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 18:16:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 1992
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 00:01:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
65681
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 00:01:21 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 1992
7 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 00:01:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
65682
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 00:01:20 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 1992
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 20:07:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
166094
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 20:07:48 GMT
dvbm.js
cdn.doubleverify.com/ Frame 1992
428 KB
103 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbm.js
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9::210:ee04 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
bacfc872da4a0124e86f373d560b9f6c5b7ae8b016fc893e6f5e2c79402ad418

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 18:16:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 Jan 2024 14:35:10 GMT
Server
UploadServer
ETag
"f842e7a3239ba7510c8acd04a6fe1edb"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
104510
Expires
Sun, 14 Jan 2024 18:31:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 1992
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:19:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
6980
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 16:19:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 1992
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
82551
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 19:20:11 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1992
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jan 2024 18:16:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1992
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Br04mB93roqZFv2GKeFrr8EhWOapC2jy1FgrsrbgTlIbUKwZkVHwS7a9gz47NkG1jB21M65psbSnIwQqCOj_FdOD6sW94AYN_L3eOG46RoPsYGMHw
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
11059248721017937240
s0.2mdn.net/simgad/ Frame 1992
78 KB
79 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/11059248721017937240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9aa9bb90479451a51595ed66cda9d1fd72081571ab1e248615f6017264058e33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 15:01:53 GMT
date
Wed, 10 Jan 2024 15:01:53 GMT
x-content-type-options
nosniff
age
357249
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80231
x-xss-protection
0
last-modified
Wed, 27 Dec 2023 12:42:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 9E97
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 11:25:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
24614
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 11:25:48 GMT
css
fonts.googleapis.com/ Frame 9E97
8 KB
750 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Jan 2024 18:16:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 18:04:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Jan 2024 18:16:02 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/ Frame 9E97
15 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:10:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194750
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 21:46:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 12:10:12 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/ Frame 9E97
378 KB
131 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
508fa8c7a48d197b073702b38cd3b7b075b846dcac74fba54140e842ff3c0246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 22:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
331401
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134337
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 21:46:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 22:12:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 9E97
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
82551
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 19:20:11 GMT
css
fonts.googleapis.com/ Frame 225A
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Jan 2024 18:16:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 17:29:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Jan 2024 18:16:02 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 225A
2 KB
822 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:28:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
74859
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 21:28:23 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 225A
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 11:25:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
24614
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 11:25:48 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame CD9D
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2261
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 17:38:21 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 225A
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:19:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
6980
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 16:19:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 225A
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
82551
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 19:20:11 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 225A
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jan 2024 18:16:02 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame 225A
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:24:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 04:29:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 12 Apr 2024 07:24:47 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8325
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2261
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 17:38:21 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 4AEB
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
151512
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 00:10:50 GMT
expires
Sun, 12 Jan 2025 00:10:50 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame CD9D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 18:16:02 GMT
expires
Sun, 14 Jan 2024 18:16:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 18:16:02 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8325
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 18:16:02 GMT
expires
Sun, 14 Jan 2024 18:16:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 18:16:02 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 015E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGSdHI-rJaDESNXFHG2i_o&google_cver=1
43 B
345 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGSdHI-rJaDESNXFHG2i_o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNaySBDBg5DdBRiv28OCAjAB&v=APEucNW78vvV2KtvCz_b2PiNcTF7gyZ1LW-OvLHnrEMpvutH594QKpsFE2UrWaRF37Qwm8IR5v4IRtSmH4NmkKYqLci8fAr-yt7pEfsOEtWCRJ_IAQ_RtUKs2uw_zF6G9r341LXsU7aZr0jAbQ3M3a3FiaarFgkOje7QpFMGM3mvZlvMrKkxmVs
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=soDkqV9nALAE63024vSdkWAR2cM9Wig6wU4s%2F08%2FV5Gfhipc419rLoTOJymA%2BDynU%2BRxFgkFS4JmMeT2K3vi%2B4HZL%2FnPSrbUDDXwZlvshKyz9HWl9vWbq6cZu7Ym0RIHn%2F4uVC%2Fu%2BAb8IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8457de284bf0450a-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGSdHI-rJaDESNXFHG2i_o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 015E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaQk4tNXbRIGy3T86aZLmQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGSdHI-rJaDESNXFHG2i_o&google_cver=1
43 B
769 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGSdHI-rJaDESNXFHG2i_o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNaySBDBg5DdBRiv28OCAjAB&v=APEucNW78vvV2KtvCz_b2PiNcTF7gyZ1LW-OvLHnrEMpvutH594QKpsFE2UrWaRF37Qwm8IR5v4IRtSmH4NmkKYqLci8fAr-yt7pEfsOEtWCRJ_IAQ_RtUKs2uw_zF6G9r341LXsU7aZr0jAbQ3M3a3FiaarFgkOje7QpFMGM3mvZlvMrKkxmVs
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5mxUHK6KuY%2FBJAEI8jgy3uD1vETEA1DcCYAXgHDDGwAwyfSoiAjISjJfQW0KH4FL2sW8p3Me8Edm74TLg11dTDl%2FlTXgvbJ2LBjJrTIt4JimOyZlZu2xXqpARLJ1kW97vN3ULWZ2gF4Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8457de29bdb9451c-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGSdHI-rJaDESNXFHG2i_o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 015E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKzy2A6LIcpzPSQHcrQ06b0&google_cver=1
43 B
1007 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKzy2A6LIcpzPSQHcrQ06b0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNaySBDBg5DdBRiv28OCAjAB&v=APEucNW78vvV2KtvCz_b2PiNcTF7gyZ1LW-OvLHnrEMpvutH594QKpsFE2UrWaRF37Qwm8IR5v4IRtSmH4NmkKYqLci8fAr-yt7pEfsOEtWCRJ_IAQ_RtUKs2uw_zF6G9r341LXsU7aZr0jAbQ3M3a3FiaarFgkOje7QpFMGM3mvZlvMrKkxmVs
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
an-x-request-uuid
7af3380f-8453-4c0e-8035-1bf4b147cadd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.100; 80.255.7.100; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKzy2A6LIcpzPSQHcrQ06b0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 015E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU2NzI5Njc2MzI5MDg3OTE4MA%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU2NzI5Njc2MzI5MDg3OTE4MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNaySBDBg5DdBRiv28OCAjAB&v=APEucNW78vvV2KtvCz_b2PiNcTF7gyZ1LW-OvLHnrEMpvutH594QKpsFE2UrWaRF37Qwm8IR5v4IRtSmH4NmkKYqLci8fAr-yt7pEfsOEtWCRJ_IAQ_RtUKs2uw_zF6G9r341LXsU7aZr0jAbQ3M3a3FiaarFgkOje7QpFMGM3mvZlvMrKkxmVs
Protocol
H2
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
an-x-request-uuid
5ca3e8ba-4a74-4a77-8f43-4f11e7148bb6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU2NzI5Njc2MzI5MDg3OTE4MA%3D%3D
x-proxy-origin
80.255.7.100; 80.255.7.100; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 4AEB
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 16:19:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
93378
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 12 Jan 2025 16:19:44 GMT
visit.js
tps.doubleverify.com/ Frame 1992
748 B
768 B
Script
General
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=1&ttmms=10&ttfrms=12&brid=3&brver=120.0.6099.216&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D5C2HEFC%3C%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D5C2HEFC%3C%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&dfs=12&ddur=205&uid=1705256162480405&jsCallback=dvCallback_1705256162480170&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5230&tgjsver=5230&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&fcifrms=10&brh=2&dvp_epl=244&noc=4&nav_pltfrm=Win32&ctx=31254628&cmp=31192665&sid=1854310&plc=384682146&adsrv=1&advid=13947756&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&mon=1&blk=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=219271000.71344107&ee_dp_sukv=219271000.71344107&dvp_tukv=331358927.3778788&ee_dp_tukv=331358927.3778788&ee_dp_dvtpurl=https%3A%2F%2Fcdn.doubleverify.com%2Fdvbm.js%23ctx%3D31254628%26cmp%3D31192665%26sid%3D1854310%26plc%3D384682146%26advid%3D13947756%26adsrv%3D1%26mon%3D1%26blk%3D0&dvp_strhd=0.3000001907348633&dvpx_strhd=0.3000001907348633&dvp_tuid=1542979637352&jurtd=3028857617
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
198bc92e7a2c0157be3f7fb306340634a91bb6b23546aff9ce0ce13b8ac11e40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 18:16:02 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
01/13/2024 18:16:02
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7C23
640 B
262 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhiwj-GCAjAB&v=APEucNVCakJxlwcNzI0bFeOCSVrn2cZ9nb9l4zpZxJB-sXAgpGW1Vku2DKv-6ijiIX8VEbuS2NQ9yt3iU74Ec-CW-qfHzzatESlL2sv2IYBoikol1j38trTgzfpRml2LIeHwInMwvaGWArqKNGpRNOxu70QJgk5jd4MwBXq98Wqxd356kanJHxY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2944680930&adf=3797023803&pi=t.aa~a.1278048309~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1140x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1737&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0&nras=2&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2944680930&adf=3797023803&pi=t.aa~a.1278048309~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1140x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1737&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0&nras=2&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 18:16:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 96A2
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2944680930&adf=3797023803&pi=t.aa~a.1278048309~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1140x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1737&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0&nras=2&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 14 Jan 2024 18:16:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 96A2
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2944680930&adf=3797023803&pi=t.aa~a.1278048309~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1140x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1737&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0&nras=2&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:19:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
6980
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 16:19:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 96A2
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2944680930&adf=3797023803&pi=t.aa~a.1278048309~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1140x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1737&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0&nras=2&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
82551
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 19:20:11 GMT
l
www.google.com/ads/measurement/ Frame 96A2
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQonPavH9-cx-5TWhok9AJqfygEZO3XzAwITMmxPbO5KDLkrKCMXtSg-FaW1qzwr38-TwjBmEpHPd_yU2tkeiFWUF5ynA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2944680930&adf=3797023803&pi=t.aa~a.1278048309~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1140x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1737&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0&nras=2&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 96A2
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2944680930&adf=3797023803&pi=t.aa~a.1278048309~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1140x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1737&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0&nras=2&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jan 2024 18:16:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 96A2
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BFZzjIuIni2qQM2mBAowO20AZgEdTOo57wdgg3KLZrUbcpuIW4w09jYwYRYQqfETNpF-CG-VHwSMU_h6x5KH9UbNCU9TBPp3bibVzsJJYsD1oO6Pw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2944680930&adf=3797023803&pi=t.aa~a.1278048309~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1140x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1737&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0&nras=2&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 9E97
0
234 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lrdtho26&c=8697265768615&slotId=4348632884307.5&qqid=CJmv652-3YMDFZLSOwIdQwgOsw&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9E97
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 16:39:21 GMT
x-content-type-options
nosniff
age
178601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 16:39:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9E97
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:11:03 GMT
x-content-type-options
nosniff
age
137099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jan 2025 04:11:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E97
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CiWe44SSkZdm6ApKl78EPw5C4mAu47NSsdYiyl-r3EfAuEAEgtOPhIGCV-vCBjAegAcSM-sgqyAEFqAMByAObBKoE_wFP0Ke-sjtL-aG0K8BxOWTH0t2u7tHf7pzRQXFjDMLeoRaGX7ELUNHYKifWe64rMqEPjNrwhwob4szDOOlQCvS0RuN6aNsJbRwajIFu29WJEpY6zVzPuL9RtKYAKDqINNcuZQn7NuexkYf-Vd00ZMhtmt8hZ1f0i8j1z8l8B0Aw8OikALRpS19q6kIWFMgVUFM_uM2hLpQ1Pr40M8rhqxp46AY-BunfX2ndSe9Pqk7RHySBo-JDkqhIYyRLpIsi_xkRY6z-FsFKBjLq4fu8foOBRJKbKKMM4HHsUjuN06uug3vA22EFbpCR2WP7bgFiEEt7kHrUN4QqP17W6pIpn8TABN2mrJLHBOAEA4gFzOLz1E2QBgGgBnaAB8TEyqgFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY3I7rnb7dgwOACgHICwHgCwGADAGiDAgqBgoErLqxAqoNAkRFsBPhiP8VyBPxj5jkA9ATANgTCogUDdgUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1705256162595&ai=CiWe44SSkZdm6ApKl78EPw5C4mAu47NSsdYiyl-r3EfAuEAEgtOPhIGCV-vCBjAegAcSM-sgqyAEFqAMByAObBKoE_wFP0Ke-sjtL-aG0K8BxOWTH0t2u7tHf7pzRQXFjDMLeoRaGX7ELUNHYKifWe64rMqEPjNrwhwob4szDOOlQCvS0RuN6aNsJbRwajIFu29WJEpY6zVzPuL9RtKYAKDqINNcuZQn7NuexkYf-Vd00ZMhtmt8hZ1f0i8j1z8l8B0Aw8OikALRpS19q6kIWFMgVUFM_uM2hLpQ1Pr40M8rhqxp46AY-BunfX2ndSe9Pqk7RHySBo-JDkqhIYyRLpIsi_xkRY6z-FsFKBjLq4fu8foOBRJKbKKMM4HHsUjuN06uug3vA22EFbpCR2WP7bgFiEEt7kHrUN4QqP17W6pIpn8TABN2mrJLHBOAEA4gFzOLz1E2QBgGgBnaAB8TEyqgFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY3I7rnb7dgwOACgHICwHgCwGADAGiDAgqBgoErLqxAqoNAkRFsBPhiP8VyBPxj5jkA9ATANgTCogUDdgUAdAVAfgWAYAXAegXBQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E97
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&eventType=canary_version_20240103_RC00&clientTime=1705256162596&ai=CiWe44SSkZdm6ApKl78EPw5C4mAu47NSsdYiyl-r3EfAuEAEgtOPhIGCV-vCBjAegAcSM-sgqyAEFqAMByAObBKoE_wFP0Ke-sjtL-aG0K8BxOWTH0t2u7tHf7pzRQXFjDMLeoRaGX7ELUNHYKifWe64rMqEPjNrwhwob4szDOOlQCvS0RuN6aNsJbRwajIFu29WJEpY6zVzPuL9RtKYAKDqINNcuZQn7NuexkYf-Vd00ZMhtmt8hZ1f0i8j1z8l8B0Aw8OikALRpS19q6kIWFMgVUFM_uM2hLpQ1Pr40M8rhqxp46AY-BunfX2ndSe9Pqk7RHySBo-JDkqhIYyRLpIsi_xkRY6z-FsFKBjLq4fu8foOBRJKbKKMM4HHsUjuN06uug3vA22EFbpCR2WP7bgFiEEt7kHrUN4QqP17W6pIpn8TABN2mrJLHBOAEA4gFzOLz1E2QBgGgBnaAB8TEyqgFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY3I7rnb7dgwOACgHICwHgCwGADAGiDAgqBgoErLqxAqoNAkRFsBPhiP8VyBPxj5jkA9ATANgTCogUDdgUAdAVAfgWAYAXAegXBQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 9E97
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lrdtho2s&c=8697265768615&slotId=4348632884307.5&qqid=CJmv652-3YMDFZLSOwIdQwgOsw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.18s&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 9E97
32 KB
18 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CBKGPiV1NlPnymJADkAAqmMhJe0VctULsELOBovXRwr9qjwOk5qUwdVPnL5NP32RXW9H8qaZM3GmSakrzxHY7DRKROVA&cry=1&dbm_d=AKAmf-Ae-WuZNbFW_1Qyb-wvn6so3EvE7DcZYRFkVhLu2AVTLeeDyWUd5SaFyNtGVTQze629r_mspWt0MeZkE3Pczm62iSmxkABak5Uj94Tyn2NOibZyZRxiSqhw-MFasziOywOm0LHNeVzvyQwJlvA0E1_v9bDaib3fGG_8jQE7B66bj7poYme8Qlaq4gNTyO_NAdXbMP2CI6tpwX9PEu1bAsHl8C89YNRHXaDIjCUEyTOJuXhLspIjhPlnoTbU1IgzbU-nzNn02zMKmiXScHYmbPe7PYa6vovjMqkbKfyttpM9kktF1jEDjDe96rrxoZmHWe2adwlwuK1scrcjkssoACba3kYtSeO41ThLAuKupV5N4b9fQAnet3cyp-qsIZO7HQzcTqROSyXIiPoAES4JWaIPJ-mvpfYppYBbCZa4sEWFH6x4kDyl4b6IPVHaiFeNH-uIji7t4dbfwYjBJBukRxWDw6zDl20BUIRu1CxcaxSbwnabtMlz_sdBF3IIUk_0oCN4Mp6NoqKx9vVvck6_JM6DayFUXgoj4KDikoHbpoHoKuBj9qgYFtbhW7K4HHZgI5P2T8Y_eaTY58H6fyQiw1nL_vfZc6QxxoYBivtn9Da3P2jsGWHIY22XG6vfa8c7MthFjW29jCIq5r3rSWNlwtN3Fg3kZ9q43I45jW2w6V3_UpTfnaBXu6Cwp8wgsMpl3hwpruQYWCG8XD9BWIyc23I27zm66ZKmMEkvsECdKMCYCW7ZVz80BEK-DqtswQ2abpxbkQaxoPuWnGbQpbx9hahrgdyxf1Mi8RYkeJqmzI8-QW_38r1klh1jDOvhqYA4M_nnH2ZceQ7BzofJkokhz6IR2llgT-K9bKXqcmx1sdUDSklb2wRX4ukDLr5Xy7H0yb-s0UE2wYec73QmGkz23kU0AiAxMhvpF3d7BxHEtA5FOHr3ReXjF6mTPybOZ_dy2o9RubcUI46d5-wlixmPFQd6dLlVHuVuzKa1Ps01bjoZIBO-0I-kWwuR2RNIwQzncwZ_WKp44pFclVqmB1-2_qljVid2n3TtIDSFqTaiG6BYl0k77OlXGuYcbRVWvIZjK1YCw2kvRPM7yHKSS-DAnYUtyWlrtZzDDgRfAdovu00Zu3MLY2LAmGCW1Ldsqmx--xYT6gwDRZW77ARp2TtEkoqhfVXJkol69xbAc5alb2-q05smoWlEm2yAbe8-fpzalkKfsqu4vTp6wtAJmqUkqBUYMGxks7b4f_C_E_vF6VwQQACZBQGgk06vK6QriQhQQwnK29VSaGIo9bjrlk3OiwqY7ck2Xax1BTXiBNx_cFVM1hdmWWnWntKh7KZqPVGZ0fhFA7cmlrq7xcPipkFSZAHkR1eW4U6s4HtUPwJ27ezAxhuBeAlEKMPSZTA5QVMC6BlcnABjbWqqeV4S6rBZwCnJ5Uh2dCnx91Cvd9T52e61Bmjney54tsQRsjo1cwfEI9u0Vj-b7s0rqZL9E6cqYsnbm2yBDedjb5oVxylV604AJEjoyLEeU1kpalFcheZoBN82RvFr0iV_USKWOEPhWNuRQPz_IDrsmCntwfP9vRqrVl1o94-YHgrkx6nqtRgcogrvZwsFK96hYu-ZehAAAWyxOyJX-s223PJFffzGMH5n8qqF3f0_LpVvtztMMzQSsGYjfA7S1zEwiIvXKqqPo-hF-AJO9drUW0cnZ6fb1aIPO_5jM2g8xkCqmJjWIWgDzUotNyu9t05JCO-bTkXaX99G4zUghGTmTYUA3KjQqL0XwsZiekOhsAWfpCDiKpAdV2XSbhxtKaSNB5CiZXj6cgQmwOaimsc0IY4Jww4q3g5FMv6xydjSU0KET8u_8LW2Gj5yf3Vrx56q43K4tQOxE3EBenjOSgwqJqC9tRR0CsrnsB7kOR_qVXZx7TlkPqZZLDFasL_h3T76GZmvobyAQizblnCf4V0lGh6w92i-GepIhhQQsTN3eWRECT2dEjtUsCMdxu4NKCMq4HhZBUuN5_td_C1L_b5dNmKoXTTaVgAo71r7qYAUcoLQtLaOWccehbVnrD7ewyDES4quq1NKvnsDg236fOXg042SEWfxU9rV1LBys8LYbetumJ7GKQgRyqMBnblP1vheqU879kJdfsZkjBnRU592NlbLdciCbuhbSE5aUr5-U0exCtprK4auEW2iDfGgCFn37mIxOcsuvDBRi00dJf2kwUBkmfFrpM9L6BsEiDWVFWAs0zcfR0jlViBPAPZU2qjXTR7aHwvcYy8C1iBmhRkjhJhuJxk_HnRfwO34xsAi4UjpGr97Jj8Li7v8VinagJ4QZnrMN4oy4x8M0eLyclqcBf3PsLWguKC8DshEG7pCQUu6o4xe1BMwESxBPHTx9PUFzUgHeimfkKbAOPr82-mD-MJiexiGw6DWLKIOTdDelGNBTnfUQESpxU7kI5WqnSNucXsU1l6vOYC8dt-mMspc1wF7Xwu7iM4SrMXJS-rSJ8OmflEnFcihFFCESzPz1iaaQNDDJpxuTuMTw3NQNvMUbr1gySoBmX-kPPXQ7a9JA_Gyza5VqT3OjrftgUkHsAeW4yJosG67ljS36SowADMSoGG-Mgc1JQOpzC8OZ9Oqt00lFixnNHOppXOxFMWWh0I14LSvcPD-gsF-uJcsgpZnmktZEV7xR-ETZvV2CrCdWfce6DN_x1HVlZPtQ7ZDjMtRg4FRJ5VdyP6TrQ5tDFsAfxdw1OjJ0DDkyag36g0-Yn_M8BiWU7j5wNDQtKBOQVrX2_Xp6_HNjxCMQ_ufql5_fUpf0m6IjJhP77e-bXNLsVH4-4d1JT45bkIjbjxtc3Dw2xbkSktmJW37fkEkrU-mcibw0dXuFsWKqQeI58hwiFCu__JYUNSHKp7Qfb7Z2tdBPAvWFm7olUfMSJ-c5VYU1hw3nUjWi1qr9WRVek92aTBWgDlpQtUgSiGRoHUNEG4bfZKW7nRo-J4Fgd77x74yxsnyP41brKdxw7NkbY0ptQkYLfZhaAAqPknjRdkcW8wnrOb1oFW6LChZs9QqYdCkz_wB7hqUyU93K45IJQmGGIDvR6kkvxT2BRmLI5f4UwHG5V_rns4mI1i3b7MiSkezCoSb0bNUwjZITFBrG9qLnnAE8XyPiS7ecE0dOiA5R2DW0RGw2Qq7OgzlstBrALLGETupYq_7P5j0TV5dwUDM5lp96cGLZkWMLIChIJkfNcdLhQ2gu-GbDkhRV6M9sg7QU8-0zc70QAhqfuOMl_VDVv3TdRpZUmo1W7oo01avwLTFoZ9AJTF0ufJ-cIw5FRiWhAfsaPVG9a3ammR7GjWXBs78vhylZtoNrVmw0jKb5AFGOhX45lUgOm906bkR0IEe6cgu_EbPMXri4wbsC9GoHewrnVbeM-QEe5-S7fvFTYNC8POEnY6luM_VBBG29mAsVVvHyN6la2gBOg09AGb1Zlo8ydX0V4CjAbi8vG-NNGr8aRHi0h8en2oPrqhLn-9CxvQUDMQXVWu_CCLgw9lHp4D9EvjRnOT6_QTPM35Jwvx6QED4rCo0b7An5qEdy_ss5vIufyq9ScE15KGdo61Hj4OfZd5awl2zvnk8vql0nPtv-JqQxRgRBtsHjfKTlHoJGWjuF5VAqBJbSgIPYrBTWfJHZ7N6GloK7cfdjN4OQ9rzqLUkytbRYm-aSbiLN5mBB9ceO6HNXg6xFdUo8mxR46YwkUUUijrM2SZSDWOGL1eN0Tssy-HfljkaCEiGvQ&cid=CAQSTgAvHhf_WGvgDjfHkv9OFOrbnFoyyIPWjeLOT-LFqbu1-V76_NkgpY3OPaoNsvEnixOGdwot6PnFu0NBunM15HuwlaS33nmbOhznsS4YpBgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.168.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wh-in-f155.1e100.net
Software
cafe /
Resource Hash
7846d4f2f4b0d4e523ea0e0781d9bcfbba42c975fe31dfb76009fd06a231ea7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17785
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
pagead2.googlesyndication.com/bg/ Frame 6C9C
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:33:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
186173
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19695
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 14:33:09 GMT
CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
pagead2.googlesyndication.com/bg/ Frame 1F21
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:33:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
186173
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19695
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 14:33:09 GMT
truncated
/ Frame 9E97
219 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7cd17d0f99674e22ff77d6bed3bcabe9b822807575b3ab1f3ce124e92c686160

