urlscan.io logo urlscan.io
SecurityTrails logo

www.urfanatik.com Open in urlscan Pro
2606:4700:3036::6815:1add  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.urfanatik.com/
Submission: On March 02 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 42 IPs in 6 countries across 31 domains to perform 178 HTTP transactions. The main IP is 2606:4700:3036::6815:1add, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.urfanatik.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 25th 2021. Valid for: a year.
This is the only time www.urfanatik.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:303... 13335 (CLOUDFLAR...)
27 2606:4700:20:... 13335 (CLOUDFLAR...)
10 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 143.204.89.28 16509 (AMAZON-02)
1 151.101.114.110 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 143.204.89.55 16509 (AMAZON-02)
2 185.221.86.34 206998 (NEW-2)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 157.90.162.130 24940 (HETZNER-AS)
12 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.34 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
26 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 185.29.133.224 30419 (MEDIAMATH...)
2 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 138.201.63.145 24940 (HETZNER-AS)
13 34.243.93.43 16509 (AMAZON-02)
1 23.210.249.113 16625 (AKAMAI-AS)
1 4 78.46.90.238 24940 (HETZNER-AS)
2 2 51.38.145.136 16276 (OVH)
1 85.10.231.199 24940 (HETZNER-AS)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 34.246.227.69 16509 (AMAZON-02)
6 142.250.185.98 15169 (GOOGLE)
1 34.98.67.61 15169 (GOOGLE)
2 2 35.227.252.103 15169 (GOOGLE)
2 2 185.64.189.115 62713 (AS-PUBMATIC)
1 1 69.173.144.165 26667 (RUBICONPR...)
2 2 23.210.249.164 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.76.176.197 16509 (AMAZON-02)
178 42
3    2606:4700:3036::6815:1add (United States)

ASN13335 (CLOUDFLARENET, US)
www.urfanatik.com
27    2606:4700:20::681a:fb6 (United States)

ASN13335 (CLOUDFLARENET, US)
file.daktilo.com
10    2606:4700:20::ac43:4a28 (United States)

ASN13335 (CLOUDFLARENET, US)
static.daktilo.com
1    2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
4    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
13    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:3033::6815:3603 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn2.bildirt.com
1    143.204.89.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-28.fra50.r.cloudfront.net
certify-js.alexametrics.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    143.204.89.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-55.fra50.r.cloudfront.net
certify.alexametrics.com
2    185.221.86.34 (Ireland)

ASN206998 (NEW-2, IE)
bam.eu01.nr-data.net
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
1    157.90.162.130 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: statistics.daktilo.com
statistics.daktilo.com
12    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
partner.googleadservices.com
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
www.googletagservices.com
18    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
26    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    185.29.133.224 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
3    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    138.201.63.145 (Ketsch, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de
hal9000.redintelligence.net
13    34.243.93.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
s.update.mediamathtag.com
1    23.210.249.113 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-113.deploy.static.akamaitechnologies.com
pixel.mathtag.com
4    78.46.90.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de
hal900019.redintelligence.net
2    51.38.145.136 (France)

ASN16276 (OVH, FR)
PTR: ip136.ip-51-38-145.eu
pv.medialead.de
1    85.10.231.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 85-10-231-199.clients.your-server.de
pb.media01.eu
1    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    34.246.227.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-227-69.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
6    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    23.210.249.164 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
Apex Domain
Subdomains		 Transfer
40 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
386 KB
38 daktilo.com
file.daktilo.com
static.daktilo.com
statistics.daktilo.com
929 KB
24 doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
110 KB
14 gstatic.com
fonts.gstatic.com
www.gstatic.com
148 KB
13 mediamathtag.com
s.update.mediamathtag.com
41 KB
7 google.com
www.google.com
adservice.google.com
1 KB
5 redintelligence.net
hal9000.redintelligence.net
hal900019.redintelligence.net
11 KB
5 googletagservices.com
www.googletagservices.com
159 KB
5 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
35 KB
4 mathtag.com
tags.mathtag.com
pixel.mathtag.com
3 KB
4 google.de
www.google.de
adservice.google.de
1 KB
3 urfanatik.com
www.urfanatik.com
35 KB
2 casalemedia.com
ssum-sec.casalemedia.com
2 KB
2 pubmatic.com
image6.pubmatic.com
2 KB
2 openx.net
rtb.openx.net
758 B
2 medialead.de
pv.medialead.de
2 KB
2 nr-data.net
bam.eu01.nr-data.net
459 B
2 google-analytics.com
www.google-analytics.com
19 KB
2 alexametrics.com
certify-js.alexametrics.com
certify.alexametrics.com
5 KB
1 ad-server.eu
ad-server.eu
32 KB
1 rubiconproject.com
pixel.rubiconproject.com
461 B
1 mookie1.com
odr.mookie1.com
324 B
1 everesttech.net
pixel.everesttech.net
376 B
1 quantserve.com
cms.quantserve.com
462 B
1 media01.eu
pb.media01.eu
607 B
1 2mdn.net
s0.2mdn.net
23 KB
1 googleadservices.com
partner.googleadservices.com
260 B
1 newrelic.com
js-agent.newrelic.com
11 KB
1 bildirt.com
cdn2.bildirt.com
22 KB
1 googletagmanager.com
www.googletagmanager.com
39 KB
1 cloudflare.com
ajax.cloudflare.com
5 KB
178 31
Domain Requested by
27 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.urfanatik.com
27 file.daktilo.com www.urfanatik.com
file.daktilo.com
ajax.cloudflare.com
17 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.urfanatik.com
13 s.update.mediamathtag.com tags.mathtag.com
s.update.mediamathtag.com
13 pagead2.googlesyndication.com file.daktilo.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
13 fonts.gstatic.com fonts.googleapis.com
10 static.daktilo.com www.urfanatik.com
6 cm.g.doubleclick.net googleads.g.doubleclick.net
5 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 hal900019.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal900019.redintelligence.net
4 www.google.com 2 redirects googleads.g.doubleclick.net
4 fonts.googleapis.com file.daktilo.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
3 tags.mathtag.com googleads.g.doubleclick.net
tags.mathtag.com
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.de pagead2.googlesyndication.com
3 www.urfanatik.com www.urfanatik.com
file.daktilo.com
2 ssum-sec.casalemedia.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 rtb.openx.net 2 redirects
2 pv.medialead.de 2 redirects
2 bam.eu01.nr-data.net js-agent.newrelic.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 ad-server.eu hal900019.redintelligence.net
1 ajax.googleapis.com hal900019.redintelligence.net
1 pixel.rubiconproject.com 1 redirects
1 odr.mookie1.com googleads.g.doubleclick.net
1 pixel.everesttech.net 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 pb.media01.eu hal900019.redintelligence.net
1 pixel.mathtag.com tags.mathtag.com
1 hal9000.redintelligence.net www.urfanatik.com
1 s0.2mdn.net tpc.googlesyndication.com
1 www.gstatic.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 statistics.daktilo.com file.daktilo.com
1 www.google.de
1 stats.g.doubleclick.net www.google-analytics.com
1 certify.alexametrics.com
1 js-agent.newrelic.com www.urfanatik.com
1 certify-js.alexametrics.com www.urfanatik.com
1 cdn2.bildirt.com ajax.cloudflare.com
1 www.googletagmanager.com ajax.cloudflare.com
1 ajax.cloudflare.com www.urfanatik.com
178 43
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-02-25 -
2022-02-24		 a year crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-11 -
2022-08-16		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
certify-js.alexametrics.com
Amazon		 2020-07-12 -
2021-08-12		 a year crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-12-28 -
2021-05-07		 4 months crt.sh
certify.alexametrics.com
Amazon		 2020-07-12 -
2021-08-12		 a year crt.sh
*.eu01.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-04 -
2022-02-08		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
statistics.daktilo.com
R3		 2021-02-25 -
2021-05-26		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2022-04-22		 2 years crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
redintelligence.net
R3		 2021-02-19 -
2021-05-20		 3 months crt.sh
smwjqy.com
Sectigo ECC Domain Validation Secure Server CA		 2020-05-26 -
2021-05-26		 a year crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2021-07-15		 a year crt.sh
*.media01.eu
RapidSSL RSA CA 2018		 2020-05-06 -
2021-06-05		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
ad-server.eu
R3		 2021-02-18 -
2021-05-19		 3 months crt.sh

This page contains 22 frames:

Primary Page: https://www.urfanatik.com/
Frame ID: D60FDC92D6999386B930FA20AE2F56C9
Requests: 78 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/zrt_lookup.html
Frame ID: 9CFF749C506ED7630BBD262950A55AC9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=600&slotname=2239800086&adk=2711121141&adf=1171335190&pi=t.ma~as.2239800086&w=300&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1614652765130&bpp=14&bdt=1224&idt=91&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5817649660161&frm=20&pv=2&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=0&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=aWzWK3FPJ4&p=https%3A//www.urfanatik.com&dtd=109
Frame ID: 3A67982F06689634EC1EEC7006095805
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=600&slotname=2239800086&adk=2114660960&adf=1380629932&pi=t.ma~as.2239800086&w=300&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1614652765145&bpp=4&bdt=1240&idt=108&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=1300&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FbbVl6FquU&p=https%3A//www.urfanatik.com&dtd=113
Frame ID: 5DCDD5B4534E3D74D94C9BAFCBFC2D75
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=3861800019&adf=3259219877&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765149&bpp=2&bdt=1244&idt=120&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GwEoCnVmVN&p=https%3A//www.urfanatik.com&dtd=124
Frame ID: 6C58809592135433352D3D3A84129591
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=790544139&adf=2970700112&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765151&bpp=1&bdt=1245&idt=140&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600%2C970x280&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=2472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=NFnPuNr1fu&p=https%3A//www.urfanatik.com&dtd=144
Frame ID: A336F83F8B2A6A7D1D984F9AF02835FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=4193796039&adf=1181124534&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765152&bpp=1&bdt=1247&idt=155&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600%2C970x280%2C970x280&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=3738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8pT9pbHGXE&p=https%3A//www.urfanatik.com&dtd=159
Frame ID: 95A5DB951DEF6115D4CA86AEC9AF8D47
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: DF9821405D4B25061304B1128E96AF39
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&adk=2687674644&adf=2640988039&lmt=1614652765&plat=1%3A34824%2C2%3A34824%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.urfanatik.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1614652765155&bpp=1&bdt=1249&idt=220&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&dtd=231
Frame ID: 37302850AD06ADA36999FDD11FF194C5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
Frame ID: 0C5283504F2A7162AC6040B92EEE6328
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=60&adk=1262927770&adf=1840741644&pi=t.aa~a.3253648273~rp.1&w=318&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=318x60&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1594&idt=1&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0%2C974x90&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=641&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=1yPvoLI5ER&p=https%3A//www.urfanatik.com&dtd=32
Frame ID: 6C00460EA4BCBD1D2B102F305BECA2D2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10109850618693275199/index.html
Frame ID: B9308CFAE3369A2775AD71E3EDAD6602
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 563AC450BA3BE8EB77A22CB201A3BAFA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js
Frame ID: EBE3ADEEC355CECEFE3402076AE50515
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CVsznXaU9YKSwIYie-wbuqIv4Cs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzExNzEwNzkxNjg1ODcwOcgBCagDAaoEqgFP0EODvqmY5nCVaqUZm1MBLsgTzSefwe5X3bBL7gsWcsRouWAqXTeR85hUM4mGHvjnp_Kr2S6XKaCvBXgkDG-cEdj0VOMscUOYfK_EzroZWHA5YE3tflfjXEWlqPcc1OPox47YLnetDhAJ9SHLh_A1QDrBrLUkORtWW_6Gu6HIN4eyQ97Bj4JxiWnZJ0AIRKUZZ533KAfHUb47AlJUppwdad2ybfdYlKd-fYAGpq_b7sjW4OYFoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItNzExNzEwNzkxNjg1ODcwOQ&sigh=b8tULvIdYIM&tpd=AGWhJmuTVegnMe8fAvtB--Rnh1ieUNHt07dzmhjJHTk9hG929cVJJdGoWfZdUNPunRbqgbfZGORf9SKQt4HaNyoxDaqjkVjwlRids5ahi5buiSufFxQ9I6Jf_OQqvOm3Qkk1THMNN8Qg_snyDCy-iCCpN9tzW_Pa5u9f4WNofVTp58gv0rbevOBiE442WFZg-IDe3-JeEOKQV1CjogUBdHaybgTad4EdahP-79A_SBiyhnP8ryxA-sbDl77Wec-ehBe6nowhy5wI013BO7ZQUrfOEphnGqtKBrFflcmmkU2JB4goFgfu5Jj2GS3uQ5ejpOvwJsdmx5Yy2IyErg8yi6prq5Kyj5g_yDuZWZKwVWfcMO1T65aAL_Z4r9iZ8vDkJqVKr0U2kBsX_74onVyiFvUWoIomc4zImrWHYJcFgZA4dZUCskGuViA_tUgM-8t3oy89t-5eWfF0tVNQz2OW5Ctccp9Mg47h-wQrZ_H-2HnVhMydTcpomhC1U2qjYCgOl5LhKSXpIRvdMQLw_4rX3irW_MMSL5gj5HIiNNQWfMWZdiuf0tz3x1_mmRu-Gfc1tuHxcS_wXr1Zqh6hx9cuGBLFZZnV0xp8oCIssZ6UV0Eom0B449lPOTyCg78uRy7wCCov18mvvy9PGNSIUy9aZT6y3kgxhGyVsq-k4MheIyDPlfi9j7Sxvwqr7y_roZMzav_bBUXCrL7JjKnnVCzrLqp6wN8Fbm_vJEXQFl0xl60bNW_57-IvMnMbLCbBUNXGeWCDa-BP3Y5PiSblmKCB7CXS_EqB8aJjzGT1npyWRDAXLltzpsaMKvSZx-aa9UsrEqGHK94htJTne_isWQYVTd_ylfw66IeiIRlYM5GKttHjNkLUIkFjxXb2e2eRGqVO5b3FXyedS_h_Fbw5BH2oVUJLE3vshSGFl9HLWBwipThtECQjLMjj2Y0ZTE_lM9b3kcgdp2cYJB3GPZT9VY9iPwTsS-JtGKoBcgwHj6M-CQe-eJtqLhOPqBHPQ0JBIGdzUVuo3Ivxg_hNZY6FMkegMWJV9_Tm6skZ
Frame ID: 2AEF4F7083D9FE90C03136F8BA9D97AC
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15763118691896762517/index.html
Frame ID: F9D46B0EBAAF36CB5090D6D37CFB9937
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=ClK69XaU9YITXIZGqzQbui6Mg28CGzWHgkfXHww2nr-OqwyIQASCi3fEnYJUCoAGFwMbgA8gBCakCyFsx6hk1tD6oAwHIA0iqBNMBT9BgpSxae03EOqlS2T9X0_RCJ2-30gGkXiOq6Jhp048j8CbAwFbwJlojYLHMUSiJUBR6mKgAejPG8K5RQNDoWpEdrLAAK7dyFh_icbzmxHbE1n5LQgSiDwzL_ZSNzOTyzvy118LWOn-dn5nih2TzmcpJPlDDfXNbF5FKD9GTSuNiw0FiBdP6In0DrY1QIQk1YEnvLEPCmaODraJSpTXRtNStEyFxlLF3-mETZmo9ElhX-VjIJ1Su6gDjwG3dcD8KBf8tCJYhrTZPCUtd6gu40jY69sAE07yIyRGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH47-5H6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCFkwHSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItNzExNzEwNzkxNjg1ODcwOQ&sigh=d9FhE66L-To&template_id=419&tpd=AGWhJmsDqw4EIX1ensTGFRj4ihdyi-NUryl_GvOUaRGWsxmxiQ
Frame ID: B1D3E786181AA698B0F86670B68E1B8C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 027A33C14894305C725E266B3998052D
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=81250400010621902142767011521019&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: DA899BFF2631E21DDD6A44BD61D36E70
Requests: 1 HTTP requests in this frame