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
sd
us-u.openx.net/w/1.0/ Frame 7C23
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIqxEAPM2cVey_q7CB9rHTs&google_cver=1
43 B
264 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIqxEAPM2cVey_q7CB9rHTs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhiwj-GCAjAB&v=APEucNVCakJxlwcNzI0bFeOCSVrn2cZ9nb9l4zpZxJB-sXAgpGW1Vku2DKv-6ijiIX8VEbuS2NQ9yt3iU74Ec-CW-qfHzzatESlL2sv2IYBoikol1j38trTgzfpRml2LIeHwInMwvaGWArqKNGpRNOxu70QJgk5jd4MwBXq98Wqxd356kanJHxY
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIqxEAPM2cVey_q7CB9rHTs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 7C23
43 B
136 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhiwj-GCAjAB&v=APEucNVCakJxlwcNzI0bFeOCSVrn2cZ9nb9l4zpZxJB-sXAgpGW1Vku2DKv-6ijiIX8VEbuS2NQ9yt3iU74Ec-CW-qfHzzatESlL2sv2IYBoikol1j38trTgzfpRml2LIeHwInMwvaGWArqKNGpRNOxu70QJgk5jd4MwBXq98Wqxd356kanJHxY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 7C23
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESECzVYFaDPjFjFQhLkhmmz5c&google_cver=1
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESECzVYFaDPjFjFQhLkhmmz5c&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhiwj-GCAjAB&v=APEucNVCakJxlwcNzI0bFeOCSVrn2cZ9nb9l4zpZxJB-sXAgpGW1Vku2DKv-6ijiIX8VEbuS2NQ9yt3iU74Ec-CW-qfHzzatESlL2sv2IYBoikol1j38trTgzfpRml2LIeHwInMwvaGWArqKNGpRNOxu70QJgk5jd4MwBXq98Wqxd356kanJHxY
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 14 Jan 2024 18:16:02 GMT
pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESECzVYFaDPjFjFQhLkhmmz5c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 7C23
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhiwj-GCAjAB&v=APEucNVCakJxlwcNzI0bFeOCSVrn2cZ9nb9l4zpZxJB-sXAgpGW1Vku2DKv-6ijiIX8VEbuS2NQ9yt3iU74Ec-CW-qfHzzatESlL2sv2IYBoikol1j38trTgzfpRml2LIeHwInMwvaGWArqKNGpRNOxu70QJgk5jd4MwBXq98Wqxd356kanJHxY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 14 Jan 2024 18:16:02 GMT
pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AEB
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BJpTQ4SSkZdi6ApKl78EPw5C4mAsAAAAAOAHgBAI&bg=!3t2l3ZLNAAaumcC-jpk7ADQBe5WfOKXx7TM5VPglHoWmlxtEcsvtbewHGP4CBhWCnSD2BJUPblBD3JN2cWcG2W9ljNNGAgAAAD9SAAAAAWgBB5kDDoMTDtvVgZkXOxq1EpZUf7qEZUNtwwYF4fKxL3q_xKaWE40P-4ualJ-ONEbq2FzdGfaIFf_FIY1NITfmmv68BNpLnZ2tCjGBTbsolWRf0K2pdenqq4qiPFUCl226IVGYB10jKK9_-qNYwHs83megyLdSHrh_yhL-w9RDcnNbCJREfBODezPy3d7jkoHpTKlLDIg09G-Ab6zvHPp8VddXk7gqsM8Z7g7X3qCjjCUFgZJHe2IcN0LhiHl1S5QHlcsdRA1yTYk5lNPsP4aqXF9ZcxUNHKM4ZU6_D9Lp8AFPgqoZGZ6lVqlwblq6FvZYnYOjbd2GaxuEgHs3YB_wg2hHfTUZw7wvAUaU3laV699VCLyVm1FFMPu7UlRX641EP00NI9_PsLjtFpwf6AB8FgTPellT41lmSN2C0zJFB2-Ws_t2bPqj9igAFs4uVuiEdorrz3cyUmyTc088ZG-hr3MQUq6RE6ffaKbLskZVpTLASLOe9PvUw2Bv_v3ZrxYkEnz2J6q_fVjHMulpW5NHt-tZRg22-ZpjSjHwKIdBHGhWjGt445ErXCPih4vbJn0ITv3ELRSeGhkuh2gRPyJNLaaVzHTOU0Afco5EWjvBQB7wMDTW2eH1tPJlyMlIysF4GE2LUU92jSFEs_cdvplMZgfpPExnv7u6C_i583Mn_if7xTXvuIcuZ8q5QZlAsxj7f2yb2kKQa-s4bEmNYisHsHvnbzvmqgb41RQdpreaeV-Ivhr6gQGHzjHiSJsIF6pxqyDdzce9aSmxDjDEugTZ4UnKX7fB40OgUQhZBFDrsr1h-XnUUzS14tALnbzuQv-cf4Wkc3xU_GmMVyhfSJ67KyJPuW_ibXPtobLJ__9r1XY-vHpBbWFPXLx_5mtlxkrBxeD6bY3t1UabPgLBMOUJ_jL4iLrODSrJvBrQfzMWMdQ9hQ0LOnOJVDLPfq9Mvh_GQvrZNjX9wFudw98TSdi_TL1vdr5eh2CGcnFflz1GbkYYpMCM8MsfBSvS79qVYsyFFdFxBZzNasgGcERkdHlWdWhU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 9E97
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C4pSy4SSkZdm6ApKl78EPw5C4mAu47NSsdYiyl-r3EfAuEAEgtOPhIGCV-vCBjAegAcSM-sgqyAEFqAMBqgT8AU_Qp76yO0v5obQrwHE5ZMfS3a7u0d_unNFBcWMMwt6hFoZfsQtQ0dgqJ9Z7risyoQ-M2vCHChvizMM46VAK9LRG43po2wltHBqMgW7b1YkSljrNXM-4v1G0pgAoOog01y5lCfs257GRh_5V3TRkyG2a3yFnV_SLyPXPyXwHQDDw6KQAtGlLX2rqQhYUyBVQUz-4zaEulDU-vjQzyuGrGnjoBj4G6d9fad1J70-qTtEfJIGj4kOSqEhjJEuk0yNl7ILx6mykcJpcljqfByJvfh9TO00KCvLsVObuMaTLP3cFaj1n5CpAiANTrdnH9dI_Z2Mg_hxtIA_Kxhv7F8AE3aaskscE4AQDiAXM4vPUTZIFBggDEAIYAZIFBggbEAIYAZIFCwgiEAIYAUicgZoCkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAfExMqoBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcKELvwIhje2cSCAtIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY3I7rnb7dgwOACgHICwGiDAgqBgoErLqxArAT4Yj_FcgT8Y-Y5APQEwDYEwqIFA3YFAHQFQGAFwGyFxwKGggAEhRwdWItNjczMzc0OTkzMzUwODQzNhgA6BcF&sigh=QIfAYivXYgg&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_WGvgDjfHkv9OFOrbnFoyyIPWjeLOT-LFqbu1-V76_NkgpY3OPaoNsvEnixOGdwot6PnFu0NBunM15HuwlaS33nmbOhznsS4YpBgB&vt=10&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Attribution-Reporting-Eligible
event-source
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5F23
640 B
262 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNWLd4UpJgaPrsZCm1JEyl4Ug82Jc4Abo3CbYhIvx8-hdylX1SE-cXT5TkM6bWJL152Xz0taBLcKZSlbUAqQFFqzOV4-0D8ifz743cXuCEwavuJNbCyRL1o3BkjTIV1pnsPjsfZ4dADnqaisFad6T32ViSIsngPhBku-TPeC1dST7U6s_wk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 18:16:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B5B1
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 14 Jan 2024 18:16:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame B5B1
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:19:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
6980
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 16:19:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame B5B1
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
82551
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 19:20:11 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B5B1
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jan 2024 18:16:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B5B1
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CvBCMdMuOT8I6k-Xh2tzImplXiQTzN0ZSZHX3_ZSZSSLnxwY2hl0t0XQ7x_ONopoRZvVPr3zSD5ANT8B99XiJtmklPGobKClGx1XY24p_x96j0a64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 96A2
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6352867400338&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 96A2
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6352867400338&version=m202309260101&ct=119&x=1&cor=12945024212118772000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 96A2
91 KB
38 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AKhFKyHgDXAdvwVdVDGb8ba59jXyjacz3F6_S7rsEc6nMKprYkViZm9vjEZ3I132HNLl4KV5zxYsfVN4PAI5cuL_XoSdL9PnR9Nfc3YijvBEbL9Hy6reocO3iakZLblmM1J15Piq2PF43Oxl1CC0wYeZsBW1fnj4anLF0HOUiOk0Slxo3Zo4tS4U2HdhJhkp9Hkz1m&cry=1&dbm_d=AKAmf-CuU7icIbn5fG6lKDb5S2n87RZSOGAXbTPI_RMYX977HU0FQx-I-PvLrDzwBKV3my7erDkCsOg-ERLyjr312PiaVY02F_MMYFfBiRS3kellNKgkzqUZJfIzsPcrQSPZ-SFh-ha8ohFUHbQLNTxTqfeXYBSC1t9LwMbUk7k_a6cvOrOyvwuWgcpdzpopGI5HNrYFNqYxQT84D38ap4NlamLdYEHmiXi3PXczWdbcnnkPqt84pWz0MAgm_mErLw_rEEzp6vSGw3RMfGlMl3mrRYTLwbS2-md6QjrN1SfgR9Ke3ZB9EVpTJoVU3NB8Y2mN8BFh778KxC3wA4u8EKRYK-vBG7dANulAyJqvirhsP3C75NTItRBQgqMby7-JFmllp5O6zoxeanGELdh_ahlqIe3JHJqAUFbwQkE04NZ8gYpdgewMbX_GOfC13wLimrIN2Ckd7BF6tEge1uyeSUKTyMcRb62hs60c01O0wnIxIO81hQkwTe9TK3xz08u6p7AV9iI9b8pSdju8m6b_HAgf9RsQwo8P7MXQZV91NiegEbOwuCf0q6j3cOsPi0vIn4itZWlsPceD_wt-lcFPClcxicxGrgSnUfnkw39AAYjS_y3FrHpGpsuThSqZ2kZLHFaxOXMy57hPjImZ35mXl9A6iwyoC_1xSWAmqYNbQOzWC7eTHrEhs6mGAOUwKQertFHIare64jMd_rkY1On6Mac3UInHBOdMLR3wyWaikAxO20OFTIniFx3zsppC20BIUJIiQTUnNZiIBi8zJoltenRBovlK1n_qXF-qF-gIh5c4WsS3Ut8Lq1C2sSU1H8gjkKuJ-ochYOOPYJYS-8KAZpPMBzH8yHHbT5FTUVD1cFkYlb5O7os7ly9JuB53WPekHaaEtmxN6ZFSbTi60sMd3aE1ywj76RRk7a39ZFDcuSO7Y_NiF0wVG0oRayeBrxzV5r3TmilmziCaSFdmtROnowBvCekdoZq1_z2qkQeLguOoBnRpi4SXwgN6L8iAJBgzTCiHicEzVMXymk7Qs5Tniy_45TH031ODHZzRXwui_brNlorX5648_reaNtSOF0wF6kaVRYqVZJGjnWAxIai-l8WueiH1ilH7pY5oLL3xmk-BBEodZuBuWEgIR58DcAglzzpJywkkyz8h3jKyqEPM_6hIV3RyXoJDWadgxRYeledk3JIFVmV8p1EEsdk6d4phXYhb5lhSQGo3LqRn6DmgEXdaOnvHWuVchTIKdixUgsRbHJds_aqXD05Gy74EXlaT2sxt07yBZCk4I0U-hfp_nIvjo55zRc7kmNC6EifiDlR2rexhP8NYOaggQkGNsEYHmukQ575hUajB2nESQ1JpgTkVK9nl5PGbGwvIznVYx5xIPsZLMowaiJgxVCUY6KR8SsVamPCWHwc3M7YZSM5_Q9RjJCmXZUywydDm9In457McKeS_uPQeniq1PbVx3RtZa8aGFJ9Ln8Ql9_V_Exs7g-ETw_TEwuVA-QXvd0TZStf8TwHYamFe7PgOErGXyTvQD-lM8_Qb7q7pTjRGZ-DGfCxGk8Eumqn6VT8wxVErKmiBIqkhJjlEP3yPisQ7oYExM9hy0L7idgckZX8O7ZiGytdzdcBLjPfznjO9IjSuIiUIgH9o8160MV1PuxZp-3wi81MuSMeCwIRgN27shjz_q-TQ1h4iFicnBgjC4fldkTxgdDYwidyHVWbvSnJi2hw4Un7uAooxF_bfzk-KooyvrPYnfhDa7hCWsjiCN5YBvAXzQTQcpAdvTVr3vQwgXYu_pH_USZ7SNlE3-CKS3aJV4HCG4rXUzBWd4aek_rXRNHbaMvzyfnbdLWx-6l3hFx-SF7DVbPUtlZGHMQ919R2DUQHjeD-deOOZFWgR7w0yoR3Z6YH1h4lS98x81-VojuCGyfTDLniBPxRF-QZE8_OM3d5IvoLHcH5KwuDeLyfbRCjzEohN_Az5ihVS_Y5xXcakrRerBI0NbXRjxgWrgWQ6EG4kgenOGkyP-uDZMm7RPt8OjCQSkqYYD_o7IbV-FyPY-RZYTKxqpaIBMaJGfIEEweD7Med20bHLmpbRY10IGwjqBmHe08jowCfojmlX6aYuwi_cUqkmhF0OeffZLPPDDCQ2rAZoNvfflBUkt7v-Ae478vGUXmSBYYo2fLjNm35zX43yk-Om6ex2vX-NdKZJvtDQjrktueKPZ1Dn8z2Ws3vbAzxc5OIVv5hx0mbBNp8n38YcUk4bmYfr3FAkLYop_YL8_m5AJGWZWUyyn7M7nJqw4hXH607Sx9q4ID21BM1OO_FRAqu-8MaEQzcmsbxFekROMXT5mIjgvwX6H7p-lc-04wigSwhdUJKPUKMg6XJYBLcRnslEkRyowEGA8QyvCV08OxgHFET1PNWa_9t3HdcNIF9EhosaIXajkwhO99vYHTyrJyZpMVBL_nSKFmhU8_kT6miZkeDjeRVdw6aOKAWEYnvhY7NKPOW8ol2nlrw1fvkg577RPogqC90VmUpoVKKjgmh_VSapJwzqwZvmvYpxuOV6CKpzytNicfYOJQCdESg8Wg-aXPEgDKpyRl32-dYQuK7R2bOz_YCXFRilKQqB1RuMMJ_kKGrI2oU3J4DpkxUG0BUrP2HUU6TLsSVkhbmV4L8pXEHJe5dv5mFrAEvBOb7eJRHNARiktbqryKWAFtNJv6aZF2gTurdvpBc6P5YhTTdcNntUnExtMJQLUeyT1ZR0k8O7LnUVgeYxS_ZQePXkXD3E6wJ39rolQXPE52ZpwlYWkrXJqGdi_E6XILMbi4mWu4LG2LPgA6gL5u5aELebv3Yi-iIQb0v3LMLHhLrkodL9WIGB5mWIvK-TiP_qDwvP2BPYzmDC-z6GcQ-2ciRSZszmJhq3KpZIS8HTnp3L8LY-qQHyvmPxfkpcsShg5RpTrABHl-2fsMiSDJpECRj2QHO4m-5MXz53AAxqG6saO58c9BheTspVu98RgNBo3g01sR8YrRBKtyKaK5zPUqRQWQAHNwjfXkSNEqnzgnydNRKqWduVv_oHPfQ3__oqgkh-kynMO4Gsx0JQVO9hkfzz8x8ZrYhEcqonrNKARqoA_UDYdFodbUe54jMchIDzmjVmgHelb5Fd5ub8dED4vbBsepulE8tStyUjAL3SfTdBwBIjZoUfvq08nWWgRIo87u1DjGolBPHUNpEwV9b41_Rm4BSAeZQ2ZLEskvO8D2VRxhg41Nj9zrRtNIBUL0WMSEPeuzQdL3PPFwlUO__3LgBUurE3WG9xGmbQ4Wn6lkbUsuI5In8JJXrnCcDLi4MoqlMYGlgxtmSHmUeQ1M3xT0_2yHNh2ve_fdL3EqjDd04XMUjp10EECSqrrKZk0FFOJdvnsuucddkbjXWiZpn6RERvUFyV6ZJ38aN4O2-vkpvBFNQAdP7XoAu1U7iTd6lLb7UxyVDl1a19_5fsG1v8QAxyKjDFfMXq__-gNlc0HsXDDQZ4z-1GRigibGNxhSViL5jzMmsFegtFH_DXmHfZlmox9Q00BCvejNPl7govZWUuCx4pBNwHRrhHnkNDA2Ho7N_3sfCx_deFPTNO7GjZWYj_qEfyQZA1HCFGjyacxLX8aAks3b6_7lOiuUgs-fMhMc0dL1ZSBxPG7I5hDINJLnw3-HYvd6TX9KXGN7Pi64OTAZYJN5TBlQbLhMfIQhgtgAm4Ft41gYOQr9RaFb8EizyUVYQgiueOfbF844uaXU99AgcA-Y3FTw&cid=CAQSPAAvHhf_UjhlKuwMRGgS85Eutn1ZbVqhAUX_0vEWHIv1pYofB7WZORbpLvE56_O-va3kpe4fKCsonh5XaxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.drawturk.com%2F&ds=l&xdt=1&iif=1&cor=12945024212118772000&adk=1761367584&idt=154&cac=0&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2315e87109bc5596a0742361ffcdc3fe2b2028ed58a7548f7e0236d0dffc5c9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2944680930&adf=3797023803&pi=t.aa~a.1278048309~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1140x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1737&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0&nras=2&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38697
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5F23
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIqxEAPM2cVey_q7CB9rHTs&google_cver=1
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIqxEAPM2cVey_q7CB9rHTs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNWLd4UpJgaPrsZCm1JEyl4Ug82Jc4Abo3CbYhIvx8-hdylX1SE-cXT5TkM6bWJL152Xz0taBLcKZSlbUAqQFFqzOV4-0D8ifz743cXuCEwavuJNbCyRL1o3BkjTIV1pnsPjsfZ4dADnqaisFad6T32ViSIsngPhBku-TPeC1dST7U6s_wk
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIqxEAPM2cVey_q7CB9rHTs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 5F23
43 B
111 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNWLd4UpJgaPrsZCm1JEyl4Ug82Jc4Abo3CbYhIvx8-hdylX1SE-cXT5TkM6bWJL152Xz0taBLcKZSlbUAqQFFqzOV4-0D8ifz743cXuCEwavuJNbCyRL1o3BkjTIV1pnsPjsfZ4dADnqaisFad6T32ViSIsngPhBku-TPeC1dST7U6s_wk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 5F23
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESECzVYFaDPjFjFQhLkhmmz5c&google_cver=1
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESECzVYFaDPjFjFQhLkhmmz5c&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNWLd4UpJgaPrsZCm1JEyl4Ug82Jc4Abo3CbYhIvx8-hdylX1SE-cXT5TkM6bWJL152Xz0taBLcKZSlbUAqQFFqzOV4-0D8ifz743cXuCEwavuJNbCyRL1o3BkjTIV1pnsPjsfZ4dADnqaisFad6T32ViSIsngPhBku-TPeC1dST7U6s_wk
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 14 Jan 2024 18:16:02 GMT
pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESECzVYFaDPjFjFQhLkhmmz5c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 5F23
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNWLd4UpJgaPrsZCm1JEyl4Ug82Jc4Abo3CbYhIvx8-hdylX1SE-cXT5TkM6bWJL152Xz0taBLcKZSlbUAqQFFqzOV4-0D8ifz743cXuCEwavuJNbCyRL1o3BkjTIV1pnsPjsfZ4dADnqaisFad6T32ViSIsngPhBku-TPeC1dST7U6s_wk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 14 Jan 2024 18:16:02 GMT
pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
csi
csi.gstatic.com/ Frame 9E97
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lrdtho32&c=8697265768615&slotId=4348632884307.5&qqid=CJmv652-3YMDFZLSOwIdQwgOsw&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 9E97
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 09:02:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
465220
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 09:02:22 GMT
file.mp4
r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/e83bf8e7db06f43f/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736792162/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 9E97
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/e83bf8e7db06f43f/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736792162/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
  • https://r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/e83bf8e7db06f43f/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736792162/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0
Fetch
General
Full URL
https://r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/e83bf8e7db06f43f/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736792162/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4FD58F20CD5C085D811F56C14A50566C5B492F98.7F938767DB28782671C9DF53085510DF68C4017A/key/cms1/cms_redirect/yes/mh/M0/mip/2a01:4a0:1338:92::9/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1705255568/mv/u/mvi/5/pl/29/file/file.mp4
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:65::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 18:16:03 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4112173
Last-Modified
Wed, 27 Dec 2023 13:45:16 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Sun, 14 Jan 2024 18:16:03 GMT