Frame: https://hal900019.redintelligence.net/request_content.php?s=81250400010621902142767011521019&a=9d0f26f1
Frame ID: 23EC46E961104499A2BAB95E8294DDB6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 437C2D792879686E54D5546147BF87E3
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: CAC9173915BD6F4D63E8C70624ACB62D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

178
Requests

98 %
HTTPS

54 %
IPv6

31
Domains

43
Subdomains

42
IPs

6
Countries

2013 kB
Transfer

4136 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 126
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 141
  • https://hal900019.redintelligence.net/request.php?zone=posdjza6jyw1&nw=20&renderingType=javascript&namespace=4fc7af68e1&subid=&uid=85aa5be9b4f82e9d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4290140457486281309%26mt_id%3D8656906%26mt_adid%3D222632%26mt_sid%3D7650326%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D0d18603d-a55d-4d01-a171-e0aab72c9691%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCVPSrXaU9YKSwIYie-wbuqIv4Cs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzExNzEwNzkxNjg1ODcwOcgBCagDAaoErQFP0EODvqmY5nCVaqUZm1MBLsgTzSefwe5X3bBL7gsWcsRouWAqXTeR85hUM4mGHvjnp_Kr2S6XKaCvBXgkDG-cEdj0VOMscUOYfK_EzroZWHA5YE3tflfjXEWlqPcc1OPox47YLnetDhAJ9SHLh_A1QDrBrLUkORtWW_6Gu6HIN4eyQ97Bj4JxiWnZJ0AIRKUZZ533KAfHUfw5D8D4Njga5Hn6xi8YO1djafCWGIAGpq_b7sjW4OYFoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2LAzRWEPIUsYVc2y6Q0yI-pXQumA%2526client%253Dca-pub-7117107916858709%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7117107916858709%26output%3Dhtml%26h%3D90%26adk%3D1738659094%26adf%3D918079177%26pi%3Dt.aa~a.1181726518~rp.4%26w%3D974%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1614652765%26rafmt%3D1%26to%3Dqs%26pwprc%3D8721816769%26psa%3D0%26format%3D974x90%26url%3Dhttps%253A%252F%252Fwww.urfanatik.com%252F%26flash%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1614652765500%26bpp%3D1%26bdt%3D1595%26idt%3D-M%26shv%3Dr20210224%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D0b37734f3c069b97-22372c82dca60072%253AT%253D1614652765%253ART%253D1614652765%253AS%253DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg%26prev_fmts%3D300x600%252C300x600%252C970x280%252C970x280%252C970x280%252C0x0%26nras%3D1%26correlator%3D5817649660161%26frm%3D20%26pv%3D1%26ga_vid%3D1602574259.1614652764%26ga_sid%3D1614652765%26ga_hid%3D885757471%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_java%3D0%26u_nplug%3D0%26u_nmime%3D0%26adx%3D313%26ady%3D2470%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44736377%26oid%3D3%26pvsid%3D2912353265427547%26rx%3D0%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C%252C%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Do%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D8320%26bc%3D31%26ifi%3D8%26uci%3Da!8%26btvi%3D3%26fsb%3D1%26xpc%3D3Cagxuk87j%26p%3Dhttps%253A%2F%2Fwww.urfanatik.com%26dtd%3D27&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.urfanatik.com&random=9865821286291&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900019.redintelligence.net/request.php?zone=posdjza6jyw1&nw=20&renderingType=javascript&namespace=4fc7af68e1&subid=&uid=85aa5be9b4f82e9d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4290140457486281309%26mt_id%3D8656906%26mt_adid%3D222632%26mt_sid%3D7650326%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D0d18603d-a55d-4d01-a171-e0aab72c9691%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCVPSrXaU9YKSwIYie-wbuqIv4Cs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzExNzEwNzkxNjg1ODcwOcgBCagDAaoErQFP0EODvqmY5nCVaqUZm1MBLsgTzSefwe5X3bBL7gsWcsRouWAqXTeR85hUM4mGHvjnp_Kr2S6XKaCvBXgkDG-cEdj0VOMscUOYfK_EzroZWHA5YE3tflfjXEWlqPcc1OPox47YLnetDhAJ9SHLh_A1QDrBrLUkORtWW_6Gu6HIN4eyQ97Bj4JxiWnZJ0AIRKUZZ533KAfHUfw5D8D4Njga5Hn6xi8YO1djafCWGIAGpq_b7sjW4OYFoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2LAzRWEPIUsYVc2y6Q0yI-pXQumA%2526client%253Dca-pub-7117107916858709%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7117107916858709%26output%3Dhtml%26h%3D90%26adk%3D1738659094%26adf%3D918079177%26pi%3Dt.aa~a.1181726518~rp.4%26w%3D974%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1614652765%26rafmt%3D1%26to%3Dqs%26pwprc%3D8721816769%26psa%3D0%26format%3D974x90%26url%3Dhttps%253A%252F%252Fwww.urfanatik.com%252F%26flash%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1614652765500%26bpp%3D1%26bdt%3D1595%26idt%3D-M%26shv%3Dr20210224%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D0b37734f3c069b97-22372c82dca60072%253AT%253D1614652765%253ART%253D1614652765%253AS%253DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg%26prev_fmts%3D300x600%252C300x600%252C970x280%252C970x280%252C970x280%252C0x0%26nras%3D1%26correlator%3D5817649660161%26frm%3D20%26pv%3D1%26ga_vid%3D1602574259.1614652764%26ga_sid%3D1614652765%26ga_hid%3D885757471%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_java%3D0%26u_nplug%3D0%26u_nmime%3D0%26adx%3D313%26ady%3D2470%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44736377%26oid%3D3%26pvsid%3D2912353265427547%26rx%3D0%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C%252C%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Do%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D8320%26bc%3D31%26ifi%3D8%26uci%3Da!8%26btvi%3D3%26fsb%3D1%26xpc%3D3Cagxuk87j%26p%3Dhttps%253A%2F%2Fwww.urfanatik.com%26dtd%3D27&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.urfanatik.com&random=9865821286291&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 146
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 148
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873c116b067622a85af?subid=81250400010621902142767011521019&t=htlp HTTP 301
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=81250400010621902142767011521019&actionid=879111&produktid=ratenkredit&dt_url=
Request Chain 155
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitULqzTuP6ukenf9ToNacvPr98atsfglQG-GD7vPcJmszfUOmNf9GeKEGxNAFKxkszu64Bzn1IGpZtyc-A16CV9ti2fpn7Yda&google_gid=CAESEPcDBD0Q0y6ipQAHHD3glZU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUQybFhnQUFCRkBjY3h5Wg&google_push=AQvitULqzTuP6ukenf9ToNacvPr98atsfglQG-GD7vPcJmszfUOmNf9GeKEGxNAFKxkszu64Bzn1IGpZtyc-A16CV9ti2fpn7Yda
Request Chain 157
  • https://rtb.openx.net/sync/dds?google_gid=CAESEPzMJB_crKh48PMcIe4Bars&google_cver=1&google_push=AQvitUJibqHt2wumAIjE8DQMpsD7P4508xu46BMBdxQpBcfU3uwxafF-8HuDYJEHhOGbyyszx_MBFcUIWCQ4Gfus_NeJe8--V-nD HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEPzMJB_crKh48PMcIe4Bars&google_cver=1&google_push=AQvitUJibqHt2wumAIjE8DQMpsD7P4508xu46BMBdxQpBcfU3uwxafF-8HuDYJEHhOGbyyszx_MBFcUIWCQ4Gfus_NeJe8--V-nD&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJibqHt2wumAIjE8DQMpsD7P4508xu46BMBdxQpBcfU3uwxafF-8HuDYJEHhOGbyyszx_MBFcUIWCQ4Gfus_NeJe8--V-nD&google_hm=_l57BKTYxEg9fM5FG__G5Q==
Request Chain 158
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECMQbjCZYL0OHJBO4W6z-PA&google_cver=1&google_push=AQvitUKFDkcuobT3oc1Qu9S1bc-57ef8lUyZgfLMtz8W3Bz80HEh6HBxGDKKL6vhSdWnocARG3uL-twmKemfq8dwc4qKU3C8A3fh HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECMQbjCZYL0OHJBO4W6z-PA&google_cver=1&google_push=AQvitUKFDkcuobT3oc1Qu9S1bc-57ef8lUyZgfLMtz8W3Bz80HEh6HBxGDKKL6vhSdWnocARG3uL-twmKemfq8dwc4qKU3C8A3fh&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2NkkTUO3STSmkEVBhMVusw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKFDkcuobT3oc1Qu9S1bc-57ef8lUyZgfLMtz8W3Bz80HEh6HBxGDKKL6vhSdWnocARG3uL-twmKemfq8dwc4qKU3C8A3fh
Request Chain 159
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHyZVCz0HQDrXbJYdi87XpM&google_cver=1&google_push=AQvitUKzKUd_nKBeFvu8wjhQOcPC48JK1GvqM7g2BmqqzN0MKW_niHflA0uBbIAvRJ0n5AnSYo_MsxGV-OWRkl-qshTIOeWOBAdu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xSRUtHRzYtMVEtSFQyTQ==&google_push=AQvitUKzKUd_nKBeFvu8wjhQOcPC48JK1GvqM7g2BmqqzN0MKW_niHflA0uBbIAvRJ0n5AnSYo_MsxGV-OWRkl-qshTIOeWOBAdu
Request Chain 160
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENVnu66aXGCUiMjLHvc2EOM&google_cver=1&google_push=AQvitUIq1JUAKmJI2jn6oDzjDLXGiaXujQD3mYPjX8JSGgsU-SGtH8zygAmuhZaS0rF-3mjMd2s1yeJURfxQGFHXqPxG7csaWzc HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENVnu66aXGCUiMjLHvc2EOM&google_cver=1&google_push=AQvitUIq1JUAKmJI2jn6oDzjDLXGiaXujQD3mYPjX8JSGgsU-SGtH8zygAmuhZaS0rF-3mjMd2s1yeJURfxQGFHXqPxG7csaWzc&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YD2lXrHJlUuT7tNn30P8MgAABI0AAAIB&google_push=AQvitUIq1JUAKmJI2jn6oDzjDLXGiaXujQD3mYPjX8JSGgsU-SGtH8zygAmuhZaS0rF-3mjMd2s1yeJURfxQGFHXqPxG7csaWzc&google_cver=1&google_gid=CAESENVnu66aXGCUiMjLHvc2EOM
Request Chain 163
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873c116b067622a85af?subid=81250400010621902142767011521019 HTTP 301
  • https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_728x90.gif