Redirect headers

date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
648
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/e83bf8e7db06f43f/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736792162/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4FD58F20CD5C085D811F56C14A50566C5B492F98.7F938767DB28782671C9DF53085510DF68C4017A/key/cms1/cms_redirect/yes/mh/M0/mip/2a01:4a0:1338:92::9/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1705255568/mv/u/mvi/5/pl/29/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 9E97
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lrdtho9u&c=8697265768615&slotId=4348632884307.5&qqid=CJmv652-3YMDFZLSOwIdQwgOsw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1992&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1fo~videopreviewvisible.1fr&ua_e=1&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 49BC
23 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
466090
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 08:47:52 GMT
expires
Wed, 08 Jan 2025 08:47:52 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 29BC
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssaRwz3YmuHsHWZC42OfRPrvormRBRNDVsay_S1fjKXyty8EmnbstGk9MfQEL_ysM0ceIPUcioUZlnwRibE1fAMA14ewGw3-LE03mzzNYqWggkGoWMjUHABs6D6-iOjHTdjqmiVvJ9XjbcrcBo85lVhiwWR&sai=AMfl-YQgM4GKAHAlwIrYq8eljgsLSguqII3EO6rZHeM9eYYofnCxRedAzEc9ADvg3l7yzwmHcdec7cpcbDeL&sig=Cg0ArKJSzBG0SAMBjW5fEAE&cid=CAQSGwAvHhf_B2XGHc6nIxA6qJWVJMpd8710PtrBtxgB&id=lidar2&mcvt=1000&p=0,0,280,1140&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4182805533&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705256160971&rpt=926&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 96A2
111 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 21:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73904
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 14 Jan 2024 21:44:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 96A2
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AKhFKyHgDXAdvwVdVDGb8ba59jXyjacz3F6_S7rsEc6nMKprYkViZm9vjEZ3I132HNLl4KV5zxYsfVN4PAI5cuL_XoSdL9PnR9Nfc3YijvBEbL9Hy6reocO3iakZLblmM1J15Piq2PF43Oxl1CC0wYeZsBW1fnj4anLF0HOUiOk0Slxo3Zo4tS4U2HdhJhkp9Hkz1m&cry=1&dbm_d=AKAmf-CuU7icIbn5fG6lKDb5S2n87RZSOGAXbTPI_RMYX977HU0FQx-I-PvLrDzwBKV3my7erDkCsOg-ERLyjr312PiaVY02F_MMYFfBiRS3kellNKgkzqUZJfIzsPcrQSPZ-SFh-ha8ohFUHbQLNTxTqfeXYBSC1t9LwMbUk7k_a6cvOrOyvwuWgcpdzpopGI5HNrYFNqYxQT84D38ap4NlamLdYEHmiXi3PXczWdbcnnkPqt84pWz0MAgm_mErLw_rEEzp6vSGw3RMfGlMl3mrRYTLwbS2-md6QjrN1SfgR9Ke3ZB9EVpTJoVU3NB8Y2mN8BFh778KxC3wA4u8EKRYK-vBG7dANulAyJqvirhsP3C75NTItRBQgqMby7-JFmllp5O6zoxeanGELdh_ahlqIe3JHJqAUFbwQkE04NZ8gYpdgewMbX_GOfC13wLimrIN2Ckd7BF6tEge1uyeSUKTyMcRb62hs60c01O0wnIxIO81hQkwTe9TK3xz08u6p7AV9iI9b8pSdju8m6b_HAgf9RsQwo8P7MXQZV91NiegEbOwuCf0q6j3cOsPi0vIn4itZWlsPceD_wt-lcFPClcxicxGrgSnUfnkw39AAYjS_y3FrHpGpsuThSqZ2kZLHFaxOXMy57hPjImZ35mXl9A6iwyoC_1xSWAmqYNbQOzWC7eTHrEhs6mGAOUwKQertFHIare64jMd_rkY1On6Mac3UInHBOdMLR3wyWaikAxO20OFTIniFx3zsppC20BIUJIiQTUnNZiIBi8zJoltenRBovlK1n_qXF-qF-gIh5c4WsS3Ut8Lq1C2sSU1H8gjkKuJ-ochYOOPYJYS-8KAZpPMBzH8yHHbT5FTUVD1cFkYlb5O7os7ly9JuB53WPekHaaEtmxN6ZFSbTi60sMd3aE1ywj76RRk7a39ZFDcuSO7Y_NiF0wVG0oRayeBrxzV5r3TmilmziCaSFdmtROnowBvCekdoZq1_z2qkQeLguOoBnRpi4SXwgN6L8iAJBgzTCiHicEzVMXymk7Qs5Tniy_45TH031ODHZzRXwui_brNlorX5648_reaNtSOF0wF6kaVRYqVZJGjnWAxIai-l8WueiH1ilH7pY5oLL3xmk-BBEodZuBuWEgIR58DcAglzzpJywkkyz8h3jKyqEPM_6hIV3RyXoJDWadgxRYeledk3JIFVmV8p1EEsdk6d4phXYhb5lhSQGo3LqRn6DmgEXdaOnvHWuVchTIKdixUgsRbHJds_aqXD05Gy74EXlaT2sxt07yBZCk4I0U-hfp_nIvjo55zRc7kmNC6EifiDlR2rexhP8NYOaggQkGNsEYHmukQ575hUajB2nESQ1JpgTkVK9nl5PGbGwvIznVYx5xIPsZLMowaiJgxVCUY6KR8SsVamPCWHwc3M7YZSM5_Q9RjJCmXZUywydDm9In457McKeS_uPQeniq1PbVx3RtZa8aGFJ9Ln8Ql9_V_Exs7g-ETw_TEwuVA-QXvd0TZStf8TwHYamFe7PgOErGXyTvQD-lM8_Qb7q7pTjRGZ-DGfCxGk8Eumqn6VT8wxVErKmiBIqkhJjlEP3yPisQ7oYExM9hy0L7idgckZX8O7ZiGytdzdcBLjPfznjO9IjSuIiUIgH9o8160MV1PuxZp-3wi81MuSMeCwIRgN27shjz_q-TQ1h4iFicnBgjC4fldkTxgdDYwidyHVWbvSnJi2hw4Un7uAooxF_bfzk-KooyvrPYnfhDa7hCWsjiCN5YBvAXzQTQcpAdvTVr3vQwgXYu_pH_USZ7SNlE3-CKS3aJV4HCG4rXUzBWd4aek_rXRNHbaMvzyfnbdLWx-6l3hFx-SF7DVbPUtlZGHMQ919R2DUQHjeD-deOOZFWgR7w0yoR3Z6YH1h4lS98x81-VojuCGyfTDLniBPxRF-QZE8_OM3d5IvoLHcH5KwuDeLyfbRCjzEohN_Az5ihVS_Y5xXcakrRerBI0NbXRjxgWrgWQ6EG4kgenOGkyP-uDZMm7RPt8OjCQSkqYYD_o7IbV-FyPY-RZYTKxqpaIBMaJGfIEEweD7Med20bHLmpbRY10IGwjqBmHe08jowCfojmlX6aYuwi_cUqkmhF0OeffZLPPDDCQ2rAZoNvfflBUkt7v-Ae478vGUXmSBYYo2fLjNm35zX43yk-Om6ex2vX-NdKZJvtDQjrktueKPZ1Dn8z2Ws3vbAzxc5OIVv5hx0mbBNp8n38YcUk4bmYfr3FAkLYop_YL8_m5AJGWZWUyyn7M7nJqw4hXH607Sx9q4ID21BM1OO_FRAqu-8MaEQzcmsbxFekROMXT5mIjgvwX6H7p-lc-04wigSwhdUJKPUKMg6XJYBLcRnslEkRyowEGA8QyvCV08OxgHFET1PNWa_9t3HdcNIF9EhosaIXajkwhO99vYHTyrJyZpMVBL_nSKFmhU8_kT6miZkeDjeRVdw6aOKAWEYnvhY7NKPOW8ol2nlrw1fvkg577RPogqC90VmUpoVKKjgmh_VSapJwzqwZvmvYpxuOV6CKpzytNicfYOJQCdESg8Wg-aXPEgDKpyRl32-dYQuK7R2bOz_YCXFRilKQqB1RuMMJ_kKGrI2oU3J4DpkxUG0BUrP2HUU6TLsSVkhbmV4L8pXEHJe5dv5mFrAEvBOb7eJRHNARiktbqryKWAFtNJv6aZF2gTurdvpBc6P5YhTTdcNntUnExtMJQLUeyT1ZR0k8O7LnUVgeYxS_ZQePXkXD3E6wJ39rolQXPE52ZpwlYWkrXJqGdi_E6XILMbi4mWu4LG2LPgA6gL5u5aELebv3Yi-iIQb0v3LMLHhLrkodL9WIGB5mWIvK-TiP_qDwvP2BPYzmDC-z6GcQ-2ciRSZszmJhq3KpZIS8HTnp3L8LY-qQHyvmPxfkpcsShg5RpTrABHl-2fsMiSDJpECRj2QHO4m-5MXz53AAxqG6saO58c9BheTspVu98RgNBo3g01sR8YrRBKtyKaK5zPUqRQWQAHNwjfXkSNEqnzgnydNRKqWduVv_oHPfQ3__oqgkh-kynMO4Gsx0JQVO9hkfzz8x8ZrYhEcqonrNKARqoA_UDYdFodbUe54jMchIDzmjVmgHelb5Fd5ub8dED4vbBsepulE8tStyUjAL3SfTdBwBIjZoUfvq08nWWgRIo87u1DjGolBPHUNpEwV9b41_Rm4BSAeZQ2ZLEskvO8D2VRxhg41Nj9zrRtNIBUL0WMSEPeuzQdL3PPFwlUO__3LgBUurE3WG9xGmbQ4Wn6lkbUsuI5In8JJXrnCcDLi4MoqlMYGlgxtmSHmUeQ1M3xT0_2yHNh2ve_fdL3EqjDd04XMUjp10EECSqrrKZk0FFOJdvnsuucddkbjXWiZpn6RERvUFyV6ZJ38aN4O2-vkpvBFNQAdP7XoAu1U7iTd6lLb7UxyVDl1a19_5fsG1v8QAxyKjDFfMXq__-gNlc0HsXDDQZ4z-1GRigibGNxhSViL5jzMmsFegtFH_DXmHfZlmox9Q00BCvejNPl7govZWUuCx4pBNwHRrhHnkNDA2Ho7N_3sfCx_deFPTNO7GjZWYj_qEfyQZA1HCFGjyacxLX8aAks3b6_7lOiuUgs-fMhMc0dL1ZSBxPG7I5hDINJLnw3-HYvd6TX9KXGN7Pi64OTAZYJN5TBlQbLhMfIQhgtgAm4Ft41gYOQr9RaFb8EizyUVYQgiueOfbF844uaXU99AgcA-Y3FTw&cid=CAQSPAAvHhf_UjhlKuwMRGgS85Eutn1ZbVqhAUX_0vEWHIv1pYofB7WZORbpLvE56_O-va3kpe4fKCsonh5XaxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.drawturk.com%2F&ds=l&xdt=1&iif=1&cor=12945024212118772000&adk=1761367584&idt=154&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 11:31:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
24273
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 11:31:29 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 96A2
31 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AKhFKyHgDXAdvwVdVDGb8ba59jXyjacz3F6_S7rsEc6nMKprYkViZm9vjEZ3I132HNLl4KV5zxYsfVN4PAI5cuL_XoSdL9PnR9Nfc3YijvBEbL9Hy6reocO3iakZLblmM1J15Piq2PF43Oxl1CC0wYeZsBW1fnj4anLF0HOUiOk0Slxo3Zo4tS4U2HdhJhkp9Hkz1m&cry=1&dbm_d=AKAmf-CuU7icIbn5fG6lKDb5S2n87RZSOGAXbTPI_RMYX977HU0FQx-I-PvLrDzwBKV3my7erDkCsOg-ERLyjr312PiaVY02F_MMYFfBiRS3kellNKgkzqUZJfIzsPcrQSPZ-SFh-ha8ohFUHbQLNTxTqfeXYBSC1t9LwMbUk7k_a6cvOrOyvwuWgcpdzpopGI5HNrYFNqYxQT84D38ap4NlamLdYEHmiXi3PXczWdbcnnkPqt84pWz0MAgm_mErLw_rEEzp6vSGw3RMfGlMl3mrRYTLwbS2-md6QjrN1SfgR9Ke3ZB9EVpTJoVU3NB8Y2mN8BFh778KxC3wA4u8EKRYK-vBG7dANulAyJqvirhsP3C75NTItRBQgqMby7-JFmllp5O6zoxeanGELdh_ahlqIe3JHJqAUFbwQkE04NZ8gYpdgewMbX_GOfC13wLimrIN2Ckd7BF6tEge1uyeSUKTyMcRb62hs60c01O0wnIxIO81hQkwTe9TK3xz08u6p7AV9iI9b8pSdju8m6b_HAgf9RsQwo8P7MXQZV91NiegEbOwuCf0q6j3cOsPi0vIn4itZWlsPceD_wt-lcFPClcxicxGrgSnUfnkw39AAYjS_y3FrHpGpsuThSqZ2kZLHFaxOXMy57hPjImZ35mXl9A6iwyoC_1xSWAmqYNbQOzWC7eTHrEhs6mGAOUwKQertFHIare64jMd_rkY1On6Mac3UInHBOdMLR3wyWaikAxO20OFTIniFx3zsppC20BIUJIiQTUnNZiIBi8zJoltenRBovlK1n_qXF-qF-gIh5c4WsS3Ut8Lq1C2sSU1H8gjkKuJ-ochYOOPYJYS-8KAZpPMBzH8yHHbT5FTUVD1cFkYlb5O7os7ly9JuB53WPekHaaEtmxN6ZFSbTi60sMd3aE1ywj76RRk7a39ZFDcuSO7Y_NiF0wVG0oRayeBrxzV5r3TmilmziCaSFdmtROnowBvCekdoZq1_z2qkQeLguOoBnRpi4SXwgN6L8iAJBgzTCiHicEzVMXymk7Qs5Tniy_45TH031ODHZzRXwui_brNlorX5648_reaNtSOF0wF6kaVRYqVZJGjnWAxIai-l8WueiH1ilH7pY5oLL3xmk-BBEodZuBuWEgIR58DcAglzzpJywkkyz8h3jKyqEPM_6hIV3RyXoJDWadgxRYeledk3JIFVmV8p1EEsdk6d4phXYhb5lhSQGo3LqRn6DmgEXdaOnvHWuVchTIKdixUgsRbHJds_aqXD05Gy74EXlaT2sxt07yBZCk4I0U-hfp_nIvjo55zRc7kmNC6EifiDlR2rexhP8NYOaggQkGNsEYHmukQ575hUajB2nESQ1JpgTkVK9nl5PGbGwvIznVYx5xIPsZLMowaiJgxVCUY6KR8SsVamPCWHwc3M7YZSM5_Q9RjJCmXZUywydDm9In457McKeS_uPQeniq1PbVx3RtZa8aGFJ9Ln8Ql9_V_Exs7g-ETw_TEwuVA-QXvd0TZStf8TwHYamFe7PgOErGXyTvQD-lM8_Qb7q7pTjRGZ-DGfCxGk8Eumqn6VT8wxVErKmiBIqkhJjlEP3yPisQ7oYExM9hy0L7idgckZX8O7ZiGytdzdcBLjPfznjO9IjSuIiUIgH9o8160MV1PuxZp-3wi81MuSMeCwIRgN27shjz_q-TQ1h4iFicnBgjC4fldkTxgdDYwidyHVWbvSnJi2hw4Un7uAooxF_bfzk-KooyvrPYnfhDa7hCWsjiCN5YBvAXzQTQcpAdvTVr3vQwgXYu_pH_USZ7SNlE3-CKS3aJV4HCG4rXUzBWd4aek_rXRNHbaMvzyfnbdLWx-6l3hFx-SF7DVbPUtlZGHMQ919R2DUQHjeD-deOOZFWgR7w0yoR3Z6YH1h4lS98x81-VojuCGyfTDLniBPxRF-QZE8_OM3d5IvoLHcH5KwuDeLyfbRCjzEohN_Az5ihVS_Y5xXcakrRerBI0NbXRjxgWrgWQ6EG4kgenOGkyP-uDZMm7RPt8OjCQSkqYYD_o7IbV-FyPY-RZYTKxqpaIBMaJGfIEEweD7Med20bHLmpbRY10IGwjqBmHe08jowCfojmlX6aYuwi_cUqkmhF0OeffZLPPDDCQ2rAZoNvfflBUkt7v-Ae478vGUXmSBYYo2fLjNm35zX43yk-Om6ex2vX-NdKZJvtDQjrktueKPZ1Dn8z2Ws3vbAzxc5OIVv5hx0mbBNp8n38YcUk4bmYfr3FAkLYop_YL8_m5AJGWZWUyyn7M7nJqw4hXH607Sx9q4ID21BM1OO_FRAqu-8MaEQzcmsbxFekROMXT5mIjgvwX6H7p-lc-04wigSwhdUJKPUKMg6XJYBLcRnslEkRyowEGA8QyvCV08OxgHFET1PNWa_9t3HdcNIF9EhosaIXajkwhO99vYHTyrJyZpMVBL_nSKFmhU8_kT6miZkeDjeRVdw6aOKAWEYnvhY7NKPOW8ol2nlrw1fvkg577RPogqC90VmUpoVKKjgmh_VSapJwzqwZvmvYpxuOV6CKpzytNicfYOJQCdESg8Wg-aXPEgDKpyRl32-dYQuK7R2bOz_YCXFRilKQqB1RuMMJ_kKGrI2oU3J4DpkxUG0BUrP2HUU6TLsSVkhbmV4L8pXEHJe5dv5mFrAEvBOb7eJRHNARiktbqryKWAFtNJv6aZF2gTurdvpBc6P5YhTTdcNntUnExtMJQLUeyT1ZR0k8O7LnUVgeYxS_ZQePXkXD3E6wJ39rolQXPE52ZpwlYWkrXJqGdi_E6XILMbi4mWu4LG2LPgA6gL5u5aELebv3Yi-iIQb0v3LMLHhLrkodL9WIGB5mWIvK-TiP_qDwvP2BPYzmDC-z6GcQ-2ciRSZszmJhq3KpZIS8HTnp3L8LY-qQHyvmPxfkpcsShg5RpTrABHl-2fsMiSDJpECRj2QHO4m-5MXz53AAxqG6saO58c9BheTspVu98RgNBo3g01sR8YrRBKtyKaK5zPUqRQWQAHNwjfXkSNEqnzgnydNRKqWduVv_oHPfQ3__oqgkh-kynMO4Gsx0JQVO9hkfzz8x8ZrYhEcqonrNKARqoA_UDYdFodbUe54jMchIDzmjVmgHelb5Fd5ub8dED4vbBsepulE8tStyUjAL3SfTdBwBIjZoUfvq08nWWgRIo87u1DjGolBPHUNpEwV9b41_Rm4BSAeZQ2ZLEskvO8D2VRxhg41Nj9zrRtNIBUL0WMSEPeuzQdL3PPFwlUO__3LgBUurE3WG9xGmbQ4Wn6lkbUsuI5In8JJXrnCcDLi4MoqlMYGlgxtmSHmUeQ1M3xT0_2yHNh2ve_fdL3EqjDd04XMUjp10EECSqrrKZk0FFOJdvnsuucddkbjXWiZpn6RERvUFyV6ZJ38aN4O2-vkpvBFNQAdP7XoAu1U7iTd6lLb7UxyVDl1a19_5fsG1v8QAxyKjDFfMXq__-gNlc0HsXDDQZ4z-1GRigibGNxhSViL5jzMmsFegtFH_DXmHfZlmox9Q00BCvejNPl7govZWUuCx4pBNwHRrhHnkNDA2Ho7N_3sfCx_deFPTNO7GjZWYj_qEfyQZA1HCFGjyacxLX8aAks3b6_7lOiuUgs-fMhMc0dL1ZSBxPG7I5hDINJLnw3-HYvd6TX9KXGN7Pi64OTAZYJN5TBlQbLhMfIQhgtgAm4Ft41gYOQr9RaFb8EizyUVYQgiueOfbF844uaXU99AgcA-Y3FTw&cid=CAQSPAAvHhf_UjhlKuwMRGgS85Eutn1ZbVqhAUX_0vEWHIv1pYofB7WZORbpLvE56_O-va3kpe4fKCsonh5XaxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.drawturk.com%2F&ds=l&xdt=1&iif=1&cor=12945024212118772000&adk=1761367584&idt=154&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 23:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
68982
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 23:06:20 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 96A2
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 20:07:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
166094
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 20:07:48 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D4E0
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2944680930&adf=3797023803&pi=t.aa~a.1278048309~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1140x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1737&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0&nras=2&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
32552
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Mon, 15 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 96A2
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72f5cf56c188eae3d3b7da31ab28294f715fd71947e64ed5a626729d56fea005

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1992
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
06555fe34b40902d289aa4c2d414833723921b938f7ba151d03488287adfaff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
view
ad.doubleclick.net/pcs/ Frame 1992
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuDdgHWcXZ0hu2bcc2f1Dc1zCD_PBO5YCnatOoXCb3wRCM1fWnBfXZUTCAITXSxT39r2uNBH9i8q2s1En1mzwEfVOLLh-rEyfOQuWmqtp9jDqCJ23ntwXaEz_cdB9na3F_gZaYjjWHUsYMWQKvBd95yf24-VTAu6Jy5O57s1CFb39msA2ojn5mzUjkhcQXS-BA7otuS2T2az8jIapxkGUUPCAKk_dtPjS-4FURCR3WcU9yakA3BF90nRnIPSTjgCwvvIv0tOg6FwT1cSGdeVvg43d8Jom2xUQ5hqLcWHYxLOZaZ5SguyQ7b6NfJmm9ubOD8FcfrFZvxH2xK6lhZ4ZV-c1_4VvUh7Fu55RtJR5WGcoccNl1dVjBsuD_W0nuVwGE5T_U2nRhiucdDc7yH9hADWgiShA4Q2hbrFIL9jwldlm73ofOJ_6uWTWAbzgQqMPEtV0zRJeQ-u_gNjAZyMlxjtxeAbtrtNzF7Ber68AHw1xbYEJETxfM8xMi92ptLAE6oY9dSIa71XbEK8cdnk0vO6HXtkXDIc4TXuVivUn_s4GVKeU0Oas-WtyCq5pnSEbrRkqNOAKFnrDox__ODNPOifY8eJoc3MwZEIQnH4zPK7OjF6EyAmpC-TZ-6KqVHT_ZtZKy8DvtFqFfd5Uknwll-48kRxg794KIcshRSL8rSwwYo33Wv496OFaFxuBsRvXoqhU1pcDaQC2cR0HZGpyYVI_-9trAzAMkisri1liuoFOGl7hufRFpVSioz1dddy0qZwjG0RYfmbphyTa4xm8vK9uv74FBlW-lSae2KRr9gRuGRLjDNKFNBzIYLEhrsFqV_VOoBfdvb3258n_OpNego_AzqimMzRs5Bu0dpssy9sHOxuy9JAUgtC6ZeIapttLrCyeSzhdusVsrv_JBN-z9WNxqUYFN_NTLfq_3Z_qttvidLw_MZOnm_L09dtuyWbuDnIn18e3zDodB8dXtRWSSWisa-XuYpx0J1byNhcTwbxMx--XNeTvKjgU4VAh8br3T7cvENi_e4o2wqEYxLNlrYpkw1Ne9QoPvMLkGfCoJz3j9OwH5QKO71BteDVBN8rg4KLA813WG1X2sGA-t4u9dN9B8TWAaT6wrnhu8vjtyPdOsLg6Y_lmRcJgedsvxEULclAO8BvRHdcU1jmc2EzVWDNLqCSI7pjMO38Z_voTYYs_eE3sNVCmNKD_fx7GN-l8XztrJFP7ovXbj0fCoEgmnha6tijOT_kJj02E9TLwapDuzkA3HDoWjmHbdvq2iBPrsSgEIgg2skr8xyWSVARt7I1DyImMNwE7wTgnVCHZnQgkN81moMaW2G720UYzM8fQ&sai=AMfl-YRk2F0nueZVufsapiKI_GbJIeGFogdWratwKX1A4OKvaI4ZdG7f6A27nPPSWOo4ccZncZdEy81vqjfedblafsH4s99GI9lcK-hTiTOYLKTu39wpSbn7wWZXFa7_dHGb7W0S_qDQhhMZQStiKXhWQTKuHrj2DJbARxmOhitNc-_jcyuUrHKilGVde9gYRvkQpZrZy57G-b1VBBmi9NXDq8SxE1mS198pvYa7jTwcSLI3yrUFTSLaNryEfWKHRv7AMoLLA1NL_Myllf474YAMkgy7It9Y2DPhRXVPAN6MTHyFdkdrmZ3cy9bZnExjrs79kj8utONdpQg0ihr7L79WDjazf7OCLl6yyS5iMPiO8iyl-0OOfP7_V1BNM5lgzbDhmtyAMru0_9IDj1X49F899Q8UKWUzdo7DZSQe1OiTYVvKgZWnZ2iRaQrcYQEQXQ8kiXBYyQ4s32oO3eufSfED1u7reADVDD6aXbAnkIJDztsneUaXbp0f00k12SVPJfTSheEO3yM&sig=Cg0ArKJSzMOYeW48x7xOEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9kb3VibGVjbGljay5uZXQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=681&cbvp=2&dett=2&cstd=0&cisv=r20240109.48906&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 14 Jan 2024 18:16:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 49BC
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 16:19:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
93378
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 12 Jan 2025 16:19:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B5B1
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=139305851274&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B5B1
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=139305851274&version=m202309260101&ct=77&x=1&cor=10145822075544273000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B5B1
20 KB
14 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DEa4g6cTrA71gftAt17ObkLVixp5ZKXDeOI6JCCmNYqMtUeD3OVV9z1cxFLFb4eq9HCA0mbE9vhkuV9kXMBmarulttnT7f9S7hFxQWXzWaeBJjmTXYufcv58-FeQor0sXfF0U22rNKS9r2RVX8sD-kRudbWoQvPc63ZYJdLn9lR3f31fA&cry=1&dbm_d=AKAmf-Alq1W15fTdXJ-XK4cyneiWUw1i-XYpkmqiW4-Kw-WD9sR4tM58KoeExbe7Y3K7eWP61xtbFfTqaDsWHeXUShdS5QdrEmzA36cDSKtTCvPDCqf7ID6DvLPSchENKtMJg6q9g1Pyv50p9dE7N51rOpCjg-AO2b9TISwynoI8nu3mJm9i2NblWR0gAwKZXip32xx7pBwUmavvRHRxgbinpzISLSW2zZC7iF5tqmGzux6tfaTVAe92js7DWcLEdNXQzcWyo0VXJeiaeCSlx9pjAgYEov6Yl1nfaE8OpbLj7IWbCDvtc0podQajbEk3QB179zVTZ4kqR1BBLev-_v4vyE8-yjj2pTTPCato6MRkitKXOejal2zVGU4rGEKy_AgTVA8-a-iuDkMvu0GXl2CJMqN7a2OjOl_MlELZzCy_BvEyfcfz3w_UF3FC8ljmTqLrrdM-qOLByfCfiG-hDR-Jm6LN_H5x8RFzov6TPlOeKYapUUoDWAGxTDU1DpEty7COgKjYOQvu89mxHNbcKzLqxl7B2YpHmw3072Wvb2gDlhiFWEIZeEN8lNdD98cMimpDnOZ0FhByyPUcK_-u5Pp9SkCYhtwm5fiB282M1wxOAhYFW6QV1fj0p3bGW8ePYRZOuT7B_ScGsmBTy7JnVDB603uiLCVolqgwxonZJCcR3zH3Yqjx0da3lumPHd9j9UvX8XPxXblGjIpCLeJXY7jv-m6E7llCixttPe2H7aVX9nOKg9oGc5QQPSRqmvB-n-pP45AXcgdOWgs1JO9Sg4Gz3Ue_BLqpkL4lI841tIaJiOtKGjnLXYjD3CjLe9LBQGLj-PWeMWcvjLXaHI6EVKFwL5i7y-C_VKXyKaIgLPCi3PkxMBXiE7mJkvh-nBnwtyWHBpmyKAmXuMvlzeNvz1e1lDrYqQszH7g1oaWPY5RkE2i80LT4thhFRqzVN7pBR_zz0n7qgpL6gpY2E7dCykROJ6_nVrvWmUxwYXfNruW4HnIow1-K9e3ourFT9ZD947O_tuHxklFyDa9ew9QcrWO7XPx-DaVrgB6N4t1TV5CmB1xCZZOopke0Bonp1Uv5gMNdxFZi8IEv3WG6aXBzfDjIQNWfMXXsl_LGvmbmNj10r9EPSB2F25zAAGtIJ_5v4PZN7GZHBEscRznAox0YvigzP6PEMDTCkyX7IU1VbFKY5sQaULThkzXBKAQymm3jNEhH8BAQMifi9ynUtXJS1jnoUDxBYITK0YHue-iZW75nbLkvK4yIBMsGS56eaSFcdh1iuR7Y8JbM1c7q3mXwB-E4Yi0q19HDW7cof35Wm0-uYwoFxyXlwgb9YauKbvM5BVy6rIIZUdsR4s9WTpd7LdXoryLqUfxJvWnAC-OJ3EUaQ6KzpuktTBD6lT8CkNJ1bTQN0GL81fCqd99ExBWLlL1w5phh4fdjZjx6NAGsEQf5Qv5TSrFnbvWSVjOWFAJCnvADct0cHL5bze6v6UHN2h4n8JHQ57mqgAI7HW8NpmOm7TtXWG-rOFnaCjcLlVMingOmQ2uBb-84joZ6KFhc_kmoCn-umf8nXIuRLxZf3UtybRv-hma3ncjAurAiagr-ut3Qngiv-7auSwb1V1nAqp7F1gt9sOqdTYjFEx12hUxwqd6qQ33PKQtXStVFa3_4b6F3G4Q1I7AEFdhN8NEEtJBjC-O31G0cr23qFePBt3fjP1HIlx2_bfPJ-xQuHPic1pyFgri_18X-3olH1up6uhP3oB4FnHOZmSngp1f40obdv9FlNmKdJ5uTVkx8-OhNpihA8kngNAUTDRs0XfW4Uw03c_7iJ-3gMBXG-NSQ1folc2Tp-nVDfUEjrxuo15hyYjh8BH8WfIWUAi_WGkQwc4mnHbSQiPt5maXCgQtORoWnb9oanMHfji6l0ALPmzJEhtn9LWuo1kZdQ743WhZG4wOUkTcTWPNpNgiCQcdjtlXK_QBqp9aUhlmQgOgq_R0jrOubVMWUlJ5T3MGyRzugvQvsCN5gmIac8wQGzn_2rJ-Fd-FJ1x7hqelBh7pQH_eYdaY9MZpNf6iY7kJztdvjxwjrq2hVqq5CRg_sjSQsSLdwWgY5woiEUNwoucAHnxMenVnWoAKh5T_pVu_JpEmiVa5SHAAeiexuUIQsEPZ4936hDZkDmY8AfJUA1hm452XoqNE-Zoo5t1NVAs1WIvEMjq8X9i7va51mHXtakhuDp5IEc8hHssWJyxj0qlt9gWHSTweNmMX-hM3aDM1I_zLkG4QWU_gw7JTY1x2Ehv6dfCce0JMXu30b86FMkUI5wIS0crLQQ-2jMVN2EjmYmNPmYepzrCKD_3nq-X8gdoZd7y_PgvdBYy3vKlw43cBjYz05WschNpM6UXn7nbLPnIcBAC9jWTO1SXUUWAoMIeq2GuIj1pPDC0nMiv3IUeLsTbwlOXgFtod6RGfwyCB_LUeoqlVYxdssTCT1TZwJuytkfKjeSG6RAirOpdBM5Ywfglh9nsd-aSSmc9Ll2_hYSZnbYQafZoL8xTheDNsZJiuLg-W3PpTwnbfb-X6jkuKvLEFmWalKpZ0TR3qPCKf5IGzAAm4omF9u36f1Fc7hpVSPApT-icO-SAFD7qZSYPMtXFdW3oriFsGZOpozKr9iqmzapASN4TOEtMtFD98kZbKm5X9WpxlL1Lo6EXZVJAlbjgk5FFRkLd7I_oggwLuC5-tcfZQeipKvoeny2LRwCAyaT3wxmMgM1c3wdtUmYwS3SRQ2J7FxhB5RRJsxGJiGfzhWvmIKT5hZPmmNK4ueMJbWfp5ptaoJURPN1KYM9jwKg640vGXfV1MyXCKZZ6-2lE9AEJpxhW4_4Olywd4OzZw2VqeySX8OP0X_9n--JBZI9WTdO6VLNeiDwOKhyqjsA300-_2oIahOcQ98C_n4BTMAZTFFUEGE9-C7kAUd_9YGG4DscSC_VK1hv2GMWuMj2rUxlDMSadbeOVAL1G11erGm1hFbLrEYXQcJfE4cnq4ZJJHPMUD9rklFBkcU6htZ9kqtVesZcUrXlzJzZWlA7xy3CpAoBNsC2GJeq7jcPVoSfvgODI6hXDxsMiyBXXc1vj8LKbkcpVIQVU7xblM4NIFIX1jxi0Ilt1VpmZ0-E8OfoFBhf00sIqQFjZproBaUdayMqQModBzErZ-ccwa28uox6Tk_ImFF2xLwZBRg6xkMDDAmZWBMNaLvZc3Lppwh7mBxC92ibs8KIONnguPUnBtcB5Xwg2NBZprrbllHtqoQlN_5Ekv-IuCCmrFvc0mBxLkNVAEADGKK1rZav5VrVEonHVhhqLOefiHozgWr6P0KwkP4a31Rt9EcuJpBNh4EajYM1qelYaqdRpX7jwW_maeyVSNg9A523lKPJSfIf-s-HL3Nq9xZGtA2u3ZuDe9LZ4rQe8NDdX2DYHrz7Rebr-iLOtic4lR_UmaPZJ6_wk1LzHyPzeZ54VXOcMnioohn8Qnsq3r_D5LAhrrOWwVnGr1YGHe2CAN3YXcKKV37-A8f9Rq9QpfWM3jntc_cUOImbOx8nKFFhAOAs7opLjUwoWntdM_rYYnDDLoXNViFTMvl9FM8zZ32Aj1Gx7rLt08wjHjM_vz-4tDON-EBvu_SbOINIZ66CCi1e4Ghh9Jet42Eayxk4kLno2q-K4kuLH4yu4kYolEQd5UdqTavrU9g_HJQWRnYClaYI37yTUdjvr3D1YyAFXNbH-rsexesW8jKIyWPlmpkWkRHnI2nfi1U3RJRv38uIEWZJZlX2Agu0C0IJAjZwe7nbC3NL9zaEAjlHKx1zOxOaC_i1uDCSfLBZs7Ws2EYDf5Az2xlm_vDctFxHH6_BwJLUAKmyBjET578F4FiTLwix9FAKyReeQ&cid=CAQSPAAvHhf_ksZhkVpSmpsik6z0LBa_dao55qDxOUr9dDagFK1wHghqxE0PHDu5jU78aExXlB-xCIwkJxRKtBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.drawturk.com%2F&ds=l&xdt=1&iif=1&cor=10145822075544273000&adk=1726166463&idt=213&cac=0&dtd=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d01790a4a887231c1a52e1f3306445e6f06b3db587fb06a4b1e248f92e31d1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13803
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame D4E0
35 B
464 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENn-t_LgSAMKF2kEcVCyQhU&google_cver=1&google_push=AXcoOmQ4lsMJGk80i5bA6AjgyxVxCPmKqLPnmsYQtGrzgMLAhX6x_9EUmBttd39lhRhW3BixmHX2zqO3wh-Iye2_i77hbvXkIvlip9s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2944680930&adf=3797023803&pi=t.aa~a.1278048309~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1140x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1737&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0&nras=2&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D4E0
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENKHNzLKN071U38SD5W7J-Y&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENKHNzLKN071U38SD5W7J-Y&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dklhcmlKcFExUnA1MUY1&google_gid=CAESENKHNzLKN071U38SD5W7J-Y&google_cver=1&google_push=AXcoOmQhM91LaweQDa5_cyl-i127oiUHsAArsGxCb79VKNn...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dklhcmlKcFExUnA1MUY1&google_gid=CAESENKHNzLKN071U38SD5W7J-Y&google_cver=1&google_push=AXcoOmQhM91LaweQDa5_cyl-i127oiUHsAArsGxCb79VKNnHY4JyMQ49rzaQyGrMwZT-SH5LDtWNfpKS2HVCVf96tP65oJsutVJcVM0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2944680930&adf=3797023803&pi=t.aa~a.1278048309~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1140x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1737&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0&nras=2&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=5
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 18:16:02 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dklhcmlKcFExUnA1MUY1&google_gid=CAESENKHNzLKN071U38SD5W7J-Y&google_cver=1&google_push=AXcoOmQhM91LaweQDa5_cyl-i127oiUHsAArsGxCb79VKNnHY4JyMQ49rzaQyGrMwZT-SH5LDtWNfpKS2HVCVf96tP65oJsutVJcVM0
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D4E0
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGggTWfYnkXNraKpGtqqP0A&google_cver=1&google_push=AXcoOmQybW1ZXmjTkj7zS1fgspVNM07OEW17BHViRTcaGe_Ark8xS5w5T3DD44VNNxb-8Jqu4Gt3voojH2M0YW...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNDAxOTQ1MTM4OTg2ODE3Mw%3D%3D&google_push=AXcoOmQybW1ZXmjTkj7zS1fgspVNM07OEW17BHViRTcaGe_Ark8xS5w5T3DD44VNNxb-8Jqu4Gt3voojH2M0YWis8Z...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNDAxOTQ1MTM4OTg2ODE3Mw%3D%3D&google_push=AXcoOmQybW1ZXmjTkj7zS1fgspVNM07OEW17BHViRTcaGe_Ark8xS5w5T3DD44VNNxb-8Jqu4Gt3voojH2M0YWis8ZePT-XU8Tw8zqI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2944680930&adf=3797023803&pi=t.aa~a.1278048309~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1140x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1737&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0&nras=2&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=5
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNDAxOTQ1MTM4OTg2ODE3Mw%3D%3D&google_push=AXcoOmQybW1ZXmjTkj7zS1fgspVNM07OEW17BHViRTcaGe_Ark8xS5w5T3DD44VNNxb-8Jqu4Gt3voojH2M0YWis8ZePT-XU8Tw8zqI
Date
Sun, 14 Jan 2024 18:16:03 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
usersync.aspx
dis.criteo.com/dis/ Frame D4E0
43 B
363 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTutx-IXyYB32VU4xF5Px6oWoiF9zSy3opHgS2p3mKVMQ7pKx6FpL4WzxJ6tADZ_hIMYLl9twQzfb3Dr07Aado5Bc7fnQlyEGM&google_gid=CAESENEKMJgJcykIS5P-kPBmiLs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2944680930&adf=3797023803&pi=t.aa~a.1278048309~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1140x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1737&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0&nras=2&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:02 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
313007
expires
Sun, 14 Jan 2024 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D4E0
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEH2-B8xDW-Kz-sgBVU2TM5w&google_cver=1&google_push=AXcoOmQPEm_g_t66qi8mGiH1113mHrcn4s2jTHFCwlGI4Pg7AeI-I3fQC6Q80DGkrAFT3Sg1RtcFBeM_PDNL...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQPEm_g_t66qi8mGiH1113mHrcn4s2jTHFCwlGI4Pg7AeI-I3fQC6Q80DGkrAFT3Sg1RtcFBeM_PDNLCIdVcqF_4xkNTpurs40
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQPEm_g_t66qi8mGiH1113mHrcn4s2jTHFCwlGI4Pg7AeI-I3fQC6Q80DGkrAFT3Sg1RtcFBeM_PDNLCIdVcqF_4xkNTpurs40
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2944680930&adf=3797023803&pi=t.aa~a.1278048309~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1140x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1737&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0&nras=2&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=5
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQPEm_g_t66qi8mGiH1113mHrcn4s2jTHFCwlGI4Pg7AeI-I3fQC6Q80DGkrAFT3Sg1RtcFBeM_PDNLCIdVcqF_4xkNTpurs40
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
googleredir
googlecm.hit.gemius.pl/ Frame D4E0
0
0

report
sync.teads.tv/um/ Frame D4E0
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBACmIB_CXsb...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRDJVbyvRiWh5y_yljnHXa9uo_SRUjBNZatmUipApteHvo-i2FQsQZQFQzpv3cnA-jemOUHNEy4V2Uf5ZEwzjlYH5uAGRJh8S0u
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2944680930&adf=3797023803&pi=t.aa~a.1278048309~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1140x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1737&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0&nras=2&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=5
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 14 Jan 2024 18:16:03 GMT
pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame D4E0
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I5wbnrBZf_3avZT4yMtjp1onSMg3HKRh74DhcH5O2ZWCO_wWMDHBE8-QuhBILQwMsN8Vm999I
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2944680930&adf=3797023803&pi=t.aa~a.1278048309~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1140x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1737&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0&nras=2&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 65C7
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
151512
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 00:10:50 GMT
expires
Sun, 12 Jan 2025 00:10:50 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 65C7
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 16:19:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
93379
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 12 Jan 2025 16:19:44 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame B5B1
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DEa4g6cTrA71gftAt17ObkLVixp5ZKXDeOI6JCCmNYqMtUeD3OVV9z1cxFLFb4eq9HCA0mbE9vhkuV9kXMBmarulttnT7f9S7hFxQWXzWaeBJjmTXYufcv58-FeQor0sXfF0U22rNKS9r2RVX8sD-kRudbWoQvPc63ZYJdLn9lR3f31fA&cry=1&dbm_d=AKAmf-Alq1W15fTdXJ-XK4cyneiWUw1i-XYpkmqiW4-Kw-WD9sR4tM58KoeExbe7Y3K7eWP61xtbFfTqaDsWHeXUShdS5QdrEmzA36cDSKtTCvPDCqf7ID6DvLPSchENKtMJg6q9g1Pyv50p9dE7N51rOpCjg-AO2b9TISwynoI8nu3mJm9i2NblWR0gAwKZXip32xx7pBwUmavvRHRxgbinpzISLSW2zZC7iF5tqmGzux6tfaTVAe92js7DWcLEdNXQzcWyo0VXJeiaeCSlx9pjAgYEov6Yl1nfaE8OpbLj7IWbCDvtc0podQajbEk3QB179zVTZ4kqR1BBLev-_v4vyE8-yjj2pTTPCato6MRkitKXOejal2zVGU4rGEKy_AgTVA8-a-iuDkMvu0GXl2CJMqN7a2OjOl_MlELZzCy_BvEyfcfz3w_UF3FC8ljmTqLrrdM-qOLByfCfiG-hDR-Jm6LN_H5x8RFzov6TPlOeKYapUUoDWAGxTDU1DpEty7COgKjYOQvu89mxHNbcKzLqxl7B2YpHmw3072Wvb2gDlhiFWEIZeEN8lNdD98cMimpDnOZ0FhByyPUcK_-u5Pp9SkCYhtwm5fiB282M1wxOAhYFW6QV1fj0p3bGW8ePYRZOuT7B_ScGsmBTy7JnVDB603uiLCVolqgwxonZJCcR3zH3Yqjx0da3lumPHd9j9UvX8XPxXblGjIpCLeJXY7jv-m6E7llCixttPe2H7aVX9nOKg9oGc5QQPSRqmvB-n-pP45AXcgdOWgs1JO9Sg4Gz3Ue_BLqpkL4lI841tIaJiOtKGjnLXYjD3CjLe9LBQGLj-PWeMWcvjLXaHI6EVKFwL5i7y-C_VKXyKaIgLPCi3PkxMBXiE7mJkvh-nBnwtyWHBpmyKAmXuMvlzeNvz1e1lDrYqQszH7g1oaWPY5RkE2i80LT4thhFRqzVN7pBR_zz0n7qgpL6gpY2E7dCykROJ6_nVrvWmUxwYXfNruW4HnIow1-K9e3ourFT9ZD947O_tuHxklFyDa9ew9QcrWO7XPx-DaVrgB6N4t1TV5CmB1xCZZOopke0Bonp1Uv5gMNdxFZi8IEv3WG6aXBzfDjIQNWfMXXsl_LGvmbmNj10r9EPSB2F25zAAGtIJ_5v4PZN7GZHBEscRznAox0YvigzP6PEMDTCkyX7IU1VbFKY5sQaULThkzXBKAQymm3jNEhH8BAQMifi9ynUtXJS1jnoUDxBYITK0YHue-iZW75nbLkvK4yIBMsGS56eaSFcdh1iuR7Y8JbM1c7q3mXwB-E4Yi0q19HDW7cof35Wm0-uYwoFxyXlwgb9YauKbvM5BVy6rIIZUdsR4s9WTpd7LdXoryLqUfxJvWnAC-OJ3EUaQ6KzpuktTBD6lT8CkNJ1bTQN0GL81fCqd99ExBWLlL1w5phh4fdjZjx6NAGsEQf5Qv5TSrFnbvWSVjOWFAJCnvADct0cHL5bze6v6UHN2h4n8JHQ57mqgAI7HW8NpmOm7TtXWG-rOFnaCjcLlVMingOmQ2uBb-84joZ6KFhc_kmoCn-umf8nXIuRLxZf3UtybRv-hma3ncjAurAiagr-ut3Qngiv-7auSwb1V1nAqp7F1gt9sOqdTYjFEx12hUxwqd6qQ33PKQtXStVFa3_4b6F3G4Q1I7AEFdhN8NEEtJBjC-O31G0cr23qFePBt3fjP1HIlx2_bfPJ-xQuHPic1pyFgri_18X-3olH1up6uhP3oB4FnHOZmSngp1f40obdv9FlNmKdJ5uTVkx8-OhNpihA8kngNAUTDRs0XfW4Uw03c_7iJ-3gMBXG-NSQ1folc2Tp-nVDfUEjrxuo15hyYjh8BH8WfIWUAi_WGkQwc4mnHbSQiPt5maXCgQtORoWnb9oanMHfji6l0ALPmzJEhtn9LWuo1kZdQ743WhZG4wOUkTcTWPNpNgiCQcdjtlXK_QBqp9aUhlmQgOgq_R0jrOubVMWUlJ5T3MGyRzugvQvsCN5gmIac8wQGzn_2rJ-Fd-FJ1x7hqelBh7pQH_eYdaY9MZpNf6iY7kJztdvjxwjrq2hVqq5CRg_sjSQsSLdwWgY5woiEUNwoucAHnxMenVnWoAKh5T_pVu_JpEmiVa5SHAAeiexuUIQsEPZ4936hDZkDmY8AfJUA1hm452XoqNE-Zoo5t1NVAs1WIvEMjq8X9i7va51mHXtakhuDp5IEc8hHssWJyxj0qlt9gWHSTweNmMX-hM3aDM1I_zLkG4QWU_gw7JTY1x2Ehv6dfCce0JMXu30b86FMkUI5wIS0crLQQ-2jMVN2EjmYmNPmYepzrCKD_3nq-X8gdoZd7y_PgvdBYy3vKlw43cBjYz05WschNpM6UXn7nbLPnIcBAC9jWTO1SXUUWAoMIeq2GuIj1pPDC0nMiv3IUeLsTbwlOXgFtod6RGfwyCB_LUeoqlVYxdssTCT1TZwJuytkfKjeSG6RAirOpdBM5Ywfglh9nsd-aSSmc9Ll2_hYSZnbYQafZoL8xTheDNsZJiuLg-W3PpTwnbfb-X6jkuKvLEFmWalKpZ0TR3qPCKf5IGzAAm4omF9u36f1Fc7hpVSPApT-icO-SAFD7qZSYPMtXFdW3oriFsGZOpozKr9iqmzapASN4TOEtMtFD98kZbKm5X9WpxlL1Lo6EXZVJAlbjgk5FFRkLd7I_oggwLuC5-tcfZQeipKvoeny2LRwCAyaT3wxmMgM1c3wdtUmYwS3SRQ2J7FxhB5RRJsxGJiGfzhWvmIKT5hZPmmNK4ueMJbWfp5ptaoJURPN1KYM9jwKg640vGXfV1MyXCKZZ6-2lE9AEJpxhW4_4Olywd4OzZw2VqeySX8OP0X_9n--JBZI9WTdO6VLNeiDwOKhyqjsA300-_2oIahOcQ98C_n4BTMAZTFFUEGE9-C7kAUd_9YGG4DscSC_VK1hv2GMWuMj2rUxlDMSadbeOVAL1G11erGm1hFbLrEYXQcJfE4cnq4ZJJHPMUD9rklFBkcU6htZ9kqtVesZcUrXlzJzZWlA7xy3CpAoBNsC2GJeq7jcPVoSfvgODI6hXDxsMiyBXXc1vj8LKbkcpVIQVU7xblM4NIFIX1jxi0Ilt1VpmZ0-E8OfoFBhf00sIqQFjZproBaUdayMqQModBzErZ-ccwa28uox6Tk_ImFF2xLwZBRg6xkMDDAmZWBMNaLvZc3Lppwh7mBxC92ibs8KIONnguPUnBtcB5Xwg2NBZprrbllHtqoQlN_5Ekv-IuCCmrFvc0mBxLkNVAEADGKK1rZav5VrVEonHVhhqLOefiHozgWr6P0KwkP4a31Rt9EcuJpBNh4EajYM1qelYaqdRpX7jwW_maeyVSNg9A523lKPJSfIf-s-HL3Nq9xZGtA2u3ZuDe9LZ4rQe8NDdX2DYHrz7Rebr-iLOtic4lR_UmaPZJ6_wk1LzHyPzeZ54VXOcMnioohn8Qnsq3r_D5LAhrrOWwVnGr1YGHe2CAN3YXcKKV37-A8f9Rq9QpfWM3jntc_cUOImbOx8nKFFhAOAs7opLjUwoWntdM_rYYnDDLoXNViFTMvl9FM8zZ32Aj1Gx7rLt08wjHjM_vz-4tDON-EBvu_SbOINIZ66CCi1e4Ghh9Jet42Eayxk4kLno2q-K4kuLH4yu4kYolEQd5UdqTavrU9g_HJQWRnYClaYI37yTUdjvr3D1YyAFXNbH-rsexesW8jKIyWPlmpkWkRHnI2nfi1U3RJRv38uIEWZJZlX2Agu0C0IJAjZwe7nbC3NL9zaEAjlHKx1zOxOaC_i1uDCSfLBZs7Ws2EYDf5Az2xlm_vDctFxHH6_BwJLUAKmyBjET578F4FiTLwix9FAKyReeQ&cid=CAQSPAAvHhf_ksZhkVpSmpsik6z0LBa_dao55qDxOUr9dDagFK1wHghqxE0PHDu5jU78aExXlB-xCIwkJxRKtBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.drawturk.com%2F&ds=l&xdt=1&iif=1&cor=10145822075544273000&adk=1726166463&idt=213&cac=0&dtd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 20:07:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
166095
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 20:07:48 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTI1NjE2Mjk5NDYxMAogIHNlcnZlcl9pcDogMTQ2NTMxNTgwCiAgcHJvY2Vzc19pZDogMjU4NDQ4Njk1OQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame B5B1
0
596 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTI1NjE2Mjk5NDYxMAogIHNlcnZlcl9pcDogMTQ2NTMxNTgwCiAgcHJvY2Vzc19pZDogMjU4NDQ4Njk1OQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxODExNDEyMDAyODAxODQ2MTEwMwpkZWJ1Z19rZXk6IDgwNjE2NTM4ODI5NzE0NjcyMzgKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAxLTE0IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIxNzQ4NDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIwODYzOAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4yLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x7f040b701c997fe50000000000000000","13":"0x6374d69432606a380000000000000000","14":"0xb470e25e877960bb0000000000000000","15":"0x1fb693b02fd40b7a0000000000000000"},"debug_key":"8061653882971467238","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"18114120028018461103"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g72h7lz2c4az
hal9000.redintelligence.net/zone/ Frame B5B1
11 KB
4 KB
Script
General
Full URL
https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1705256162240296&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDyUz4iSkZajVDvycs8IPxPiByAym5b2gaYWVnKfJD_AuEAEgtOPhIGCV-vCBjAfIAQmpApxeTIt2X7I-qAMByAObBKoE7QFP0Dsvck8tgO_ccsQLcH-x3eSzDicwKYuPGCF9WjGI8CTB3oav5ndnnY2QaRc9ml-oyoTGKG_7ILPXM055kdB9oCUrs108NTFnVKEZ9LQ2eh14OoiSjnRCcdQtdXmagXTqjDmKL4ikd7hzkQJcYGVvst-dxrwVbY4nyx0_BYOSaDykSacdUmQGYbqzFFbxUrZN5KWYXuwLOGKGKaNxjGPYxfKRd7nOcIRZU3nN1DPiP2SUi6FSLeUDhQPIK6Rh-bgmJ4JUZT3SLPj6W0I_Vqqhrm6xAuFTyI-3vB4Xn3myciERKb7EaxjOF7IS0_7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjdCrnr7dgwOACgGYCwHICwGADAGiDAgqBgoErLqxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_ksZhkVpSmpsik6z0LBa_dao55qDxOUr9dDagFK1wHghqxE0PHDu5jU78aExXlB-xCIwkJxRKtBgB%26sig%3DAOD64_2YHgLraYdsQbK0nnYpqfx-jGFTFg%26client%3Dca-pub-6733749933508436%26dbm_c%3DAKAmf-AlTJ_bh4XMGLOc1mDF1VZV67OnH9TcigqTlZyhPIVV8jAw41glx_OGxpmiapNmuWVd-T5cNa8BkqzvFDNk_MT0APjNO4COmOpuihV87uTk5YqgrqOQlY168elMqlq8GBL305TecPMZG0u6RGl8SKBh3OPBRProAtb3HmVdLKFBESzaPQ8%26cry%3D1%26dbm_d%3DAKAmf-BYkj8HBKo3li_W721C67ykUa5JckPLdFS4DqSbJSPgcB9MTMieJkeuTyPoPzeIVnWTUtyUgpggnD5TFbzaypRvP_6j3AV3LbwYS-a2PdT6tXFxhdHlTmlX01kfM4KcZdG8a0Ez3qEPiklA2ifPQRuw1cpZBm01UtVBviwIdm4ds9lLlp6rF1xgmtv--KYWTy-luBELFrX2rR8xbS42hfcjAYd42ax7PgRq44j8RxdG1TlOxoxvsOg2CYwaB5niS92m7wExUG31pETPMpIFJxV_7wMqLKWxnBHjhoE_SWQ1VzS7QoCLzGY7usRR2DIvXgz7ujFiNU10X85L_p4y_NEpfoc4HS3crvtA8owL_RdQ6N5B8fAiZNS0CDsCgjiascy0Xm_JvKhaX1kkl6MGeS-kvj4a5-dA2feJsXOcn-zOVKTq_zUcvhiw3gEX9aDWgn8bOk0_7uC_g4xAZEMzwTkXCUQgcTzGRqjZPTO1XLJ9vkZMb-gKu0PyP_bTRAYAGkImHmVbdO4mg3SHoK9unKwZuzro6rAGQ6Fw0wThUvL47ocSLOTrX3u5WUaUtWomrmc9UWsK%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.9.70.69.159.clients.your-server.de
Software
Apache /
Resource Hash
6432941878c856e6d5297a9632a03cd04a3bd93c525a6b0c25153a0022a8b524