178 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.urfanatik.com/ 		184 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1add , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
722de7ce0518d32c70722665397c8bb414b1e952d7982ede0c9b5e896013d7e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

:method
GET
:authority
www.urfanatik.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dbe12db35a56e9ac0d31a8be752afb4e41614652763; expires=Thu, 01-Apr-21 02:39:23 GMT; path=/; domain=.urfanatik.com; HttpOnly; SameSite=Lax; Secure
cache-control
max-age=60, public
varnish_ttl
60m
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
vttl
3600.000
vary
Accept-Encoding
x-cache
HIT
access-control-allow-origin
*
x-cache-hits
1
x-xss-protection
1
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
cf-cache-status
MISS
cf-request-id
08926706d600002b1699bac000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wTQo06hYCmsbGIX7O6vTmOtWdZi8nMzoGfAuDkh%2B0pn2lcoAvxWPwzYfuSgBjivdC6C3NXgcvrcWQDi1DM05bIS8uPiOnJj%2F1D65hZfea4ObRI8AIMPYwfD6RNewUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
6297411e2fa92b16-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
grid.min.css
file.daktilo.com/themes/enerjik/assets/builds/grid/ 		42 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://file.daktilo.com/themes/enerjik/assets/builds/grid/grid.min.css?m=1614333032
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaba9c1c5cc056bbc5627cdb10ce8ab55515b17f7b8ea804b244ceabcef36303
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
7188
x-cache
HIT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
vttl
3600.000
x-xss-protection
1
last-modified
Fri, 26 Feb 2021 09:50:32 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"a6a6-5bc3a32f26fe4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i3kcWtBlHqmw36aM0Z8%2FjIQptc0Rf1aN4WHysQhmhmulsvyPzgp0ANxPAANUsCRIUi%2FUgarEJ9LHaTl7I9PFUQzBUuSe%2BUvkK76KsydtYisvb%2FH1wZFWZi1iJsHq"}],"max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
0892670721000005f9aeb71000000001
cf-ray
6297411e9f0805f9-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits
161
font.min.css
file.daktilo.com/themes/enerjik/assets/font/ 		923 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://file.daktilo.com/themes/enerjik/assets/font/font.min.css?m=1614333028
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f97da891736b0d9d1b5666f39c9db226662e8ee06267c7965a14dca09d4c9b1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
7188
x-cache
HIT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
vttl
3600.000
x-xss-protection
1
last-modified
Fri, 26 Feb 2021 09:50:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"39b-5bc3a32b37275"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6qnq9gimW5jZMHbzggM2TWPea%2FjoJkgzWsXCJbxvcr2paWu2kc1mY53n2vpkT%2ByiBgkh9ISxhOEWzBIyK28V4i6T%2BjFwD4vyct0Y%2Fi8JuHxPNxoIue3Qz7AZzb%2Br"}],"max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
0892670721000005f90d925000000001
cf-ray
6297411e9f0a05f9-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits
162
nanoscroller.min.css
file.daktilo.com/themes/enerjik/assets/libs/nanoscroller/ 		677 B
598 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://file.daktilo.com/themes/enerjik/assets/libs/nanoscroller/nanoscroller.min.css?m=1612771995
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f866a109e8db92ae71e373067c499aa1be704dfc8f33344d1ecf9b8f0e966be9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
5373
x-cache
HIT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
vttl
3600.000
x-xss-protection
1
last-modified
Mon, 08 Feb 2021 08:13:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2a5-5bacebdeb96b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IjUF8Y9rf6EGeB6qKYFuGAS1WRg6sxr4aG%2BgRR19ENeBjA6S34fkQUUjG%2FxGwmMjW5g7K%2BiWwE1kVVQmJ8HZkByM4GmwyvOU9ujOcyBg10ZBuMUAeljOZ49fq6Y2"}],"max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
0892670721000005f9fabc9000000001
cf-ray
6297411e9f0b05f9-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits
3014
main-home.min.css
file.daktilo.com/themes/enerjik/assets/main/ 		178 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://file.daktilo.com/themes/enerjik/assets/main/main-home.min.css?m=1614333036
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ee35387df9a0aac6ca413e61a1e175e810892ef3c6fc3fd64fa186f84faae33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
5358
x-cache
HIT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
vttl
3600.000
x-xss-protection
1
last-modified
Fri, 26 Feb 2021 09:50:36 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2c8a3-5bc3a3329bc86"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8%2Bq%2F2rPZdfnJu3dAwhgK2smK99hrmEHhJjuaVOsSmJ6FuVY%2FexkXhelelLqYKRC%2B2nTWNrKMOJGFe5ld1vmGaD%2BP07bgW8sKB1LBqyyMz3BuU86M2FE78qt2a%2Bzl"}],"max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
0892670722000005f9bb8fa000000001
cf-ray
6297411e9f0c05f9-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits
2042
custom-enerjik.1597396562.css
file.daktilo.com/sites/455/assets/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://file.daktilo.com/sites/455/assets/custom-enerjik.1597396562.css
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
945eb3c39f354cc4693469d3b98725fe43d470645c3d16797505522b3a566183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
mod
asset
age
6845
cf-polished
origSize=14258
x-cache
HIT
x-cache-hits
2
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
vttl
1296000.000
x-xss-protection
1
last-modified
Fri, 14 Aug 2020 09:16:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"37b2-5acd2deae28fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xAKIRBYLKVljLuIs8AGsZ4A%2BD%2FSJ2cQIpRcZHuBa29ZyYcK56DsxvcuuNeUoz0Bbc%2BTXsyRVcq1yIgqaVpKc9YfkgIzv8NnUs%2FALzRyXMwi%2FZIBwSOI1kC1ehMuZ"}],"max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
0892670722000005f90cb3d000000001
cf-ray
6297411e9f0d05f9-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
cf-bgj
minify
style_css
www.urfanatik.com/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.urfanatik.com/style_css
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1add , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f7428db9dde76109212f3a5c43989e38bda0e0e495ead307d51664ceee12729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"max_age":604800,"report_to":"cf-nel"}
x-cache
HIT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
vttl
3600.000
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
089267070a00002b169392d000000001
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NkKqqyHxlcF%2FIdqtlUl8lMgPTfV00OFT9jMuQKhe0tBbb7OixW%2Bh9px0P3E9tQ4lzVpFrVsI3zs1stGC0T3P3V3AUeETmXKix%2B7%2FqVMyc9wm90PO8vgtDWdChZOKGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
x-xss-protection
1
cache-control
no-cache
cf-ray
6297411e7fe62b16-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits
115
unnamed.png
static.daktilo.com/sites/455/uploads/2020/03/24/large/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.daktilo.com/sites/455/uploads/2020/03/24/large/unnamed.png
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b0d8411467493b30668e5e616fcbfab8eeabdd4767e0fdae35420860be26df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
mod
asset
age
6796
cf-polished
origFmt=png, origSize=45256
x-cache
HIT
x-cache-hits
2
content-disposition
inline; filename="unnamed.webp"
vttl
1296000.000
vary
Accept
content-length
19990
x-xss-protection
1
last-modified
Tue, 24 Mar 2020 13:48:01 GMT
server
cloudflare
etag
"b0c8-5a19a000f032e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Juz5WN%2BCl0D%2Fgg%2BaMcErWZ5iBPjaY0ubzsD8O%2Fcv%2FgeFJxLhtZsifGdKgEb3ERiiWX2%2FiQRonY53K0xWCZc37XB2IFI04DNqXUY09ePmN6jFGqpVSQ9FSvqNnpkoyng%3D"}],"max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
0892670727000005d0933b6000000001
accept-ranges
bytes
cf-ray
6297411eafac05d0-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
cf-bgj
imgq:100,h2pri
unnamed%20(1).png
static.daktilo.com/sites/455/uploads/2020/03/24/large/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.daktilo.com/sites/455/uploads/2020/03/24/large/unnamed%20(1).png
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b0d8411467493b30668e5e616fcbfab8eeabdd4767e0fdae35420860be26df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
mod
asset
age
6796
cf-polished
origFmt=png, origSize=45256
x-cache
HIT
x-cache-hits
2
content-disposition
inline; filename="unnamed%20(1).webp"
vttl
1296000.000
vary
Accept
content-length
19990
x-xss-protection
1
last-modified
Tue, 24 Mar 2020 13:48:05 GMT
server
cloudflare
etag
"b0c8-5a19a0048c06c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PKgj%2Fzjnq8OSBJE3hcfi%2BJzD%2B%2FdmCNZPir3mVc47OLOnM9B6cgE2ZLRK0D%2FsVV4nPDJTciksP0tpy4szu9D8uZt7eqDR5vkEojCzeV2G7PXwTXZ9tGLTptqG75pe9xE%3D"}],"max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
0892670727000005d0bd155000000001
accept-ranges
bytes
cf-ray
6297411eafad05d0-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
cf-bgj
imgq:100,h2pri
20210206-2-46741206-62269995-1612622675-1614648013.jpg
static.daktilo.com/sites/455/uploads/2021/03/02/large/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.daktilo.com/sites/455/uploads/2021/03/02/large/20210206-2-46741206-62269995-1612622675-1614648013.jpg
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6439cfa3c2cf8905e0757bcb6e082cb234377fe0f4b1ab0f388c71aa1ee095f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
mod
asset
age
4636
cf-polished
origSize=89145, status=webp_bigger
x-cache
MISS
x-cache-hits
0
vttl
1296000.000
content-length
83557
x-xss-protection
1
last-modified
Tue, 02 Mar 2021 01:20:13 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"15c39-5bc83894c6910"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=99hfAOs%2BCSAtSUVic4L2SJ9tUNm3yFbZDcA%2FBErzPKJnyumwmf4LaG40IXP52PcAeDwbgDm24lSia2cQCKATfGSnhZ2EaZBwblbg9b6v3X5uYYXnxpT%2FYEx4x3lDet8%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
0892670727000005d0da2f2000000001
accept-ranges
bytes
cf-ray
6297411eafae05d0-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
cf-bgj
imgq:100,h2pri
mask-16-9.png
file.daktilo.com/themes/enerjik/assets/img/ 		34 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.daktilo.com/themes/enerjik/assets/img/mask-16-9.png
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9427428f1a1aa7645d1b6ee3170e6e2feed6c749ae9554e75ccf397a2fa488f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
mod
asset
age
7188
cf-polished
origFmt=png, origSize=100
x-cache
HIT
x-cache-hits
127
content-disposition
inline; filename="mask-16-9.webp"
vttl
1296000.000
vary
Accept
content-length
34
x-xss-protection
1
last-modified
Mon, 08 Feb 2021 08:13:15 GMT
server
cloudflare
etag
"64-5bacebdeb8716"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G9zOL6an9PBTGV2LSbgOcE8jQ5oYASBLlERhdBROsobi9blmWLADmal84enIqg2A5n3bnW%2BjTmG7yNOG4bQAUVlRqnT8IGIzSlaWrjjynfDcRFfN%2Fhy2Vd2jzPIx"}],"max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
0892670722000005f9b43ae000000001
accept-ranges
bytes
cf-ray
6297411e9f0e05f9-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
cf-bgj
imgq:100,h2pri
bos.png
file.daktilo.com/themes/enerjik/assets/img/ 		34 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.daktilo.com/themes/enerjik/assets/img/bos.png
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
mod
asset
age
7190
cf-polished
origFmt=png, origSize=95
x-cache
HIT
x-cache-hits
121
content-disposition
inline; filename="bos.webp"
vttl
1296000.000
vary
Accept
content-length
34
x-xss-protection
1
last-modified
Mon, 08 Feb 2021 08:13:15 GMT
server
cloudflare
etag
"5f-5bacebdeb8716"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=o%2BoaYmbcI5hS%2FftbCPzGg%2FmpdtAaZmOYwM1Y0iKZ8blJ1daYbzdmS0vQwFxkPevSMhSFL9QVfJ0AG3Ch%2FSmGsqCiT50mCQMcdQ33MZFbggeJPf7jzrbFosKBospW"}],"max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
0892670728000005f9b0a14000000001
accept-ranges
bytes
cf-ray
6297411eaf1205f9-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
cf-bgj
imgq:100,h2pri
evz2k87xyaappnj-1614643953.jpg
static.daktilo.com/sites/455/uploads/2021/03/02/large/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.daktilo.com/sites/455/uploads/2021/03/02/large/evz2k87xyaappnj-1614643953.jpg
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
631f7e99535d5205c3f40def25f6afcc37efc9de0f71e54065fb898d0316e144
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
mod
asset
age
722
cf-polished
origSize=64102, status=webp_bigger
x-cache
HIT
x-cache-hits
1
vttl
1296000.000
content-length
61309
x-xss-protection
1
last-modified
Tue, 02 Mar 2021 00:12:33 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"fa66-5bc82974296a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jv6Dx7i%2Fm3%2B7CCcMZkUcThcnW9vRww9mdzXQfsPpt4qwORUh%2B2y19iMXOPLAReSYp%2FFwfSOv9erzaMsh2C2Xz7OZVaHzixvve19TIwCl4s12Oyh52uo4kkueZVnw1IE%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
0892670727000005d08e131000000001
accept-ranges
bytes
cf-ray
6297411eafb005d0-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
cf-bgj
imgq:100,h2pri
untitled-1-1614640390.jpg
static.daktilo.com/sites/455/uploads/2021/03/02/large/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.daktilo.com/sites/455/uploads/2021/03/02/large/untitled-1-1614640390.jpg
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9de4b0fa32e27c408fdfa92ca6f241a61f317b8626e96934a5c3326e585c006c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
mod
asset
age
5021
cf-polished
origSize=54185, status=webp_bigger
x-cache
MISS
x-cache-hits
0
vttl
1296000.000
content-length
51350
x-xss-protection
1
last-modified
Mon, 01 Mar 2021 23:13:13 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"d3a9-5bc81c318daee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fkjk8T4UT1Jzdp3oDI3tgEy6BUXN5raKSyE7w%2BTdjfQuAnwLCiCyp5ihb5w9amXiDfkQIzMLylxqowPXLZGQoR0OrxVK%2FYL5cOXwjiTuUQAcr0FhwJlb6%2F69brtegow%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
0892670727000005d0d006e000000001
accept-ranges
bytes
cf-ray
6297411eafb205d0-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
cf-bgj
imgq:100,h2pri
untitled-133-1614622209.jpg
static.daktilo.com/sites/455/uploads/2021/03/01/large/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.daktilo.com/sites/455/uploads/2021/03/01/large/untitled-133-1614622209.jpg
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bd8c2a9f50adb607389b7da8848deaee36978135656c5d5f42b065c3f578a2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
mod
asset
age
722
cf-polished
origSize=51513, status=webp_bigger
x-cache
HIT
x-cache-hits
2
vttl
1296000.000
content-length
49206
x-xss-protection
1
last-modified
Mon, 01 Mar 2021 18:10:09 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"c939-5bc7d873b7963"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3nylu0SgpK2jBjJcO3xhJquQ90Yf5LTVlrYLQOR7x6pQkaJwQuFxNhK3jRJhZUplBLkVPzUwd3q9P7mzoUmqMyfEQx1nyUSK1kp5z3JFQUorS6Jrp%2FT8UEugUzyh0mA%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
0892670728000005d00233c000000001
accept-ranges
bytes
cf-ray
6297411eafb405d0-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
cf-bgj
imgq:100,h2pri
untitled-1-1614622093.jpg
static.daktilo.com/sites/455/uploads/2021/03/01/large/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.daktilo.com/sites/455/uploads/2021/03/01/large/untitled-1-1614622093.jpg
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b5be2b4c9badfbcaf1d87db462d3d2951e7faf5562f9cc79c2c7b9a45c25bbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
mod
asset
age
1198
cf-polished
origSize=111646, status=webp_bigger
x-cache
HIT
x-cache-hits
4
vttl
1296000.000
content-length
103946
x-xss-protection
1
last-modified
Mon, 01 Mar 2021 18:08:13 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1b41e-5bc7d8059d491"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Pmc%2F58M%2B1YaWXA62bn1geSQmQzcpELKceHxPamVxSCkqlf6WZwIqoce0PklZF%2FC%2B8w8RTacqyWfjzOmnbR3%2BP%2BiA%2Benp1YuuuOOmI8IFDOnlaZcatrjOxhpRHorKbQ0%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
0892670728000005d0d706b000000001
accept-ranges
bytes
cf-ray
6297411eafb505d0-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
cf-bgj
imgq:100,h2pri
foto-3-5-1614603864.jpg
static.daktilo.com/sites/455/uploads/2021/03/01/large/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.daktilo.com/sites/455/uploads/2021/03/01/large/foto-3-5-1614603864.jpg
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41240a5c2c2292e3224584076922a475c0f4b56f9fc8fa18fe9569afe80015ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
mod
asset
age
5174
cf-polished
origSize=91803, status=webp_bigger
x-cache
MISS
x-cache-hits
0
vttl
1296000.000
content-length
86433
x-xss-protection
1
last-modified
Mon, 01 Mar 2021 13:04:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1669b-5bc7941cbf21e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JlmZNlmPsheZZXyjohNOSbQyKL%2FvAGYi9ma9wkIxvgwbVD%2FS99%2BEhspHKKZqgihoc%2B0xRvT2c30kL3FlCBPPzLgsz3gKgvPHK%2Fmet39U4jbxEdb8TwMZUKgRF3%2F3zEQ%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
0892670728000005d097a5b000000001
accept-ranges
bytes
cf-ray
6297411eafb605d0-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
cf-bgj
imgq:100,h2pri
attachment-148432-1-761ab533b4e87e66c928793ca33cfe33-1614602736-1614602916.jpg
static.daktilo.com/sites/455/uploads/2021/03/01/large/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.daktilo.com/sites/455/uploads/2021/03/01/large/attachment-148432-1-761ab533b4e87e66c928793ca33cfe33-1614602736-1614602916.jpg
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47776006c557ba5b926a69ad218df1b848bcc979b78092c2714f2e174e57af26