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 18:16:03 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4161
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 49BC
0
21 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B2HRw4iSkZcS8L-ui9fgPxdeK8AEAAAAAOAHgBAI&bg=!srGlsf7NAAaumcC-jpk7ADQBe5WfON9uUpVFntJKByq78gpX8rH5nKcYJ0TyOoQevYiED81sH-A17Rp3cFMLpI4jtpvjAgAAAC1SAAAAAmgBB5kC4XHTccmFLulYVtAdCdjXVBaHZfdg_D-pl0xGK6_wUK8VhHo8sU4nFMhcwLmrlJlsku0spbtMWF6pzZePLK1kVljpCaemn3xXYZ2Hiquc7jBs4X8LGcOZm01_q7I_RvMhGsSy1mpTIuctRlrKim2AIkLkeuT9i-MTLAf6EEXsfB3PhdN0zeIZa339Z0w4f7m41hl3ikyHD_WYd-2KZr3H0xNk2Q2cdYhC28B4AigE9NnfHlddMGVn8YKIutyzhmAbkP0MylTMc5Fh5ef-y2qDS44VoZuc_j0LoeqxoPTEJV-cB3ol0DZ-_pgR5C41yYbr5H4ophXnQldZ1mejbQMOPq-H2xOvNIdJfNaM91Lx8h8rllhP9BTiwddcKJVFFb_lrDnBIpMyT6CAVkqMQ2BFeFOeYoAK6y728ozFXXcQkFXadxMknTBuOhG8NqLHZ-sAnq7eG_2ob-NGB0T1p1x5J7HgUttrYkHKo_G8Gw1_XT3ON5IkbRW0IgeoeUL7JwbqKZdrntrxICRl6SSEnzI-TtkoKewECuw1zrInSWV5jm1ZVdYaxOg8DvGKvu7AHXIxwloMoyZZfvf_iv8Qg24ggxtZnrrTiuCMaHsSpWoCMsNrRfNyRaaWcNlUQp0QEKgEiFeV4YzZdIm093wjk2wFlTdTn9-6U48Skw5nf6gFSh76olerlbT5s1XvEQQpzqvlKsUGtg-nOWqVQhmvQSXCkC0EP6_wAuETsUKEg4LZX8VcjS04mv4w3DkI9MYbpLX2mPNmWiRQELaNRRNNMeHFEpVTbWqHCTBEXNdeiQd8shOAV7i4Twym72W15RUZHcxwR4Zwpl1o_wgUvNfiPRDrNrohmbuZpXa3TdjPgz10cPFZVraO-3sA9DkXGRX3UIqRFe24kmdRLf7KKB8L-zeJaeGm_Pje8psiMNkuee8PgQlRCAsxZSgisl3zrO2NZX65jtzp51-L_OA0JQPxw8R1nqIm
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/ Frame BA21
19 KB
5 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ea33dc20b8d775965a07940c9cd705690d3cee04a51e4e356411d3d4968fc4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
464986
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4975
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 09:06:17 GMT
expires
Wed, 08 Jan 2025 09:06:17 GMT
last-modified
Tue, 02 Jan 2024 15:45:36 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 96A2
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvc9iSMLy1WfC3pLiGYj_ZUziMCK3pjRKNY4ueY200r-CTgEh8Xm1o9aXkjJjb2cgF5c6MkB2PzvdMA44h2TRa0OclavnX038G8X-_fGwJGx0L8G_kgmbLKSkz6eI9vZkureF-acGtaXUZwx84G02fQVv4jFcxcC0sztSdVJbt_rv06X-ZOoJGtWQvQoTzv3g5nQ2UvY2GdLsLXE0RIscdDYHE0psvsIpEPVq9XqxHTomZEJdNn8bVWVlpY9I2XWdFNtuRfssE_3iR_tosaf2dr1dJNDI6ui5mPu7BUr0BbepLyuFk5FzlEGoZEB2HEbCvAiAI25Huf2YSGu7RxZneIGyn8W_6F_f7JLNJYwAb5Z2nN5O7sCYlGtJnwK-it24sM0lwcisQSJuB0AsRBqjkfJH9A5cg9kfokh9SG33xY2BSIE7Y-HhuQeg5oJiIMacn4j_T3kZW-8rMwi_tNioIjzjQtBHre2wlIKT9BfkQcA2ktrYeTsnMy-DtNvQ9ErFoW2yglqx_2raBthSp7pxKoT3kZgu4UT-uQWmFEYoHijjKdyCSgCFuMm5hLnBqoRUnRLs12gxcwrnlnI2_eFwdVUwg7YsxSdRH-6C3OsVE_nH6PrANjKwNsfUdnXCer7xRjxYli8Bwl1HoJuzmDhRz-Qyc6Y9L8lwJQ5gr66LrIK4PTG9ylu_HzUousBy-kB8NI1O33n6kl0cv_wkJh9IqeReewmw37T2Zb1L79ATcz886Na2q1go9Uoibwh8xlRTYdavo1C0IVlrqbTN9n-uQ5DfNIRC0sK5_8ZqmcV49Y9VpWj1XZ-azY_uqScRkVS0Y5mfmNwkvBvg2xpyXiqNty6r08QSKQyjcKFeYIkTdG4pxr1f4QfUuVNYVksRX7gbNj4MkX1Gif-N5KqZbyLxuecGOAYRzxUzgFAwZQSr7_i9ImVX6RXiyypRDZTeXzZUNguWxcmRW9oyijmdMJoG0v-2-MjCRIex-V2W2jltkApB7wp5wRbAfHQnJF3FPVRzXKd0KPnLx7v7PQPs6zikNVlsOvzl5POt8Al7etg3RRRaONS7l2FrQM2mp-s2gFQm5y-2OA4d5fIUtEifoN6Taym_48Za1n-lyEe_fyxEelGrhRli1NBEt9kb89qP8DESNI51TUFz4qzZZYiePbR7d1H7XqOMPhkpeUX4sHUVncg4jaGW20shier0YVKamQwwpJMraOWAqKCPpkiK-vhMpDqCMXjOsnEGaj4tREsY5cV9Lm6JhYuWonpCviQSGbChhjTOX96z75WfMc&sai=AMfl-YRhZGr5-g8GbOMN27TTspHAlpZ2TWrjTgh_Xa8s_8LTpp8qgZxt2OHCVBnWGv3eTbjJxX6rc9vJeKJ70e007XTcgwju8aymDyUXbhv9jDFwGVZmQ1FisUXTaOSSGt9dSUOryzzZEEECU7THIK7i-GPcw93IYNnyTeNw9rmkKJaisO_0exCFzyikxVHTF4tbNgH71AFRgQOSeyzIQUugkY_40ZQmLb24ZQa4hIYgact1pFci1fUX41VhLn2f4dFW-GBLgiM&sig=Cg0ArKJSzE_OXHJ87f5aEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=160&cbvp=1&cstd=159&cisv=r20240109.21908&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 14 Jan 2024 18:16:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 9185
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
151513
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 00:10:50 GMT
expires
Sun, 12 Jan 2025 00:10:50 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
fa7598073fbe7296c68440b0463d8ae4.js
s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/ Frame BA21
60 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/fa7598073fbe7296c68440b0463d8ae4.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79a9563f63fcb59e7eced8b8c0ba2f132c43280b2013e3695b61b24ccd5f0d3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 12 Jan 2025 11:27:45 GMT
date
Sat, 13 Jan 2024 11:27:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110898
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17513
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 15:45:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gen_204
pagead2.googlesyndication.com/pagead/ Frame 65C7
0
21 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BUKpd4iSkZYCIMsbR7_UPwO27yAsAAAAAOAHgBAI&bg=!NzSlNHvNAAaumcC-jpk7ADQBe5WfOIDvwhcD3c5yqaiiwETpdPslez7IhTq94lQPGiQzdnDPsbvoIWfaV4x_uHAZSEuwAgAAADZSAAAAAWgBB5kDBaWMLOkROLhWv_WI-0PvVdQ6EQbS6Qtpx1O8w2Nn5qoPb9a_iN_R-uh0fC7zbe3QaeDh9JVr-z580y3CF9XZlPH-2dgQAjWL6Vzbs_xfkoc0i9sAkW1X3pxMYH8bu6wg-ALCHRvj6L2dFeK2diIWgryInT9jUh1JOJ6UDC0P0r2oBbClG7NZurG5BBnvJOhANpJlI-VJT6vc4C0qmOMUq80ro1yJI7ugdc04Ki3Tjda66AbdGppEjIl_EvECBMHs-aDil507cVNXOyi9cXHz9JR0q5R3GKdNDfqqsH96dXd8WCT55ZgM2hp-7OiOcpHh1CaNgnZW0zCO07xlnYgfROTVgFA9vlDF7WyWZw5ZgZ6zyBodIEwV3pNtLovhkmlASIvbUcPD8AxBtcM4j2i62R1tECIrs-Sc761OIF3jjaAKkXEKftlbJq9G8bEgRYEC8zfegXBlFfu9P2MefGdLH76WsEb_-fbPPBe8BACcpe8hXg0xRnZBHEh0fLV66UdJ9lKgGZ1-fLb7Xkd3b9XRYzTc5oJbxHEaOEZ4XfvXu04G0bUFfB6YBNZuC_L5JpiJ7YoeY1aGhyN4bPFyAdvxG4RloZKlwpU9TS8UskvKQIjZbRoSRW2Fd9AGL2jM7M5aFgyK0JF_abGYZpruL56HA6ctowQsCzl5z-EVFEMhLCxRhOPHp2TqRoviMEU2zOAhtfO7UxN80tijD-Ro5hcHORIZnboBxG3mH699cLNAburTsyiet5MEfh_MwbCYCWRJAu8A_sbbSIPhmOWgsAfQQo5bqbx8Vpw_--ZBCKOg19wQjwq1MyKjtBCv9fo7c91g_cpDOicAXI3q89xPqeEGxqn0CSQWvkqw7yPmHEB0YMpvSz8WGr-74q50aRV_CDRNLscfpoyCm2lHdgOTDGJD9op3TtexdzOxOtQ0KdY3OCUe3Va8SSiCDkgZw4isQdool0nP4Ih-6bciWlbkcQCpqWcp_LTexAJE4ZLZI0N9h4GhOiXg9oXfaNLPiR1oaUl8hUbCNoM-
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2944680930&adf=3797023803&pi=t.aa~a.1278048309~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1140x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1737&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0&nras=2&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 9185
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 16:19:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
93379
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 12 Jan 2025 16:19:44 GMT
de738ae4ccf34553321459da4b2a8f23.svg
s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/media/ Frame BA21
2 KB
829 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/media/de738ae4ccf34553321459da4b2a8f23.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f530f6332f62e984dd2bce7c2eb33b915a130e79e0a0075bf250bb7a7e823fbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 12:58:29 GMT
date
Fri, 12 Jan 2024 12:58:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
191854
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
799
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 15:45:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
578e3096730080a8af724f1a22450208.svg
s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/media/ Frame BA21
12 KB
4 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/media/578e3096730080a8af724f1a22450208.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7211b35cb0e6403546377d7a25870102eb82d1b9f817bdc1d41844011e88a93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 11:34:24 GMT
date
Fri, 12 Jan 2024 11:34:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196899
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3966
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 15:45:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
ad1fe61cc580a943c199a2541a2be273.svg
s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/media/ Frame BA21
24 KB
9 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/media/ad1fe61cc580a943c199a2541a2be273.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4cda67953c579cfe06bb48e91dabe4e633c1e9bd8080e08092f550922d91f03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 16:56:33 GMT
date
Fri, 12 Jan 2024 16:56:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177570
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8723
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 15:45:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
b85e4615a89df3c1c2d88694830ba590.svg
s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/media/ Frame BA21
11 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/media/b85e4615a89df3c1c2d88694830ba590.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4699aee4e4132e3104a1b90de072c0ca93615b51013bce15f71cad2d71e6a6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 12 Jan 2025 00:49:40 GMT
date
Sat, 13 Jan 2024 00:49:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149183
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3434
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 15:45:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
c2d798ffb0bfec26b01b4a8a5d8faba3.png
s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/media/ Frame BA21
10 KB
10 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/media/c2d798ffb0bfec26b01b4a8a5d8faba3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d883d95e645fa67665bfdc9ccfffd4e544c5207f3316f719c761f1aa33250049
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 12 Jan 2025 03:30:02 GMT
date
Sat, 13 Jan 2024 03:30:02 GMT
x-content-type-options
nosniff
age
139561
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10364
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 15:45:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
0152ade2dbb169b2249a103839bda1c7.svg
s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/media/ Frame BA21
10 KB
5 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/media/0152ade2dbb169b2249a103839bda1c7.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
376571de7fb7d61ee398aa203005900aefef240b923a879c20f0c11c8af5dc51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 12 Jan 2025 00:29:30 GMT
date
Sat, 13 Jan 2024 00:29:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150393
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4708
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 15:45:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
5c9ce128f7ce3198cde68ae81b91778a.svg
s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/media/ Frame BA21
3 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/media/5c9ce128f7ce3198cde68ae81b91778a.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8235f717b849c5b5ad4a90ca1c50ae6b8f7d9c848710af79ee0fb850491eefca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14162183073017029538/76093_ALDI_TALK_Grundrauschen_S_728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 22:18:53 GMT
date
Fri, 12 Jan 2024 22:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
158230
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1056
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 15:45:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
request.php
hal90005.redintelligence.net/ Frame B5B1
Redirect Chain
  • https://hal90005.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=6c236eb702&subid=&uid=94eb1722cd5ff90c&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90005.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=6c236eb702&subid=&uid=94eb1722cd5ff90c&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
4 KB
2 KB
Script
General
Full URL
https://hal90005.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=6c236eb702&subid=&uid=94eb1722cd5ff90c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDyUz4iSkZajVDvycs8IPxPiByAym5b2gaYWVnKfJD_AuEAEgtOPhIGCV-vCBjAfIAQmpApxeTIt2X7I-qAMByAObBKoE7QFP0Dsvck8tgO_ccsQLcH-x3eSzDicwKYuPGCF9WjGI8CTB3oav5ndnnY2QaRc9ml-oyoTGKG_7ILPXM055kdB9oCUrs108NTFnVKEZ9LQ2eh14OoiSjnRCcdQtdXmagXTqjDmKL4ikd7hzkQJcYGVvst-dxrwVbY4nyx0_BYOSaDykSacdUmQGYbqzFFbxUrZN5KWYXuwLOGKGKaNxjGPYxfKRd7nOcIRZU3nN1DPiP2SUi6FSLeUDhQPIK6Rh-bgmJ4JUZT3SLPj6W0I_Vqqhrm6xAuFTyI-3vB4Xn3myciERKb7EaxjOF7IS0_7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjdCrnr7dgwOACgGYCwHICwGADAGiDAgqBgoErLqxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_ksZhkVpSmpsik6z0LBa_dao55qDxOUr9dDagFK1wHghqxE0PHDu5jU78aExXlB-xCIwkJxRKtBgB%26sig%3DAOD64_2YHgLraYdsQbK0nnYpqfx-jGFTFg%26client%3Dca-pub-6733749933508436%26dbm_c%3DAKAmf-AlTJ_bh4XMGLOc1mDF1VZV67OnH9TcigqTlZyhPIVV8jAw41glx_OGxpmiapNmuWVd-T5cNa8BkqzvFDNk_MT0APjNO4COmOpuihV87uTk5YqgrqOQlY168elMqlq8GBL305TecPMZG0u6RGl8SKBh3OPBRProAtb3HmVdLKFBESzaPQ8%26cry%3D1%26dbm_d%3DAKAmf-BYkj8HBKo3li_W721C67ykUa5JckPLdFS4DqSbJSPgcB9MTMieJkeuTyPoPzeIVnWTUtyUgpggnD5TFbzaypRvP_6j3AV3LbwYS-a2PdT6tXFxhdHlTmlX01kfM4KcZdG8a0Ez3qEPiklA2ifPQRuw1cpZBm01UtVBviwIdm4ds9lLlp6rF1xgmtv--KYWTy-luBELFrX2rR8xbS42hfcjAYd42ax7PgRq44j8RxdG1TlOxoxvsOg2CYwaB5niS92m7wExUG31pETPMpIFJxV_7wMqLKWxnBHjhoE_SWQ1VzS7QoCLzGY7usRR2DIvXgz7ujFiNU10X85L_p4y_NEpfoc4HS3crvtA8owL_RdQ6N5B8fAiZNS0CDsCgjiascy0Xm_JvKhaX1kkl6MGeS-kvj4a5-dA2feJsXOcn-zOVKTq_zUcvhiw3gEX9aDWgn8bOk0_7uC_g4xAZEMzwTkXCUQgcTzGRqjZPTO1XLJ9vkZMb-gKu0PyP_bTRAYAGkImHmVbdO4mg3SHoK9unKwZuzro6rAGQ6Fw0wThUvL47ocSLOTrX3u5WUaUtWomrmc9UWsK%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6733749933508436%26output%3Dhtml%26h%3D90%26adk%3D2743202993%26adf%3D54630664%26pi%3Dt.aa~a.1182920990~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1705256162%26rafmt%3D1%26to%3Dqs%26pwprc%3D7020666917%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fwww.drawturk.com%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705256162041%26bpp%3D1%26bdt%3D1738%26idt%3D0%26shv%3Dr20240109%26mjsv%3Dm202401080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dae7c977102fab147%253AT%253D1705256161%253ART%253D1705256161%253AS%253DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw%26gpic%3DUID%253D00000d4180fa3c8a%253AT%253D1705256161%253ART%253D1705256161%253AS%253DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA%26prev_fmts%3D1140x280%252C1140x280%252C0x0%252C1140x90%26nras%3D3%26correlator%3D1487000310486%26frm%3D20%26pv%3D1%26ga_vid%3D1196123050.1705256161%26ga_sid%3D1705256161%26ga_hid%3D2056863352%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D2763%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C95320239%252C31079965%252C44807406%252C95321957%252C95320870%252C95320893%252C95321626%26oid%3D2%26psts%3DAOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%252CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma%26pvsid%3D3654893573096511%26tmod%3D885729798%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26dtd%3D8&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.drawturk.com&random=984957035754&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Protocol
HTTP/1.1
Server
138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
145851f30eeda06e9be4d4f6e8108b053803033b930dd1a45f6f2c0866c0752e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 18:16:03 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
36318900125401704444550012569005
Connection
close
Content-Length
1328
Expires
Sun, 14 Jan 2024 18:16:03 +0100

Redirect headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 18:16:03 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=6c236eb702&subid=&uid=94eb1722cd5ff90c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDyUz4iSkZajVDvycs8IPxPiByAym5b2gaYWVnKfJD_AuEAEgtOPhIGCV-vCBjAfIAQmpApxeTIt2X7I-qAMByAObBKoE7QFP0Dsvck8tgO_ccsQLcH-x3eSzDicwKYuPGCF9WjGI8CTB3oav5ndnnY2QaRc9ml-oyoTGKG_7ILPXM055kdB9oCUrs108NTFnVKEZ9LQ2eh14OoiSjnRCcdQtdXmagXTqjDmKL4ikd7hzkQJcYGVvst-dxrwVbY4nyx0_BYOSaDykSacdUmQGYbqzFFbxUrZN5KWYXuwLOGKGKaNxjGPYxfKRd7nOcIRZU3nN1DPiP2SUi6FSLeUDhQPIK6Rh-bgmJ4JUZT3SLPj6W0I_Vqqhrm6xAuFTyI-3vB4Xn3myciERKb7EaxjOF7IS0_7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjdCrnr7dgwOACgGYCwHICwGADAGiDAgqBgoErLqxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_ksZhkVpSmpsik6z0LBa_dao55qDxOUr9dDagFK1wHghqxE0PHDu5jU78aExXlB-xCIwkJxRKtBgB%26sig%3DAOD64_2YHgLraYdsQbK0nnYpqfx-jGFTFg%26client%3Dca-pub-6733749933508436%26dbm_c%3DAKAmf-AlTJ_bh4XMGLOc1mDF1VZV67OnH9TcigqTlZyhPIVV8jAw41glx_OGxpmiapNmuWVd-T5cNa8BkqzvFDNk_MT0APjNO4COmOpuihV87uTk5YqgrqOQlY168elMqlq8GBL305TecPMZG0u6RGl8SKBh3OPBRProAtb3HmVdLKFBESzaPQ8%26cry%3D1%26dbm_d%3DAKAmf-BYkj8HBKo3li_W721C67ykUa5JckPLdFS4DqSbJSPgcB9MTMieJkeuTyPoPzeIVnWTUtyUgpggnD5TFbzaypRvP_6j3AV3LbwYS-a2PdT6tXFxhdHlTmlX01kfM4KcZdG8a0Ez3qEPiklA2ifPQRuw1cpZBm01UtVBviwIdm4ds9lLlp6rF1xgmtv--KYWTy-luBELFrX2rR8xbS42hfcjAYd42ax7PgRq44j8RxdG1TlOxoxvsOg2CYwaB5niS92m7wExUG31pETPMpIFJxV_7wMqLKWxnBHjhoE_SWQ1VzS7QoCLzGY7usRR2DIvXgz7ujFiNU10X85L_p4y_NEpfoc4HS3crvtA8owL_RdQ6N5B8fAiZNS0CDsCgjiascy0Xm_JvKhaX1kkl6MGeS-kvj4a5-dA2feJsXOcn-zOVKTq_zUcvhiw3gEX9aDWgn8bOk0_7uC_g4xAZEMzwTkXCUQgcTzGRqjZPTO1XLJ9vkZMb-gKu0PyP_bTRAYAGkImHmVbdO4mg3SHoK9unKwZuzro6rAGQ6Fw0wThUvL47ocSLOTrX3u5WUaUtWomrmc9UWsK%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6733749933508436%26output%3Dhtml%26h%3D90%26adk%3D2743202993%26adf%3D54630664%26pi%3Dt.aa~a.1182920990~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1705256162%26rafmt%3D1%26to%3Dqs%26pwprc%3D7020666917%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fwww.drawturk.com%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705256162041%26bpp%3D1%26bdt%3D1738%26idt%3D0%26shv%3Dr20240109%26mjsv%3Dm202401080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dae7c977102fab147%253AT%253D1705256161%253ART%253D1705256161%253AS%253DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw%26gpic%3DUID%253D00000d4180fa3c8a%253AT%253D1705256161%253ART%253D1705256161%253AS%253DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA%26prev_fmts%3D1140x280%252C1140x280%252C0x0%252C1140x90%26nras%3D3%26correlator%3D1487000310486%26frm%3D20%26pv%3D1%26ga_vid%3D1196123050.1705256161%26ga_sid%3D1705256161%26ga_hid%3D2056863352%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D2763%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C95320239%252C31079965%252C44807406%252C95321957%252C95320870%252C95320893%252C95321626%26oid%3D2%26psts%3DAOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%252CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma%26pvsid%3D3654893573096511%26tmod%3D885729798%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26dtd%3D8&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.drawturk.com&random=984957035754&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Sun, 14 Jan 2024 18:16:03 +0100
file.mp4
r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/e83bf8e7db06f43f/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736792162/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 9E97
4 MB
4 MB
Media
General
Full URL
https://r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/e83bf8e7db06f43f/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736792162/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4FD58F20CD5C085D811F56C14A50566C5B492F98.7F938767DB28782671C9DF53085510DF68C4017A/key/cms1/cms_redirect/yes/mh/M0/mip/2a01:4a0:1338:92::9/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1705255568/mv/u/mvi/5/pl/29/file/file.mp4
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:65::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
c370725f055acf3fc054a1186ef26ed07f1de33b9c86c4c5f4a61ea6a4690d7f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range
bytes=0-

Response headers

expires
Sun, 14 Jan 2024 18:16:03 GMT
date
Sun, 14 Jan 2024 18:16:03 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-4112172/4112173
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4112173
last-modified
Wed, 27 Dec 2023 13:45:16 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
view
googleads4.g.doubleclick.net/pcs/ Frame 96A2
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvc9iSMLy1WfC3pLiGYj_ZUziMCK3pjRKNY4ueY200r-CTgEh8Xm1o9aXkjJjb2cgF5c6MkB2PzvdMA44h2TRa0OclavnX038G8X-_fGwJGx0L8G_kgmbLKSkz6eI9vZkureF-acGtaXUZwx84G02fQVv4jFcxcC0sztSdVJbt_rv06X-ZOoJGtWQvQoTzv3g5nQ2UvY2GdLsLXE0RIscdDYHE0psvsIpEPVq9XqxHTomZEJdNn8bVWVlpY9I2XWdFNtuRfssE_3iR_tosaf2dr1dJNDI6ui5mPu7BUr0BbepLyuFk5FzlEGoZEB2HEbCvAiAI25Huf2YSGu7RxZneIGyn8W_6F_f7JLNJYwAb5Z2nN5O7sCYlGtJnwK-it24sM0lwcisQSJuB0AsRBqjkfJH9A5cg9kfokh9SG33xY2BSIE7Y-HhuQeg5oJiIMacn4j_T3kZW-8rMwi_tNioIjzjQtBHre2wlIKT9BfkQcA2ktrYeTsnMy-DtNvQ9ErFoW2yglqx_2raBthSp7pxKoT3kZgu4UT-uQWmFEYoHijjKdyCSgCFuMm5hLnBqoRUnRLs12gxcwrnlnI2_eFwdVUwg7YsxSdRH-6C3OsVE_nH6PrANjKwNsfUdnXCer7xRjxYli8Bwl1HoJuzmDhRz-Qyc6Y9L8lwJQ5gr66LrIK4PTG9ylu_HzUousBy-kB8NI1O33n6kl0cv_wkJh9IqeReewmw37T2Zb1L79ATcz886Na2q1go9Uoibwh8xlRTYdavo1C0IVlrqbTN9n-uQ5DfNIRC0sK5_8ZqmcV49Y9VpWj1XZ-azY_uqScRkVS0Y5mfmNwkvBvg2xpyXiqNty6r08QSKQyjcKFeYIkTdG4pxr1f4QfUuVNYVksRX7gbNj4MkX1Gif-N5KqZbyLxuecGOAYRzxUzgFAwZQSr7_i9ImVX6RXiyypRDZTeXzZUNguWxcmRW9oyijmdMJoG0v-2-MjCRIex-V2W2jltkApB7wp5wRbAfHQnJF3FPVRzXKd0KPnLx7v7PQPs6zikNVlsOvzl5POt8Al7etg3RRRaONS7l2FrQM2mp-s2gFQm5y-2OA4d5fIUtEifoN6Taym_48Za1n-lyEe_fyxEelGrhRli1NBEt9kb89qP8DESNI51TUFz4qzZZYiePbR7d1H7XqOMPhkpeUX4sHUVncg4jaGW20shier0YVKamQwwpJMraOWAqKCPpkiK-vhMpDqCMXjOsnEGaj4tREsY5cV9Lm6JhYuWonpCviQSGbChhjTOX96z75WfMc&sai=AMfl-YRhZGr5-g8GbOMN27TTspHAlpZ2TWrjTgh_Xa8s_8LTpp8qgZxt2OHCVBnWGv3eTbjJxX6rc9vJeKJ70e007XTcgwju8aymDyUXbhv9jDFwGVZmQ1FisUXTaOSSGt9dSUOryzzZEEECU7THIK7i-GPcw93IYNnyTeNw9rmkKJaisO_0exCFzyikxVHTF4tbNgH71AFRgQOSeyzIQUugkY_40ZQmLb24ZQa4hIYgact1pFci1fUX41VhLn2f4dFW-GBLgiM&sig=Cg0ArKJSzE_OXHJ87f5aEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=329&vt=11&dtpt=169&dett=3&cstd=159&cisv=r20240109.21908&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9185
0
21 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BGSRN4iSkZbLaPPzJ7_UPr8iw0AkAAAAAOAHgBAI&bg=!09Cl0J_NAAaumcC-jpk7ADQBe5WfOEgyNzdjTeoErU5qbuS-JxLeOMjanWJficahLBAN8jLtsG77Mr6c4_ssT8jzdIS3AgAAADFSAAAAAWgBB5kDAeKTrPQOZdrvgu_PrM9SH_uV9PpncBCRHp0oLXKd9E4eZuLUtc_Et64ksxfIEQbGhh9ywvaHvcy1wXxpaUKVGlq8rhJqgXf4kmxO5wSmmt5v5GuMzxHY0l5taxPTCCIYep2dYHDt554FT5B8XGJWJL9UCUBM2X0XY1jwiYtglgbs5CwbBgiXtwGnLhSlnd3tY5zxKMIuvkX6A-9hP7H3Jksl3uL78Q3QrWXwQCkN3Hw6Ob5ievjpBPgKaidq_uxMiSQ3LN9jHn1aZ9HMoFhRzYtdo1xMaZp9pYWm4IReB_nJ6I8fCJ3V1QtSbxKltpkkQUJ821ET2Kws8Yf7bY5Ux8xzTbXQSX1PjZf9HY3Q0QhBXrinIJQ1_pHECnMrlpHt4P9O91nZWHUYKqK2ld1ZzFP-tBicxA4AclYZDc_X-ueX6MR5TEraDetjvrqqUiw1FaH4Oe1DNlsox_MfkZ29XjoDQPBq7UAGG2ARD8duvF6YF41soayjKoWleoiJLq_Na6HSYhH5lEFxmWe4rOSpp070926ub0T9mJFKvgNg7SitV7BGsIrOpxr24T8Sek6mKhqI1we9IBGgpqlHrnVL4NnbbukTtCN-C5pFu6FXQ5Q2dPUd1eJ61YQItpjSbe4-GSa6Py7VJ4bCgH-n5LQadDy0fnurkQ4UyfmgkCv8iC6WxU-ahGBLNOULypaV5bRGAGvgA_GxKUB216j6X9ECXqcUKjtwghcIT0MBSQa-IURC35GVsHcjxGPkjzWWHncihcgR_XftzPzptpwkN_OzDQnPMIzmx9dLziDs1uspnEIXHDnhp9DbmX4BgMp9UbEobxgc-To1sdeZq1DXkTBPnEDSfUltyWniXST46189RcWXZR1LM5_Rt6yFifRVllyAdGv_mrF3-iAsYL2IMDtjWlfGPtNopaCt1MNf9-QV7qeMiKk9m2hDe7isz4_P5RmVE8vRdQRCejk6W1Vr_IHDPZel0sPtk3yxAaqgj11cOd45UIAJhW8TaU5uoNGILIe8bog
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIxLXVnr7dgwMVa1EdCR3FqwIeEAAYACDr7_liOhoIwYOQ3QUQ3aaskscEGPGPmOQDIIiyl-r3EUITCJmv652-3YMDFZLSOwIdQwgOsw;dc_rmcid=CAQSTgAvHhf_WGvgDjfHkv9OFOrbnFoyyIPWjeLOT-LFqbu1-V76_NkgpY3OPaoNsvEnixOGdwo...
ade.googlesyndication.com/ddm/activity/ Frame 9E97
42 B
401 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxLXVnr7dgwMVa1EdCR3FqwIeEAAYACDr7_liOhoIwYOQ3QUQ3aaskscEGPGPmOQDIIiyl-r3EUITCJmv652-3YMDFZLSOwIdQwgOsw;dc_rmcid=CAQSTgAvHhf_WGvgDjfHkv9OFOrbnFoyyIPWjeLOT-LFqbu1-V76_NkgpY3OPaoNsvEnixOGdwot6PnFu0NBunM15HuwlaS33nmbOhznsS4YpBgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf3BOljcjuudvt2DAw;met=1;acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D889718990%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705256163412;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9E97
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CiWe44SSkZdm6ApKl78EPw5C4mAu47NSsdYiyl-r3EfAuEAEgtOPhIGCV-vCBjAegAcSM-sgqyAEFqAMByAObBKoE_wFP0Ke-sjtL-aG0K8BxOWTH0t2u7tHf7pzRQXFjDMLeoRaGX7ELUNHYKifWe64rMqEPjNrwhwob4szDOOlQCvS0RuN6aNsJbRwajIFu29WJEpY6zVzPuL9RtKYAKDqINNcuZQn7NuexkYf-Vd00ZMhtmt8hZ1f0i8j1z8l8B0Aw8OikALRpS19q6kIWFMgVUFM_uM2hLpQ1Pr40M8rhqxp46AY-BunfX2ndSe9Pqk7RHySBo-JDkqhIYyRLpIsi_xkRY6z-FsFKBjLq4fu8foOBRJKbKKMM4HHsUjuN06uug3vA22EFbpCR2WP7bgFiEEt7kHrUN4QqP17W6pIpn8TABN2mrJLHBOAEA4gFzOLz1E2QBgGgBnaAB8TEyqgFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY3I7rnb7dgwOACgHICwHgCwGADAGiDAgqBgoErLqxAqoNAkRFsBPhiP8VyBPxj5jkA9ATANgTCogUDdgUAdAVAfgWAYAXAegXBQ&sigh=zcRmzbJqkr0&label=part2viewed&ad_mt=4&acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D889718990%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705256163412
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9E97
0
65 B
Image
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst9kn7CUnc9Zy6Q5n3vJU6MurEd2PSeCIhnSZWrz3nKpl5MrikeBiCFB-zwrxBql5v4UxwpA1S1K--ZXYPfKciltG4khNti_x61O6PlW6lh13R8x25_vx29MsK7cMQEZxjTlrVMDch3UvVIAjJQv8gHO3tkd1e7fDhaWWj6n7X6bbgwhy1hU5dmbLqmliuVNltmUxK-sfBhAYp-V4y7yLLxI_xlZHqa3ZdnCDPmoVYgUs74L-h1I7CaYMRrAIn8aIQt2Gy9EeJG7VSSnKb7L23PvEDug9EvrMAim0e0i7wP7amM4vp0xnSkkuMA0ltpY-VwNiBl-zmHmHM_R_VxjP3WptKM4LW7qPe77RA7ofmZqwUqRD8K6vJfhZU9CqJj-niPWmB79Gxb2SpMpCyPEt-ZOUEshXiw-wVcc9H6p-Q7jy-uKuP8xcZjaA34iZRTlkMSBRMtPlL4FF2bK6zr0ZqskgANZMvLnDCm3OguUItTHbC8fS77PgQrzU1eTQOKNt8FHVwV5zZ5CVD9QFOuwA1tz0lbCoL4DvWKPQDEwLwmfs6CIzwUC0vGNEQ8ilqLizwwNGgFUx0EoAG74dSx2vMfmOEeMsBgPIZ-1L4wrTIMmCfhqTywiOQjfsKkcwEwQI7kjCrUPGiVBEJU68mbpK7P1OxbACan8y1-UJp6P9x9oSmivx0q55tjZ9y7FjlNhdoO56Z0Hw-o6njUk7XsMkZE4IoiFECiNVk0ySZFr9UvO0GFkQWS2K2d3mTPME45Fi71rC5g20oSy0a3WqEH9aHMvvPtGQt1V9Frp1m2mh42jYEP1bND0bYqdndwlZJ6hT0Q_bo4guryomsAi_1UV6NJJr9n7IsCwc9IzpOePyJmbXgaSAVc4i_ELZRRUiBp6jKvwpmbSMR4uAgdOK5NbzLwvI79fWoAN5R75p7TNv_bqow2cEZclt0cHG97BhsYkx5RvyRqAOiy74C9sHo8-Lpx3Xw_KAV4poUFutYHNfbmUuH5e2r5kpfmLWy6mAok6LigFQSv34_E6QXEZraQ0xXceY3egAEqmy7crkZrydA1x9TBU6369zBJ7sMn1QeR4bRphk-ztmdtfziGyrvbSOuAs4QjulrTFiKclTVRhfTrRhujveEFljWLxXTJMpZCRx8NgoGfG5-xvAHnAFPynrJsU2BLWKggEuMgtcCh3j1EBmc3WO-Jzs0_vEryCjIhaJmmC9Uevth5CcPuNTXUX4zKPDxlPoUXqLq5q5dq8vWg5zaoIyJ19qRZO4-cHBs7RA78neBjGdDJ3pXTljSwrlEOrkSX5KFNVMio6_d4098xOZ8l6CYsgA&sai=AMfl-YRtk18qTSquc4NPukcoYKwl4zmE6qCPBiV9sflPtVkuYukaWZNI5yKYvRrwj21reLJXf6egbvupdPWt2c2QnhaFW0MrP_zv5OL__A-1L8jdCzbm-N9iIdKqqgkcv3mYSoqifXtZDCMHBagePCmgyLi50ngXb6AB5U7X7pnj2ENdpjjaD4zpq2yIypCo4DqyIyaJL7RRySP0ru7fywZ5wlBLhNIr0Q09sRfa3uMTE2Lnubdvk2qvzC4KNZRMXk9cMgCIFKK-sXUWviOTfJeKrtrK7piQ4aa21kmGN5MhaDz4GkWsoTm5i0wt3wqW7Xbp&sig=Cg0ArKJSzKV35ltF_XsZEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 14 Jan 2024 18:16:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dvbm.js
cdn.doubleverify.com/ Frame 9E97
62 KB
62 KB
Image
General
Full URL
https://cdn.doubleverify.com/dvbm.js
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9::210:ee04 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 18:16:03 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 Jan 2024 14:35:10 GMT
Server
UploadServer
ETag
"f842e7a3239ba7510c8acd04a6fe1edb"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
104510
Expires
Sun, 14 Jan 2024 18:31:03 GMT
B31192665.384682164;dc_pre=CJqX_p6-3YMDFVnsEQgdrlYPDA;dc_trk_aid=575330678;dc_trk_cid=206909196;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_...
ad.doubleclick.net/ddm/trackimpj/N5788.456584WPPXAXISLLC/ Frame 9E97
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimpj/N5788.456584WPPXAXISLLC/B31192665.384682164;dc_trk_aid=575330678;dc_trk_cid=206909196;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
  • https://ad.doubleclick.net/ddm/trackimpj/N5788.456584WPPXAXISLLC/B31192665.384682164;dc_pre=CJqX_p6-3YMDFVnsEQgdrlYPDA;dc_trk_aid=575330678;dc_trk_cid=206909196;ord=[timestamp];dc_lat=;dc_rdid=;tag...
17 KB
17 KB
Image
General
Full URL
https://ad.doubleclick.net/ddm/trackimpj/N5788.456584WPPXAXISLLC/B31192665.384682164;dc_pre=CJqX_p6-3YMDFVnsEQgdrlYPDA;dc_trk_aid=575330678;dc_trk_cid=206909196;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H2
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12815
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimpj/N5788.456584WPPXAXISLLC/B31192665.384682164;dc_pre=CJqX_p6-3YMDFVnsEQgdrlYPDA;dc_trk_aid=575330678;dc_trk_cid=206909196;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9E97
0
16 B
Image
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNaySBDBg5DdBRje2cSCAiABMAE&v=APEucNWzzkEEtEvAImgz3IjjYq7-pvUzDWoqJ-eLVCMZlIsxmO97jssp22F250Pd5EE_PgaAwpHBKWYDduYtBr2K9E-9qGL20g
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:03 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E97
0
21 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9E97
42 B
65 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9WJPpMonHrLiMHaDYXpltatkOi0odmIAqP1PilkMyYog9YhKvvY1SmJsH4idhjQWGZX2ytOMp0jrucWK90xdS4y8j-NakSWXshv0En6NFZgPvR8G9TU7IE-u7EcwCsCaV5cEglhaKlPCQEEypc0392iil&sai=AMfl-YRMKMdeTrsLOM3eyuPCD9c3wXz_Q_WuLOtf3PLKpoJ6lWVXLgrPEohe67K_BKJKPF7z2TOChyWGxaowlH7_BjbtW229jIWtSqaul_bqCHRcZvQUBS-LyQkCFOQnxY7qxwkaDR25JaabvPZGqv-4&sig=Cg0ArKJSzMD0KaxHDXflEAE&cid=CAQSTgAvHhf_WGvgDjfHkv9OFOrbnFoyyIPWjeLOT-LFqbu1-V76_NkgpY3OPaoNsvEnixOGdwot6PnFu0NBunM15HuwlaS33nmbOhznsS4YpBgB&id=lidarv&acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D889718990%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705256163412&avm=1
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9E97
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CiWe44SSkZdm6ApKl78EPw5C4mAu47NSsdYiyl-r3EfAuEAEgtOPhIGCV-vCBjAegAcSM-sgqyAEFqAMByAObBKoE_wFP0Ke-sjtL-aG0K8BxOWTH0t2u7tHf7pzRQXFjDMLeoRaGX7ELUNHYKifWe64rMqEPjNrwhwob4szDOOlQCvS0RuN6aNsJbRwajIFu29WJEpY6zVzPuL9RtKYAKDqINNcuZQn7NuexkYf-Vd00ZMhtmt8hZ1f0i8j1z8l8B0Aw8OikALRpS19q6kIWFMgVUFM_uM2hLpQ1Pr40M8rhqxp46AY-BunfX2ndSe9Pqk7RHySBo-JDkqhIYyRLpIsi_xkRY6z-FsFKBjLq4fu8foOBRJKbKKMM4HHsUjuN06uug3vA22EFbpCR2WP7bgFiEEt7kHrUN4QqP17W6pIpn8TABN2mrJLHBOAEA4gFzOLz1E2QBgGgBnaAB8TEyqgFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY3I7rnb7dgwOACgHICwHgCwGADAGiDAgqBgoErLqxAqoNAkRFsBPhiP8VyBPxj5jkA9ATANgTCogUDdgUAdAVAfgWAYAXAegXBQ&sigh=zcRmzbJqkr0&label=vast_creativeview&ad_mt=4&acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D889718990%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1705256163412
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 9E97
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lrdtho9y&c=8697265768615&slotId=4348632884307.5&qqid=CJmv652-3YMDFZLSOwIdQwgOsw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1992&mt=video%2Fmp4&vs=1280x720&dm=15000&ple=0&umsem=0&event_name=first_play&asset_bytes=199438&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.1v8~ff.1vi~videopreviewstarted.1vk
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame 84FE
0
327 B
Document
General
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=36318900125401704444550012569005&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=6c236eb702&subid=&uid=94eb1722cd5ff90c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDyUz4iSkZajVDvycs8IPxPiByAym5b2gaYWVnKfJD_AuEAEgtOPhIGCV-vCBjAfIAQmpApxeTIt2X7I-qAMByAObBKoE7QFP0Dsvck8tgO_ccsQLcH-x3eSzDicwKYuPGCF9WjGI8CTB3oav5ndnnY2QaRc9ml-oyoTGKG_7ILPXM055kdB9oCUrs108NTFnVKEZ9LQ2eh14OoiSjnRCcdQtdXmagXTqjDmKL4ikd7hzkQJcYGVvst-dxrwVbY4nyx0_BYOSaDykSacdUmQGYbqzFFbxUrZN5KWYXuwLOGKGKaNxjGPYxfKRd7nOcIRZU3nN1DPiP2SUi6FSLeUDhQPIK6Rh-bgmJ4JUZT3SLPj6W0I_Vqqhrm6xAuFTyI-3vB4Xn3myciERKb7EaxjOF7IS0_7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjdCrnr7dgwOACgGYCwHICwGADAGiDAgqBgoErLqxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_ksZhkVpSmpsik6z0LBa_dao55qDxOUr9dDagFK1wHghqxE0PHDu5jU78aExXlB-xCIwkJxRKtBgB%26sig%3DAOD64_2YHgLraYdsQbK0nnYpqfx-jGFTFg%26client%3Dca-pub-6733749933508436%26dbm_c%3DAKAmf-AlTJ_bh4XMGLOc1mDF1VZV67OnH9TcigqTlZyhPIVV8jAw41glx_OGxpmiapNmuWVd-T5cNa8BkqzvFDNk_MT0APjNO4COmOpuihV87uTk5YqgrqOQlY168elMqlq8GBL305TecPMZG0u6RGl8SKBh3OPBRProAtb3HmVdLKFBESzaPQ8%26cry%3D1%26dbm_d%3DAKAmf-BYkj8HBKo3li_W721C67ykUa5JckPLdFS4DqSbJSPgcB9MTMieJkeuTyPoPzeIVnWTUtyUgpggnD5TFbzaypRvP_6j3AV3LbwYS-a2PdT6tXFxhdHlTmlX01kfM4KcZdG8a0Ez3qEPiklA2ifPQRuw1cpZBm01UtVBviwIdm4ds9lLlp6rF1xgmtv--KYWTy-luBELFrX2rR8xbS42hfcjAYd42ax7PgRq44j8RxdG1TlOxoxvsOg2CYwaB5niS92m7wExUG31pETPMpIFJxV_7wMqLKWxnBHjhoE_SWQ1VzS7QoCLzGY7usRR2DIvXgz7ujFiNU10X85L_p4y_NEpfoc4HS3crvtA8owL_RdQ6N5B8fAiZNS0CDsCgjiascy0Xm_JvKhaX1kkl6MGeS-kvj4a5-dA2feJsXOcn-zOVKTq_zUcvhiw3gEX9aDWgn8bOk0_7uC_g4xAZEMzwTkXCUQgcTzGRqjZPTO1XLJ9vkZMb-gKu0PyP_bTRAYAGkImHmVbdO4mg3SHoK9unKwZuzro6rAGQ6Fw0wThUvL47ocSLOTrX3u5WUaUtWomrmc9UWsK%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6733749933508436%26output%3Dhtml%26h%3D90%26adk%3D2743202993%26adf%3D54630664%26pi%3Dt.aa~a.1182920990~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1705256162%26rafmt%3D1%26to%3Dqs%26pwprc%3D7020666917%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fwww.drawturk.com%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705256162041%26bpp%3D1%26bdt%3D1738%26idt%3D0%26shv%3Dr20240109%26mjsv%3Dm202401080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dae7c977102fab147%253AT%253D1705256161%253ART%253D1705256161%253AS%253DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw%26gpic%3DUID%253D00000d4180fa3c8a%253AT%253D1705256161%253ART%253D1705256161%253AS%253DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA%26prev_fmts%3D1140x280%252C1140x280%252C0x0%252C1140x90%26nras%3D3%26correlator%3D1487000310486%26frm%3D20%26pv%3D1%26ga_vid%3D1196123050.1705256161%26ga_sid%3D1705256161%26ga_hid%3D2056863352%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D2763%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C95320239%252C31079965%252C44807406%252C95321957%252C95320870%252C95320893%252C95321626%26oid%3D2%26psts%3DAOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%252CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma%26pvsid%3D3654893573096511%26tmod%3D885729798%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26dtd%3D8&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.drawturk.com&random=984957035754&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Sun, 14 Jan 2024 18:16:03 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
vary
Origin
/
adv.office-partner.de/ Frame C2B8
930 B
923 B
Document
General
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=6c236eb702&subid=&uid=94eb1722cd5ff90c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDyUz4iSkZajVDvycs8IPxPiByAym5b2gaYWVnKfJD_AuEAEgtOPhIGCV-vCBjAfIAQmpApxeTIt2X7I-qAMByAObBKoE7QFP0Dsvck8tgO_ccsQLcH-x3eSzDicwKYuPGCF9WjGI8CTB3oav5ndnnY2QaRc9ml-oyoTGKG_7ILPXM055kdB9oCUrs108NTFnVKEZ9LQ2eh14OoiSjnRCcdQtdXmagXTqjDmKL4ikd7hzkQJcYGVvst-dxrwVbY4nyx0_BYOSaDykSacdUmQGYbqzFFbxUrZN5KWYXuwLOGKGKaNxjGPYxfKRd7nOcIRZU3nN1DPiP2SUi6FSLeUDhQPIK6Rh-bgmJ4JUZT3SLPj6W0I_Vqqhrm6xAuFTyI-3vB4Xn3myciERKb7EaxjOF7IS0_7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjdCrnr7dgwOACgGYCwHICwGADAGiDAgqBgoErLqxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_ksZhkVpSmpsik6z0LBa_dao55qDxOUr9dDagFK1wHghqxE0PHDu5jU78aExXlB-xCIwkJxRKtBgB%26sig%3DAOD64_2YHgLraYdsQbK0nnYpqfx-jGFTFg%26client%3Dca-pub-6733749933508436%26dbm_c%3DAKAmf-AlTJ_bh4XMGLOc1mDF1VZV67OnH9TcigqTlZyhPIVV8jAw41glx_OGxpmiapNmuWVd-T5cNa8BkqzvFDNk_MT0APjNO4COmOpuihV87uTk5YqgrqOQlY168elMqlq8GBL305TecPMZG0u6RGl8SKBh3OPBRProAtb3HmVdLKFBESzaPQ8%26cry%3D1%26dbm_d%3DAKAmf-BYkj8HBKo3li_W721C67ykUa5JckPLdFS4DqSbJSPgcB9MTMieJkeuTyPoPzeIVnWTUtyUgpggnD5TFbzaypRvP_6j3AV3LbwYS-a2PdT6tXFxhdHlTmlX01kfM4KcZdG8a0Ez3qEPiklA2ifPQRuw1cpZBm01UtVBviwIdm4ds9lLlp6rF1xgmtv--KYWTy-luBELFrX2rR8xbS42hfcjAYd42ax7PgRq44j8RxdG1TlOxoxvsOg2CYwaB5niS92m7wExUG31pETPMpIFJxV_7wMqLKWxnBHjhoE_SWQ1VzS7QoCLzGY7usRR2DIvXgz7ujFiNU10X85L_p4y_NEpfoc4HS3crvtA8owL_RdQ6N5B8fAiZNS0CDsCgjiascy0Xm_JvKhaX1kkl6MGeS-kvj4a5-dA2feJsXOcn-zOVKTq_zUcvhiw3gEX9aDWgn8bOk0_7uC_g4xAZEMzwTkXCUQgcTzGRqjZPTO1XLJ9vkZMb-gKu0PyP_bTRAYAGkImHmVbdO4mg3SHoK9unKwZuzro6rAGQ6Fw0wThUvL47ocSLOTrX3u5WUaUtWomrmc9UWsK%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6733749933508436%26output%3Dhtml%26h%3D90%26adk%3D2743202993%26adf%3D54630664%26pi%3Dt.aa~a.1182920990~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1705256162%26rafmt%3D1%26to%3Dqs%26pwprc%3D7020666917%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fwww.drawturk.com%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705256162041%26bpp%3D1%26bdt%3D1738%26idt%3D0%26shv%3Dr20240109%26mjsv%3Dm202401080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dae7c977102fab147%253AT%253D1705256161%253ART%253D1705256161%253AS%253DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw%26gpic%3DUID%253D00000d4180fa3c8a%253AT%253D1705256161%253ART%253D1705256161%253AS%253DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA%26prev_fmts%3D1140x280%252C1140x280%252C0x0%252C1140x90%26nras%3D3%26correlator%3D1487000310486%26frm%3D20%26pv%3D1%26ga_vid%3D1196123050.1705256161%26ga_sid%3D1705256161%26ga_hid%3D2056863352%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D2763%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C95320239%252C31079965%252C44807406%252C95321957%252C95320870%252C95320893%252C95321626%26oid%3D2%26psts%3DAOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%252CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma%26pvsid%3D3654893573096511%26tmod%3D885729798%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26dtd%3D8&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.drawturk.com&random=984957035754&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Sun, 14 Jan 2024 18:16:03 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Sun, 21 Jan 2024 18:16:03 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
link.html
track.webgains.com/ Frame B5B1
2 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=36318900125401704444550012569005&nw=1
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.201.144 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-201-144.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e12afab6cc95ed70a4e63c7eb10a614074bfc2af0ffc37981c4e6b4d913a8833