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5174
cf-polished
origSize=66947, status=webp_bigger
content-length
64014
cf-request-id
0892670728000005d0df1bd000000001
last-modified
Mon, 01 Mar 2021 12:48:36 GMT
server
cloudflare
etag
"10583-5bc79094a7884"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8GYuixmvvmPbgnNL0kkH1%2FOBOvLodULYf8MkNxIQ7dDTnQlRXJ2CN3BK0Qux469tGkr3Id1I6om%2BEvuH5kJMFmuIbuB6GTAJSXFKmqefncqwFjeR8zQGR6AJNkmnIU0%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6297411eafb705d0-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
cf-bgj
imgq:100,h2pri
ilan.1612771995.svg
file.daktilo.com/themes/enerjik/assets/img/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.daktilo.com/themes/enerjik/assets/img/ilan.1612771995.svg
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4a44608a4cf8dfd8c83b7513034a4a79b3c0f48d24fab02ee0c93fc6157289f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
5362
x-cache
HIT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
vttl
3600.000
x-xss-protection
1
last-modified
Mon, 08 Feb 2021 08:13:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1732-5bacebdeb8716"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ncg527ZDqeF0%2F%2BP1Cw2wktrG0tJgRfYUzx8x5PXixOmPdD98q%2FTP4alLfvmPXvGahQN5gCYRF66F2o55dNY9IZn8dvZDEcgpL4QlxTUdyNxyMr6TfIfm2pFd1vRK"}],"max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
0892670728000005f913b68000000001
cf-ray
6297411eaf1305f9-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits
1629
mask-yazar.1612771995.png
file.daktilo.com/themes/enerjik/assets/img/ 		34 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.daktilo.com/themes/enerjik/assets/img/mask-yazar.1612771995.png
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbb57eb6a037061e696afe014d0ab69a010631e326eddcd502929d41fa80ed27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
mod
asset
age
5370
cf-polished
origFmt=png, origSize=114
x-cache
HIT
x-cache-hits
1785
content-disposition
inline; filename="mask-yazar.webp"
vttl
1296000.000
vary
Accept
content-length
34
x-xss-protection
1
last-modified
Mon, 08 Feb 2021 08:13:15 GMT
server
cloudflare
etag
"72-5bacebdeb8716"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xA7xCm51MWXXoXCpq8QaK4OyVpfMTFImv5t5qKoRC%2B83E2VFuhoTqDowyJhmWo00Mpj6%2BQ7%2F2KUG3QBa2p47f%2BEJ9JaMLBsIu1XkUBvnRNv2leRGOC17kUrr%2F9zd"}],"max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
0892670728000005f9cab04000000001
accept-ranges
bytes
cf-ray
6297411eaf1405f9-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
cf-bgj
imgq:100,h2pri
mask-dik.1612771995.png
file.daktilo.com/themes/enerjik/assets/img/ 		34 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.daktilo.com/themes/enerjik/assets/img/mask-dik.1612771995.png
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
264c8c03540112e6632a0b231a09674edc0e28f341252bde155d71aa61bf089c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
mod
asset
age
5358
cf-polished
origFmt=png, origSize=122
x-cache
HIT
x-cache-hits
1976
content-disposition
inline; filename="mask-dik.webp"
vttl
1296000.000
vary
Accept
content-length
34
x-xss-protection
1
last-modified
Mon, 08 Feb 2021 08:13:15 GMT
server
cloudflare
etag
"7a-5bacebdeb8716"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Hk7KvNHzqCEQebmJrLI4tyw9NwHzkM4CMNvv3QjLyWO0rM%2Bc7w7100yuN92%2F6xWBMvWdnc%2BlhLVEwwPmwYm%2By89ZoZ8brWc4t1PSAQP3G1sFxQ6zkTF8CZtDepE%2B"}],"max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
0892670728000005f9eabf3000000001
accept-ranges
bytes
cf-ray
6297411eaf1505f9-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
cf-bgj
imgq:100,h2pri
urfafanatikweb-1614611103.jpg
static.daktilo.com/sites/455/uploads/2021/03/01/large/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.daktilo.com/sites/455/uploads/2021/03/01/large/urfafanatikweb-1614611103.jpg
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f00751fa7803819549078c8053083fde209293109bec6b5fca945d0b9de00c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
mod
asset
age
4132
cf-polished
origSize=45430, status=webp_bigger
x-cache
HIT
x-cache-hits
1
vttl
1296000.000
content-length
42338
x-xss-protection
1
last-modified
Mon, 01 Mar 2021 15:05:03 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"b176-5bc7af142bef6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y84NqwRdzSgzDlU8MNKmjIGf7iFumq%2BmuAFl4i6vuwUmosiOJCeFlc4lZ9O5P9F0Jnv7SDlUGbt88Fwj5By0PBNMIZqiWShaihRa7cYkskle4KVYcPUMcIalWJU7Q4s%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
0892670728000005d0b994e000000001
accept-ranges
bytes
cf-ray
6297411eafb805d0-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
cf-bgj
imgq:100,h2pri
icon.min.css
file.daktilo.com/themes/default/assets/icon/ 		65 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1614329127
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2f249e1ff2ab360e1a742023121de0beae46fe0362573f0a1a5a70a0f1c1ece
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
7188
x-cache
HIT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
vttl
3600.000
x-xss-protection
1
last-modified
Fri, 26 Feb 2021 08:45:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"10369-5bc394a2afdba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xMkUUUpAREM5OVhgzejMwnzgC6F9DmPscGk%2B%2BZqFwaNBXgJ0fFwQmpitZW3kzCmdPN%2B7oe0PnkmX1RoxBRFpEy7kZETKTjO90DkDKOQyAWCrDS8J2Gbts1Y8c1Oz"}],"max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
0892670728000005f922a10000000001
cf-ray
6297411eaf1005f9-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits
174
icon-theme.min.css
file.daktilo.com/themes/enerjik/assets/icon/ 		877 B
673 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://file.daktilo.com/themes/enerjik/assets/icon/icon-theme.min.css?m=1614333028
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d931ebcabebf4e36b0e361f058a5e60305ba8cc2c0fb34e331d9b62e6eb91038
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
7188
x-cache
HIT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
vttl
3600.000
x-xss-protection
1
last-modified
Fri, 26 Feb 2021 09:50:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"36d-5bc3a32b391b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mbs4AZ4iz1tP8PJ8ES3%2FNkhoAaqlxgeWAZuaR2ryaM9HgL1By%2BJ5zWdhRCwW%2BOuqWub%2BWRUVC3UUz3TrjB4MC%2FzdtLoAXIS25POKaO3vMYqUza1QMoImKZ8ZcK0A"}],"max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
0892670728000005f9b2211000000001
cf-ray
6297411eaf1105f9-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits
147
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"max_age":604800,"report_to":"cf-nel"}
vary
Accept-Encoding
cf-request-id
089267073200002b7d6729b000000001
last-modified
Thu, 18 Feb 2021 13:46:54 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"602e6fce-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BP7T6xBOBmSXCEWrhoTiIsfRuCGbPHicN1I%2BRseXVh0Z4pW%2F1ePcnlbIaTqMqZ0Xjj79AIJYn1d%2BiywCcS3h4%2FIR0nf1Sg5iKlZKQXXrTb70U21Xd4s%2Brtn%2F0Bg2CwiX"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6297411ebf5c2b7d-FRA
expires
Thu, 04 Mar 2021 02:39:23 GMT
css
fonts.googleapis.com/ 		10 KB
867 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext
Requested by
Host: file.daktilo.com
URL: https://file.daktilo.com/themes/enerjik/assets/font/font.min.css?m=1614333028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4c9bcf99465c0888054d2fdaebfea4fbd77508ef093c37553359b4d0cd703953