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:03 GMT
last-modified
Sun, 14 Jan 2024 18:16:03 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sun, 14 Jan 2024 18:17:03 GMT
activityi;dc_pre=CImkjZ--3YMDFRTLOwIdhuoDAw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4434435397794.641
5994599.fls.doubleclick.net/ Frame 7267
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4434435397794.641?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CImkjZ--3YMDFRTLOwIdhuoDAw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4434435397794.641?
391 B
325 B
Document
General
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CImkjZ--3YMDFRTLOwIdhuoDAw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4434435397794.641?
Requested by
Host: www.drawturk.com
URL: https://www.drawturk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
7ca01bddb37a2537ecae92e08a810134351d1f8632a3a9138f378ed0f5f8d23b
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
216
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 18:16:03 GMT
expires
Sun, 14 Jan 2024 18:16:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 18:16:03 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CImkjZ--3YMDFRTLOwIdhuoDAw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4434435397794.641?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal90005.redintelligence.net/ Frame 4021
7 KB
2 KB
Document
General
Full URL
https://hal90005.redintelligence.net/request_content.php?s=36318900125401704444550012569005&a=888dd40e
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=6c236eb702&subid=&uid=94eb1722cd5ff90c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDyUz4iSkZajVDvycs8IPxPiByAym5b2gaYWVnKfJD_AuEAEgtOPhIGCV-vCBjAfIAQmpApxeTIt2X7I-qAMByAObBKoE7QFP0Dsvck8tgO_ccsQLcH-x3eSzDicwKYuPGCF9WjGI8CTB3oav5ndnnY2QaRc9ml-oyoTGKG_7ILPXM055kdB9oCUrs108NTFnVKEZ9LQ2eh14OoiSjnRCcdQtdXmagXTqjDmKL4ikd7hzkQJcYGVvst-dxrwVbY4nyx0_BYOSaDykSacdUmQGYbqzFFbxUrZN5KWYXuwLOGKGKaNxjGPYxfKRd7nOcIRZU3nN1DPiP2SUi6FSLeUDhQPIK6Rh-bgmJ4JUZT3SLPj6W0I_Vqqhrm6xAuFTyI-3vB4Xn3myciERKb7EaxjOF7IS0_7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjdCrnr7dgwOACgGYCwHICwGADAGiDAgqBgoErLqxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_ksZhkVpSmpsik6z0LBa_dao55qDxOUr9dDagFK1wHghqxE0PHDu5jU78aExXlB-xCIwkJxRKtBgB%26sig%3DAOD64_2YHgLraYdsQbK0nnYpqfx-jGFTFg%26client%3Dca-pub-6733749933508436%26dbm_c%3DAKAmf-AlTJ_bh4XMGLOc1mDF1VZV67OnH9TcigqTlZyhPIVV8jAw41glx_OGxpmiapNmuWVd-T5cNa8BkqzvFDNk_MT0APjNO4COmOpuihV87uTk5YqgrqOQlY168elMqlq8GBL305TecPMZG0u6RGl8SKBh3OPBRProAtb3HmVdLKFBESzaPQ8%26cry%3D1%26dbm_d%3DAKAmf-BYkj8HBKo3li_W721C67ykUa5JckPLdFS4DqSbJSPgcB9MTMieJkeuTyPoPzeIVnWTUtyUgpggnD5TFbzaypRvP_6j3AV3LbwYS-a2PdT6tXFxhdHlTmlX01kfM4KcZdG8a0Ez3qEPiklA2ifPQRuw1cpZBm01UtVBviwIdm4ds9lLlp6rF1xgmtv--KYWTy-luBELFrX2rR8xbS42hfcjAYd42ax7PgRq44j8RxdG1TlOxoxvsOg2CYwaB5niS92m7wExUG31pETPMpIFJxV_7wMqLKWxnBHjhoE_SWQ1VzS7QoCLzGY7usRR2DIvXgz7ujFiNU10X85L_p4y_NEpfoc4HS3crvtA8owL_RdQ6N5B8fAiZNS0CDsCgjiascy0Xm_JvKhaX1kkl6MGeS-kvj4a5-dA2feJsXOcn-zOVKTq_zUcvhiw3gEX9aDWgn8bOk0_7uC_g4xAZEMzwTkXCUQgcTzGRqjZPTO1XLJ9vkZMb-gKu0PyP_bTRAYAGkImHmVbdO4mg3SHoK9unKwZuzro6rAGQ6Fw0wThUvL47ocSLOTrX3u5WUaUtWomrmc9UWsK%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6733749933508436%26output%3Dhtml%26h%3D90%26adk%3D2743202993%26adf%3D54630664%26pi%3Dt.aa~a.1182920990~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1705256162%26rafmt%3D1%26to%3Dqs%26pwprc%3D7020666917%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fwww.drawturk.com%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705256162041%26bpp%3D1%26bdt%3D1738%26idt%3D0%26shv%3Dr20240109%26mjsv%3Dm202401080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dae7c977102fab147%253AT%253D1705256161%253ART%253D1705256161%253AS%253DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw%26gpic%3DUID%253D00000d4180fa3c8a%253AT%253D1705256161%253ART%253D1705256161%253AS%253DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA%26prev_fmts%3D1140x280%252C1140x280%252C0x0%252C1140x90%26nras%3D3%26correlator%3D1487000310486%26frm%3D20%26pv%3D1%26ga_vid%3D1196123050.1705256161%26ga_sid%3D1705256161%26ga_hid%3D2056863352%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D2763%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C95320239%252C31079965%252C44807406%252C95321957%252C95320870%252C95320893%252C95321626%26oid%3D2%26psts%3DAOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%252CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma%26pvsid%3D3654893573096511%26tmod%3D885729798%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26dtd%3D8&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.drawturk.com&random=984957035754&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
44ed13a18fcd11981efe7c38b0cc786e2cec80aa5b42af17d0e43a9085767d2e

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2098
Content-Type
text/html; charset=utf-8
Date
Sun, 14 Jan 2024 18:16:03 GMT
Expires
Sun, 14 Jan 2024 18:16:03 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame B5B1
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=36318900125401704444550012569005&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=36318900125401704444550012569005&t=htlp&gdpr=1&consent=1&gdpr_consent=
43 B
360 B
Image
General
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=36318900125401704444550012569005&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Protocol
H2
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:03 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=36318900125401704444550012569005&t=htlp&gdpr=1&consent=1&gdpr_consent=
date
Sun, 14 Jan 2024 18:16:03 GMT
server
nginx
content-length
138
content-type
text/html
cshow.php
www.awin1.com/ Frame B5B1
43 B
703 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=36318900125401704444550012569005&pv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.250.178 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-250-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Jan 2024 18:16:03 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F7C2
1 KB
644 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
32553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Mon, 15 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B5B1
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e3abf6ba1b76e4a6e148a9f9136bed777fcbab2889e69f9d1cf77ca1b5c71de

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame F7C2
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENn-t_LgSAMKF2kEcVCyQhU&google_cver=1&google_push=AXcoOmTwsJGmOuWXvCLS-M781iroo93h1Q7psLp_CSV-Yl7k16sxCi-NP9...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTwsJGmOuWXvCLS-M781iroo93h1Q7psLp_CSV-Yl7k16sxCi-NP93auCVH8_eEUGK-BN_6SwoXRzg9QyyvA90_b-75K8bRdIo&google_hm=oyxCf9QxL...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTwsJGmOuWXvCLS-M781iroo93h1Q7psLp_CSV-Yl7k16sxCi-NP93auCVH8_eEUGK-BN_6SwoXRzg9QyyvA90_b-75K8bRdIo&google_hm=oyxCf9QxL76KeTWS5Fv_RA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTwsJGmOuWXvCLS-M781iroo93h1Q7psLp_CSV-Yl7k16sxCi-NP93auCVH8_eEUGK-BN_6SwoXRzg9QyyvA90_b-75K8bRdIo&google_hm=oyxCf9QxL76KeTWS5Fv_RA
pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame F7C2
0
104 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIhuMlpk_poMrXsWgREA6jo&google_cver=1&google_push=AXcoOmTAChktaSDSmRLoNNuoExZ_96Q-yYGv92yifOFqsleuOnQXs3a56qvWk8XCVGhdQWYGWBnle3D7HIOBeJt6dseiDGf1o6PXmA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame F7C2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEWT_WzFFfvaBj-3ZacgcZM&google_push=AXcoOmRqRUo5v6uwzc9tV5rGcSRA1RBDgsBZjXCaA7H8jvtsuEQMWr44Fw...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEWT_WzFFfvaBj-3ZacgcZM&google_push=AXcoOmRqRUo5v6uwzc9tV5rGcSRA1RBDgsBZjXCaA7H8jvtsuEQMWr44Fw7TKfx3gszv0EJbkxjTlAHdwkoUr7iIiQzzKQvUB5RFbgM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-etou8220058-FRA
pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1705256164.696826,VS0,VE98
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEWT_WzFFfvaBj-3ZacgcZM&google_push=AXcoOmRqRUo5v6uwzc9tV5rGcSRA1RBDgsBZjXCaA7H8jvtsuEQMWr44Fw7TKfx3gszv0EJbkxjTlAHdwkoUr7iIiQzzKQvUB5RFbgM
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame F7C2
70 B
149 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGAD2y0ke_KINhlEXupRQt0&google_cver=1&google_push=AXcoOmS2eXj0TxSNCa--ua1G0AX0lTFzAgG7o5XOf8XnvxWDt47MDDjJAalRt_NUAhKn-LX7fwKtMwkrCB-oBPXEM8pJxsLHizjhmOA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:03 GMT
server
Kestrel
content-length
70
content-type
image/gif
usersync.aspx
dis.criteo.com/dis/ Frame F7C2
43 B
362 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRXEeSyiuUpni9Pqh06M8Plvjy7XquojwXsEuCgSDCVyaLSNGTwOAQWGxvPqP_HtkhpjUNqfWQo9CCUTlgp3HuMTpnlyfVB_TI&google_gid=CAESENEKMJgJcykIS5P-kPBmiLs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
247206
expires
Sun, 14 Jan 2024 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F7C2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDUA4KWxjBQ-5lwNT_Q36Mo&google_cver=1&google_push=AXcoOmTlXxVP1xjhDe4McrXvwliaZZUBoPnWQIDMOzRE6FfgzyrdJJ_xCOwGZ1MsGOjiJHqVD05BWFQn...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDUA4KWxjBQ-5lwNT_Q36Mo&google_cver=1&google_push=AXcoOmTlXxVP1xjhDe4McrXvwliaZZUBoPnWQIDMOzRE6FfgzyrdJJ_xCOwGZ1MsGOjiJHqVD05...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQxMDcyODI3MjIwMzIzMDg5NA&google_push=AXcoOmTlXxVP1xjhDe4McrXvwliaZZUBoPnWQIDMOzRE6FfgzyrdJJ_xCOwGZ1MsGOjiJHqVD05BWF...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQxMDcyODI3MjIwMzIzMDg5NA&google_push=AXcoOmTlXxVP1xjhDe4McrXvwliaZZUBoPnWQIDMOzRE6FfgzyrdJJ_xCOwGZ1MsGOjiJHqVD05BWFQnIGBNvzLUQis8uqpTE26mbg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQxMDcyODI3MjIwMzIzMDg5NA&google_push=AXcoOmTlXxVP1xjhDe4McrXvwliaZZUBoPnWQIDMOzRE6FfgzyrdJJ_xCOwGZ1MsGOjiJHqVD05BWFQnIGBNvzLUQis8uqpTE26mbg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
report
sync.teads.tv/um/ Frame F7C2
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBACmIB_CXsb...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRrgFwgXX2IM7t6_fNjVJc4l3dsPNebXFXbMAf915bC5hK4C6r9DSB74Am7tV8QWBUoJfwI1_g1YIQWpHWk4lbfOaO-BfqiIy5W
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 14 Jan 2024 18:16:03 GMT
pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame F7C2
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JT2jNTZ5bMcGxazxsm29JBrr7ZLj2vpk0Zb-eDHZ1m325KKLF67VfV9-0cRZVDUyX3jZwZ1w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
css
fonts.googleapis.com/ Frame 4021
2 KB
434 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=36318900125401704444550012569005&a=888dd40e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Jan 2024 18:16:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 18:11:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Jan 2024 18:16:03 GMT
/
hal9000.redintelligence.net/scale/ Frame 4021
17 KB
17 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=36318900125401704444550012569005&a=888dd40e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.9.70.69.159.clients.your-server.de
Software
Apache /
Resource Hash
6811c836f6d70f34f4445cb9e839ff301ee54f1102fcba06ef131ad5551e5788