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://file.daktilo.com/themes/enerjik/assets/font/font.min.css?m=1614333028
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 02:15:13 GMT
server
ESF
date
Tue, 02 Mar 2021 02:39:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Mar 2021 02:39:23 GMT
css
fonts.googleapis.com/ 		3 KB
667 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather:400,900&subset=latin-ext
Requested by
Host: file.daktilo.com
URL: https://file.daktilo.com/themes/enerjik/assets/font/font.min.css?m=1614333028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d371fe2e65767cc34cab0649b39291ca8598f3f6506963fd139375b915da3cd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://file.daktilo.com/themes/enerjik/assets/font/font.min.css?m=1614333028
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 02:39:23 GMT
server
ESF
date
Tue, 02 Mar 2021 02:39:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Mar 2021 02:39:23 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.urfanatik.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 10:19:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
318018
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Sat, 26 Feb 2022 10:19:06 GMT
vnew.png
file.daktilo.com/themes/enerjik/assets/main/img/stick/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.daktilo.com/themes/enerjik/assets/main/img/stick/vnew.png
Requested by
Host: file.daktilo.com
URL: https://file.daktilo.com/themes/enerjik/assets/main/main-home.min.css?m=1614333036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82919da95121732fcb4cc42a034d7d8410a5e8ca5072ac508441e3d2a32fad2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://file.daktilo.com/themes/enerjik/assets/main/main-home.min.css?m=1614333036
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:24 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
mod
asset
age
51414
x-cache
HIT
vttl
1296000.000
content-length
2537
x-xss-protection
1
last-modified
Mon, 08 Feb 2021 08:13:15 GMT
server
cloudflare
etag
"9e9-5bacebdeb96b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rQ8iQRtFosrjEx%2Bc2dCTMi%2By4dTsA4xTgameu5b3KMqkDjh69Yf579OPMKQhCY%2BavOjv6%2BNddIAJJMN%2BA%2FRN6Jc8tXgPgtfuju9lYPcrEmdGaiVeFq5Do%2FmsDYJ9"}],"max_age":604800}
content-type
image/png
access-control-allow-origin
*
cf-request-id
0892670768000005f9f59bf000000001
accept-ranges
bytes
cf-ray
6297411f0f4e05f9-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits
3267
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.urfanatik.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 03:58:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
340846
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 26 Feb 2022 03:58:38 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.urfanatik.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 16:23:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
555339
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Wed, 23 Feb 2022 16:23:45 GMT
ss-pika.woff2
file.daktilo.com/themes/default/assets/icon/pika/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://file.daktilo.com/themes/default/assets/icon/pika/ss-pika.woff2
Requested by
Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1614329127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6112ba1ac1bc81a61072c7e5283c14eadf82df9d160a14b47815efb03cd97181
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Origin
https://www.urfanatik.com
Referer
https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1614329127
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:24 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1584
x-cache
HIT
vttl
3600.000
content-length
56904
x-xss-protection
1
last-modified
Mon, 08 Feb 2021 08:13:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"de48-5bacebde9a2b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d6jJlUD1Ypd1N2jZpeFOsffP4nPVgsj3P9tyVhfRZ%2BcnnLTH1qyzn70tma6kWhOYHqnZVWgD6HyNSuG9X%2F1atQdKTgDpDYz5wJrQg4%2BINV4jnd%2Bu6YvcxfhscPkb"}],"max_age":604800}
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
08926707820000e003ac25f000000001
accept-ranges
bytes
cf-ray
6297411f38c1e003-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits
4992
ss-standard.woff2
file.daktilo.com/themes/default/assets/icon/standard/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://file.daktilo.com/themes/default/assets/icon/standard/ss-standard.woff2
Requested by
Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1614329127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84f28a147c3083b02d80fc6414943eb9bb09078f80dfcc4cb186984bd48de6a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Origin
https://www.urfanatik.com
Referer
https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1614329127
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:24 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1584
x-cache
HIT
vttl
3600.000
content-length
12332
x-xss-protection
1
last-modified
Mon, 08 Feb 2021 08:13:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"302c-5bacebde9a2b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fDlbtjRJDeAWy3fcJOAaY%2FRY6q3aY0Kh7si%2FvNRaKJCPtk7cGGWrM66GvMbR3cbFDvOOP9InDMJJZaoJx31vtuRu%2BvdAWFVx2YF%2BThFttG8CJ7grO4g4d2mE%2FvkE"}],"max_age":604800}
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
08926707830000e003093fd000000001
accept-ranges
bytes
cf-ray
6297411f38c9e003-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits
4760
ss-social-circle.woff2
file.daktilo.com/themes/default/assets/icon/social/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://file.daktilo.com/themes/default/assets/icon/social/ss-social-circle.woff2
Requested by
Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1614329127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8a04ffe61a6832af353accfb7017356ff61250608fe8a009a185618ab2341f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Origin
https://www.urfanatik.com
Referer
https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1614329127
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:24 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"max_age":604800,"report_to":"cf-nel"}
x-cache
HIT
vttl
3600.000
content-length
6268
x-xss-protection
1
last-modified
Mon, 08 Feb 2021 08:13:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"187c-5bacebde9a2b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kX0Om%2BrVnqo%2BjtGLq6PiMoFdyvaMaplBunJqqYV%2Ft35%2BpAtMFinAtNN1ZyEc0SIt7Myh2pNo0pEPoY44pSyaaBKtHBYc%2Bg%2BhpmzAMFjWhhDV1r9IJbtXyaged0bM"}],"max_age":604800}
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
08926707830000e0034215a000000001
accept-ranges
bytes
cf-ray
6297411f38c4e003-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits
1317
KFOlCnqEu92Fr1MmSU5fChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fChc4AMP6lbBP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b58c11dac0fae1d40040bda04c6d4d8d5ba9f2cde7a53568f0741c973b301abb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.urfanatik.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 15:29:51 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:40 GMT
server
sffe
age
385773
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8088
x-xss-protection
0
expires