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 18:16:03 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16985
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 4021
16 KB
16 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=36318900125401704444550012569005&a=888dd40e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.9.70.69.159.clients.your-server.de
Software
Apache /
Resource Hash
49220ddf9ab024b1f7ed5acac9d2eedef0df2c856e39b32ec70e17163ea421d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 18:16:03 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16513
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 4021
17 KB
17 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=36318900125401704444550012569005&a=888dd40e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.9.70.69.159.clients.your-server.de
Software
Apache /
Resource Hash
3fd779a6875172c4c36e512a3d14fc7c03f3f05f7eb632e284f5f691a8c3ee50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 18:16:03 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16799
Vary
Accept-Encoding
Content-Type
image/png
gtm.js
www.googletagmanager.com/ Frame C2B8
177 KB
63 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d719896ac200872f531043728d5e14302df3019a4c0a8f2b4223f9a92fcbfe7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64569
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 14 Jan 2024 18:16:03 GMT
viewability
hal90005.redintelligence.net/ Frame 4021
0
150 B
Script
General
Full URL
https://hal90005.redintelligence.net/viewability?s=36318900125401704444550012569005&a=5b514b3e&vb=m
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=36318900125401704444550012569005&a=888dd40e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90005.redintelligence.net/request_content.php?s=36318900125401704444550012569005&a=888dd40e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 18:16:03 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
pvClk.min.js
analytics.webgains.io/ Frame B5B1
54 KB
19 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=36318900125401704444550012569005&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-129.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:24:12 GMT
content-encoding
gzip
via
1.1 9463f100725b8b17da2d778617835760.cloudfront.net (CloudFront)
last-modified
Thu, 11 Jan 2024 16:01:13 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
6712
x-amz-server-side-encryption
AES256
etag
W/"1885e2f5560c2347761a6db4984ea717"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
E5qvnGyoZdVLBRJ6T1sQw9MVn-HQXXBqh2p9tMt5mn248-v-zq5nJg==
1x1_0.png
cdn.track.production.webgains.team/7121/ Frame B5B1
3 KB
3 KB
Image
General
Full URL
https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1705256463&Signature=En6BnS3vxfXtJjVYpK9P-iwmCwlLV53chQAZEBNVKLVDPwVPikpvz17EvoO5SYwmRB-VB5JRMROswXpfHzfWsq0n32evVCzQ9HJz4~DuvJfLtW0UXy8UnmsgW5RDT22mXk0dHWxgSFkZrKqvyAlsF47b1zrNi4Gbf3LVynnnC5YQpkzHraJe8Qi0mq6i3ucETd8xS1FcCxB16Dv95bg3m-RgmSOSP3475lucGh7Bj3hk60PK0xhfgxPuCSz5IVlTthghDukw6K3scoeENFG76BuU-KVYWkU4AOZ~jy8RIsD9JZeOzYtSEkJ87AQPuqG-PlOEwasxBogJHhTXI0eXow__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6733749933508436&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705256162&rafmt=1&to=qs&pwprc=7020666917&format=1200x90&url=https%3A%2F%2Fwww.drawturk.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705256162041&bpp=1&bdt=1738&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae7c977102fab147%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw&gpic=UID%3D00000d4180fa3c8a%3AT%3D1705256161%3ART%3D1705256161%3AS%3DALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA&prev_fmts=1140x280%2C1140x280%2C0x0%2C1140x90&nras=3&correlator=1487000310486&frm=20&pv=1&ga_vid=1196123050.1705256161&ga_sid=1705256161&ga_hid=2056863352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&oid=2&psts=AOrYGsmuHpI9eBKuyFDaZxqROGnWW7MT8ePyJpFww2X10xHvcYGmsxEY00I2wm9InfgaXsnb3AGlmF6s2ffn5rVkXIz6IA%2CAOrYGslg5HAisdJQDY5s4VQu7PeCbrKRQpfe29pH1eaD8MP-3WvXC4mQGhxsfFH_7aIZH9MeOUnkIabKZ3P76euS39Z08hma&pvsid=3654893573096511&tmod=885729798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-52.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 14 Jan 2024 09:14:49 GMT
via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
32476
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
lKemIUS-BO1nUNBVnN-VcnudKGG8sXkWVOfheWd-A5gz3U-TduW-mw==
js
www.googletagmanager.com/gtag/ Frame C2B8
276 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7b2b705b4a538f8c79b51d13d4f85f0703fb8e59d00ef643dea8f459ff60db25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93442
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 14 Jan 2024 18:16:03 GMT
dc_pre=CImkjZ--3YMDFRTLOwIdhuoDAw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4434435397794.641
adservice.google.com/ddm/fls/z/ Frame 7267
42 B
401 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CImkjZ--3YMDFRTLOwIdhuoDAw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4434435397794.641
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CImkjZ--3YMDFRTLOwIdhuoDAw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4434435397794.641?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 9E97
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lrdthopr&c=8697265768615&slotId=4348632884307.5&qqid=CJmv652-3YMDFZLSOwIdQwgOsw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1992&mt=video%2Fmp4&vs=1280x720&dm=15000&met.4=vfl.24j
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1992
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu42S8NktOwZ5m_eZN_d4uYWId_dFSpeckXt0Nm8iqS8_37X6SH3FB2KCJL5_582Gy_hW87nPDTr7VphH7T_inj3mtit6XnBm7cmMTLmBAnUBHQzxyKNrSdjRoz7FKhpvG19jmI0Vns5L5Wt3_wmZ0XR5Eq&sai=AMfl-YQgwyf-P3YGE4JpeGn9bMWgSTB0M1XLiHac9yuvF5fuvs8hAI-JtbdgO_P1ZLFhuzjEqcyi5bYjjcqOm7i10rfUupv2dIAAXlV7ni1CXZL4JfrG0FDGlwx-tRDMWmB-RU8V-3wrmn5wZt9v4MKY&sig=Cg0ArKJSzOHZvEtANGqbEAE&cid=CAQSTgAvHhf_WGvgDjfHkv9OFOrbnFoyyIPWjeLOT-LFqbu1-V76_NkgpY3OPaoNsvEnixOGdwot6PnFu0NBunM15HuwlaS33nmbOhznsS4YpBgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705256162242&rpt=661&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6733749933508436&plah=www.drawturk.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0d6304c8399f0461875914c45211db4458ab12925e1d30fbd99d8236b372ffa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12370
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6733749933508436&plah=www.drawturk.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 Jan 2024 18:16:04 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 96A2
0
21 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6352867400338&version=m202309260101&ct=119&x=1&cor=12945024212118772000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B14E
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.drawturk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
79282
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 20:14:42 GMT
expires
Sun, 12 Jan 2025 20:14:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 103F
829 B
559 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
48f1658e9364b456e998e1141ff3c0959a9d9c69a1d2ffca3a67c54975cb020e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9UtsJhYyYPDt21ziwi8XsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.drawturk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-9UtsJhYyYPDt21ziwi8XsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 18:16:04 GMT
expires
Sun, 14 Jan 2024 18:16:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame B14E
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 16:19:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
93380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 12 Jan 2025 16:19:44 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 103F
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=3654893573096511&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame B14E
0
11 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?HrSF4g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:16:04 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tracking-event
api.webgains.io/ Frame B5B1
16 B
209 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.80.79 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 14 Jan 2024 18:16:04 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.80.79 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sun, 14 Jan 2024 18:16:04 GMT
server
nginx
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=3654893573096511&bg=!ERKlEl3NAAaumcC-jpk7ADQBe5WfOExQqUsi0cIGfGTsQ8nlb17yRK1wUiWj7VX68jcHfk_0G2ISPjKohv7E6VulfrryAgAAAEFSAAAAAmgBBwoAeSs3w4vI0FubagB7MupKSReIh9DkoC9HsAJXXX-UwsOPXjNAxJQy5EOgOrShchkwoy-AJEuwAZW6AZtbkV12F124n_X7azlgU1VD-pmWI9X1kgss7WsMsSdEs7hEIx-Rh29lF7f02IU--BjD-lyKO-0Q89bcZzMeDzaZArl03YFCu19zCs4RcKPDOKMVQtv8aOidT0HoyG5Tczs9G2RXYPyMc1tHpxRQMa0vm7sscnNJOnZKWwW_2HPwkVKkKFw5wP1TCGu7XlEl8zWkNMRkigx0tTG5ciQ4uUALtKUeXwO9UsU6dXl0CRofODVhu5s9pxOjDBDEWV8gYK7ucbX0Fp3QPfOuW1fS0Oqc_uXk20YbjpiugnNkaDlaCeBU9xkYgs-9wAV7sWdLgONaxF-iZUzruJaUcJqCXgRWaF53WVwEUH2PJUedMVDnp49unzRtr0Ii12DvP-IBAL4R8a1wV5dFWThCpgOH_0X9cfwMPLzghMiqmyIIy09VcWIq0FWd77Q5X3zVyIVzWzpSKzSegeThlSIuoRX6oWcmFtD-7Poq7tGl3YvmPKtZyPf5snKRK6pgFEAn-BdJVlsNrqzvP1HK2RipGGgFh5KuCAh6DLbP1_S6VCxOiFytHMLwo-ngD7i-kYmtwaocpfs5Sa-OhjcwN0XX5RF0VfeE9iQP-w8eJKoqDaJdHciGTPIfrFzVMO9DtNlEKpxVRgo3FzuEhe2OmnM0vJKRstc0ESRcfBVsJ_mcVN5LHa_txJ_OuAcCUqbve9_jn0ODxb-A049ugMgRa75--iXL_-OtskWwHld2QxceU2PyPIp2Lv2xnTPWMidP4A-CHOgmFZe8ZpVB_d6N_fVcMWo7q4YynzjtvagGwudSO7Y7bLrUbZYwnPPGGe7ItVJDVt3NA1PaS30o7vUjy-7tqkKY6gmPOTw0cAyYzSXafJePB_tDUugzHp7SkyRDsYnmsIFXejcKvy4D9y3TGX_buewYt8GDJoP5QPtsF00bFL5sOuYF48da8engeD0-rRANfbrVtR9CtOdm3MzslDiAlrlDvAmMlJqgfB7jMtQdduRgf7FvY1pMGqu3tVNAsGxc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame B5B1
0
21 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=139305851274&version=m202309260101&ct=77&x=1&cor=10145822075544273000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
21 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-6733749933508436&su=www.drawturk.com&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079965%2C44807406%2C95321957%2C95320870%2C95320893%2C95321626&doc=complete&pg_h=3017&pg_w=1600&pg_hs=3017&c=3&aa_c=2&av_h=271.800&av_w=1036&av_a=199552&s=33&all_s=30&b=1016.828&all_b=163.953&d=0.391&all_d=0.450&ard=0.156&all_ard=0.207&dt=d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.drawturk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 18:16:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEEUK6kl--S2PWgVZlJk7EQ4&google_cver=1&google_push=AXcoOmS-16k0p5HI4Ze5SViyQhyEY7bUui9bAoKJfOCb0M5cHloWyboA0hZ8skJuJc-oB3SNaYLJv7x9e-cO7ArNhIRQH5ib9-7KLWE7

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 function| $ function| jQuery string| ROOTURL function| gtag object| dataLayer object| adsbygoogle function| BuyukHarf function| isTRChar function| BuyukHarfBlur function| validateForm function| validateOnSubmit function| openModal function| openConfirm function| forgotPassword number| openedMenu function| openLeft function| showCommentForm function| readed function| timeAgo function| jconfirm function| Jconfirm undefined| rwindow undefined| rdocument object| RELANG object| RLANG function| moment object| averta function| package boolean| _mobile boolean| _touch function| parseQueryString object| matched object| browser function| CSSTween object| CTween object| EaseDic function| MSAligner function| Controller object| MSLayerEffects function| MSLayerElement function| MSImageLayerElement function| MSVideoLayerElement function| MSHotspotLayer function| MSButtonLayer function| MSSliderEvent function| MSSlide function| MSSlideController function| MasterSlider function| MSViewEvents function| MSBasicView function| MSWaveView function| MSFadeBasicView function| MSFadeWaveView function| MSFlowView function| MSFadeFlowView function| MSMaskView function| MSFadeView function| MSScaleView function| MSFocusView function| MSPartialWaveView function| BaseControl function| MSArrows function| MSThumblist function| MSBulltes function| MSScrollbar function| MSTimerbar function| MSCircleTimer function| MSLightbox function| MSSlideInfo function| MSGallery function| MSFlickrV2 function| MSFacebookGallery function| MSScrollParallax object| buttonsSelected string| _jcsspfx string| _csspfx boolean| _cssanim boolean| _css3d boolean| _css2d object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaGlobal function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| googletag object| google_llp object| google_image_requests object| GoogleGcLKhOms

30 Cookies

Domain/Path Name / Value
www.drawturk.com/ Name: PHPSESSID
Value: 0au9sm63r06jdjm6qh9n1m4klt
.drawturk.com/ Name: _ga_Y9LK9B4WJB
Value: GS1.1.1705256160.1.0.1705256160.0.0.0
.drawturk.com/ Name: _ga
Value: GA1.2.1196123050.1705256161
.drawturk.com/ Name: _gid
Value: GA1.2.1517017342.1705256161
.drawturk.com/ Name: _gat_gtag_UA_112310332_1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkjqwmoT8A3Seo6j6ekO-KYx_5genp5pwPoUgiUInMJEncHwJ6H-0Xb_cHInCc
.drawturk.com/ Name: __gads
Value: ID=ae7c977102fab147:T=1705256161:RT=1705256161:S=ALNI_MZ7imkX50tN5CtAZZ3gc8qmWFIdbw
.drawturk.com/ Name: __gpi
Value: UID=00000d4180fa3c8a:T=1705256161:RT=1705256161:S=ALNI_MYloMtYhMGSciDp8IWwuKBCGb3mvA
.doubleclick.net/ Name: DSID
Value: NO_DATA
.googleadservices.com/ Name: ar_debug
Value: 1
.adnxs.com/ Name: uuid2
Value: 7567296763290879180
.casalemedia.com/ Name: CMID
Value: ZaQk4tNXbRIGy3T86aZLmQAA
.casalemedia.com/ Name: CMPS
Value: 5155
.casalemedia.com/ Name: CMPRO
Value: 5155
.adnxs.com/ Name: XANDR_PANID
Value: eMw4998tyVkRxwj_6A28W3I7xldljyRzGjDzm6sO6t7DsQID8JG85FFkqNtQEpP-DeXaempsNhCp6bMU3ttl6Qetuavy8J_QiwHDJZHXXz4.
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>4t#sXs!]tbPl1M>e)ZlrFUfJ+tGXxoe@QgmUVC+!%8zl3mXP]%#XVl:2Naa'I)DxLa3If)y3KL9D3I?++d'p5u
.doubleclick.net/ Name: APC
Value: AfxxVi7smAnOtBHBEXijgy7wDLU6F3Rb8guG3Rh2Jt-IKtjxvU9Z-A
.adfarm1.adition.com/ Name: UserID1
Value: 7324019451389868173
.quantserve.com/ Name: d
Value: EEEBCQHzKoEA
.quantserve.com/ Name: mc
Value: 65a424e3-1472f-8f6f0-f35a3
.doubleclick.net/ Name: ar_debug
Value: 1
.w55c.net/ Name: wfivefivec
Value: vIariJpQ1Rp51F5
.w55c.net/ Name: matchgoogle
Value: 5
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 472524e0d3e0c994
.awin1.com/ Name: awpv22610
Value: 296283|1705256163|fa5ec851-b308-11ee-8694-226555b1c0ac
.awin1.com/ Name: AWSESS
Value: 408799:2874697
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 1410728272203230894
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1705256163806,"clickCookie":false}}
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZaQk4wAOgRUYqgBd

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
ad.doubleclick.net
ade.googlesyndication.com
adservice.google.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
bid.g.doubleclick.net
c1.adform.net
cdn.doubleverify.com
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
hal9000.redintelligence.net
hal90005.redintelligence.net
ib.adnxs.com
imasdk.googleapis.com
match.adsrvr.org
medialead.de
onetag-sys.com
pagead2.googlesyndication.com
pm.w55c.net
pv.medialead.de
r5---sn-4g5e6nz7.c.2mdn.net
region1.google-analytics.com
s0.2mdn.net
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
tps.doubleverify.com
track.webgains.com
us-u.openx.net
www.awin1.com
www.drawturk.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
13.42.201.144
13.42.80.79
130.211.44.5
138.201.63.165
142.250.184.198
142.250.185.226
142.250.186.166
142.250.186.34
142.250.74.194
142.251.168.155
151.101.194.49
157.90.169.159
159.69.70.9
172.64.151.101
178.250.1.9
18.197.162.124
2001:4860:4802:32::36
216.58.212.130
23.192.250.178
23.32.185.35
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:65::a
2a00:1450:4001:801::200a
2a00:1450:4001:802::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2004
2a00:1450:4001:810::2008
2a00:1450:4001:812::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a02:26f0:480:9::210:ee04
2a02:fa8:8806:13::1400
2a0b:4d07:102::1
34.98.64.218
37.157.3.20
37.252.171.21
51.89.9.254
52.222.139.129
52.223.40.198
85.114.159.118
91.121.248.44
94.23.99.218
99.86.4.52
0108cf57a5359cdecc80699650b912a11731d0aeaec300d884a9d658ed96b295
06555fe34b40902d289aa4c2d414833723921b938f7ba151d03488287adfaff1
0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ea33dc20b8d775965a07940c9cd705690d3cee04a51e4e356411d3d4968fc4e
145851f30eeda06e9be4d4f6e8108b053803033b930dd1a45f6f2c0866c0752e
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
198bc92e7a2c0157be3f7fb306340634a91bb6b23546aff9ce0ce13b8ac11e40
1b357c2876a6308f81bf921f86ad10f957cd9a1c57db3ce4d3e92bc318d82ee5
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2315e87109bc5596a0742361ffcdc3fe2b2028ed58a7548f7e0236d0dffc5c9f
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
29a0fbef761d990d77e8ee78b3266e9948b656fab243be3543f6b667370d4e5f
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2d01790a4a887231c1a52e1f3306445e6f06b3db587fb06a4b1e248f92e31d1d
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e3abf6ba1b76e4a6e148a9f9136bed777fcbab2889e69f9d1cf77ca1b5c71de
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
376571de7fb7d61ee398aa203005900aefef240b923a879c20f0c11c8af5dc51
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a0b5981e09f4d04a06ac037b9c9517e5251a4d40d60f09000b47bfc9d7cfe58
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3fd779a6875172c4c36e512a3d14fc7c03f3f05f7eb632e284f5f691a8c3ee50
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44ed13a18fcd11981efe7c38b0cc786e2cec80aa5b42af17d0e43a9085767d2e
48f1658e9364b456e998e1141ff3c0959a9d9c69a1d2ffca3a67c54975cb020e
49220ddf9ab024b1f7ed5acac9d2eedef0df2c856e39b32ec70e17163ea421d3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c78e1910b29cebe5737b75ea7b6ad5f246b066db2eecbcbd3de6d2babe58a2c
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eab0927d5cdc1d3174017856713e001fc5b1a97d5dd2c4ce8d7317bf26acbcf
4f4bed4024c82d2eaa312ee16fade3e9d4c909a4109af742ee16cd827736a611
508fa8c7a48d197b073702b38cd3b7b075b846dcac74fba54140e842ff3c0246
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6432941878c856e6d5297a9632a03cd04a3bd93c525a6b0c25153a0022a8b524
6811c836f6d70f34f4445cb9e839ff301ee54f1102fcba06ef131ad5551e5788
6aa5e846d23f4b88dce1e44f898f83cfcaef44d21e162fa59d00bd557a77ae37
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
717f924e3ff14c563108841492836bcf45408b81d6e025a7f77afea99d82e45b
72f5cf56c188eae3d3b7da31ab28294f715fd71947e64ed5a626729d56fea005
7846d4f2f4b0d4e523ea0e0781d9bcfbba42c975fe31dfb76009fd06a231ea7f
79a9563f63fcb59e7eced8b8c0ba2f132c43280b2013e3695b61b24ccd5f0d3c
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7b2b705b4a538f8c79b51d13d4f85f0703fb8e59d00ef643dea8f459ff60db25
7ca01bddb37a2537ecae92e08a810134351d1f8632a3a9138f378ed0f5f8d23b
7cd17d0f99674e22ff77d6bed3bcabe9b822807575b3ab1f3ce124e92c686160
7e658039ec2c92e05b1f16ed7a5e958979fbe600797fe259dfea9c96aaf1434f
7e84408aa66b9c10dd6e2d630f717b4b4f03345cd77fc5360f4ccba99ce1fa74
7f365771e708b9a96faec914d6a8aacd7f0dc4d82a37355614cbd8174a94544b
8084d84c1e675edb5f7bc65fbe327170d9eecc3613c2d050b4393d28997c96d8
8235f717b849c5b5ad4a90ca1c50ae6b8f7d9c848710af79ee0fb850491eefca
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
940d6bc6f7597bc747a80fa5a259e2380695c9cdb5da067a7d742f60bbb3a8aa
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aa9bb90479451a51595ed66cda9d1fd72081571ab1e248615f6017264058e33
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3091c06f9445e294372ee472a18e5aa16a2186dc95c407d24c63eafe8c552a4
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b481eec16f993009a96642906f09c67070550d9b33b0de6584e4bd09d0af3cf6
b79e2f319a4307b8efa970936f6bf86a8236c2de2cb980c5950ed65b48a28c18
b8ed731f4a7fd588bdabed763f6ba427ab337a0452f7432c9440c0147cdec06d
bacfc872da4a0124e86f373d560b9f6c5b7ae8b016fc893e6f5e2c79402ad418
bc9729d15239e93bcfb65f49a6de63555759e68f89aa473db7049a828931f604
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
c05875c2b14dc0a7503bb8296337721f16fb889636fe8216cb09e6a586d8db5a
c0d6304c8399f0461875914c45211db4458ab12925e1d30fbd99d8236b372ffa
c2e37edead715eed23104c46e7a17fab37b2d5546c7946033ed77af9ac972d7e
c370725f055acf3fc054a1186ef26ed07f1de33b9c86c4c5f4a61ea6a4690d7f
c4699aee4e4132e3104a1b90de072c0ca93615b51013bce15f71cad2d71e6a6e
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c7211b35cb0e6403546377d7a25870102eb82d1b9f817bdc1d41844011e88a93
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cc2cd62155a90e293c098df8c97d2c72f1e419c4d77906161ceaeee8009574e7
cd44cfa296f2ec55829fd313e521becc2bd085e1a04355ea3ef56f211d491f92
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d4cda67953c579cfe06bb48e91dabe4e633c1e9bd8080e08092f550922d91f03
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d719896ac200872f531043728d5e14302df3019a4c0a8f2b4223f9a92fcbfe7f
d883d95e645fa67665bfdc9ccfffd4e544c5207f3316f719c761f1aa33250049
dd377053753bd453c477132c25fe540dcfd7618b7bca2886ee5f73eb0c1861cf
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e12afab6cc95ed70a4e63c7eb10a614074bfc2af0ffc37981c4e6b4d913a8833
e1c9b5037eac316540c758b601423db9e317382c1e10486794680d70df50d1b4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa92cc29f47561729eadd95b9de2f36356a18d3c4efb8379f10e5bb4966f1b3
f1548b81b347bc3e28b2f06737c29f5c8cec8a45308e231b7ea893605bc76aaf
f530f6332f62e984dd2bce7c2eb33b915a130e79e0a0075bf250bb7a7e823fbb
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390