Fri, 25 Feb 2022 15:29:51 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.urfanatik.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:00:41 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
301123
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Sat, 26 Feb 2022 15:00:41 GMT
weather.woff2
file.daktilo.com/themes/default/assets/icon/weather/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://file.daktilo.com/themes/default/assets/icon/weather/weather.woff2
Requested by
Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1614329127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9327647771c09df82095dba3591c77cca41a9cedca948ae01e7fb70c690dcbd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Origin
https://www.urfanatik.com
Referer
https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1614329127
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:24 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
6859
x-cache
HIT
vttl
3600.000
content-length
44720
x-xss-protection
1
last-modified
Mon, 08 Feb 2021 08:13:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"aeb0-5bacebde9c1f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=irbC89CP8w2zWF3caE9AMN7HZS1u3%2FiVXmsrNTPyrp%2Fb3Hzj9D4fhuqzFv5%2B%2BNkuN30IUK4W4s4GwiDBAqwiv%2Bi3mIJUi3OBYDrTZn%2B8eM5IJCqS5YaHAgpMSEpK"}],"max_age":604800}
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
08926707830000e0034f81a000000001
accept-ranges
bytes
cf-ray
6297411f38c5e003-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits
1167
impact.woff2
file.daktilo.com/themes/enerjik/assets/font/impact/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://file.daktilo.com/themes/enerjik/assets/font/impact/impact.woff2
Requested by
Host: file.daktilo.com
URL: https://file.daktilo.com/themes/enerjik/assets/font/font.min.css?m=1614333028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c74aa576824583b0f4d080fcd643b377c33cda0d83b5fd1fdf5131e38c92d3f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Origin
https://www.urfanatik.com
Referer
https://file.daktilo.com/themes/enerjik/assets/font/font.min.css?m=1614333028
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:24 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1584
x-cache
HIT
vttl
3600.000
content-length
71640
x-xss-protection
1
last-modified
Mon, 08 Feb 2021 08:13:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"117d8-5bacebdeb67d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NBL1QV%2B4MrToQz9VymCBu7d9qiEc6rOfcIiBP5xA3cumRMCiTJ1ZRFIVFeEjZmxTRzRTV5GvRuJeU6EV0u%2FLrHak6JgDLxAFMTTyWw9jxcIgrnNn8fA8OtCePaYK"}],"max_age":604800}
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
08926707820000e0037d0bb000000001
accept-ranges
bytes
cf-ray
6297411f38c2e003-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits
517
ss-gizmo.woff2
file.daktilo.com/themes/default/assets/icon/gizmo/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://file.daktilo.com/themes/default/assets/icon/gizmo/ss-gizmo.woff2
Requested by
Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1614329127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1e68817dd28f4deed45c0454c7959072d0217ceca38384e27db851024de7a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Origin
https://www.urfanatik.com
Referer
https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1614329127
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:24 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1584
x-cache
HIT
vttl
3600.000
content-length
36068
x-xss-protection
1
last-modified
Mon, 08 Feb 2021 08:13:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"8ce4-5bacebde98376"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EXEtewI8rKJMGc5BQZ95O%2BZDLf55CTpYufEUoFmwd%2B39Wlz9ctVse2tboAZz7pVE59sRQ6Dy3kCGdPtIIdS91knXjxkqB0EtK%2BKXR%2B5gUE3c661x3PCj3LPt4%2BG2"}],"max_age":604800}
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
08926707820000e0037005f000000001
accept-ranges
bytes
cf-ray
6297411f38c3e003-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits
4895
ss-social-regular.woff2
file.daktilo.com/themes/default/assets/icon/social/ 		7 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://file.daktilo.com/themes/default/assets/icon/social/ss-social-regular.woff2
Requested by
Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1614329127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
870dbf40335b39544282ec53531ca7e2ab743d993532564a9bdc9a1525033658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Origin
https://www.urfanatik.com
Referer
https://file.daktilo.com/themes/default/assets/icon/icon.min.css?m=1614329127
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:24 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1584
x-cache
HIT
vttl
3600.000
content-length
7632
x-xss-protection
1
last-modified
Mon, 08 Feb 2021 08:13:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1dd0-5bacebde9a2b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6SIZC46edfLlwGpDqMmh6YSc7aUWgA9SOFR03CeGi9QDo4CHvyg5oGbxBpNBdhb3FH72sm1zENnmud1NMmstZdZ5YywPdgINr58c%2F642y2F7poj8st72vlWpQRvA"}],"max_age":604800}
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
08926707830000e003071e9000000001
accept-ranges
bytes
cf-ray
6297411f38c6e003-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits
4718
KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.urfanatik.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 06:26:35 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:46 GMT
server
sffe
age
245569
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8024
x-xss-protection
0
expires
Sun, 27 Feb 2022 06:26:35 GMT
KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.urfanatik.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 13:47:52 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
478292
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7924
x-xss-protection
0
expires
Thu, 24 Feb 2022 13:47:52 GMT
KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac4f45c63e7192b1c9fb64be19be7a03084e16dc33b4dcfedabb44cb390c25a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.urfanatik.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=latin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 15:29:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:45 GMT
server
sffe
age
385771
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7924
x-xss-protection
0
expires
Fri, 25 Feb 2022 15:29:53 GMT
all-of-defer.js
file.daktilo.com/themes/default/assets/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1612771995
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a03d3a806546e1937db6524c19e1f7d7526d703e8b4c383578bd92bb4cb4af9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
7189
cf-polished
origSize=96472
x-cache
HIT
x-cache-hits
161
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
vttl
3600.000
x-xss-protection
1
last-modified
Mon, 08 Feb 2021 08:13:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"178d8-5bacebde81c16"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4me7NshUZE1ewQhQ%2F6wUnr8HOWxA25vaG4bdT3ny36FHfpK06Ab74Oisz8RK6b%2F8gTRj7cJQ%2Ffy%2BmYX0bcyENQ9amEbf43u6mtu7jzP%2BI8CMyWBuCtmfziJH6TU4"}],"max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
089267080d000005f9cab0a000000001
cf-ray
629741201ff805f9-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
cf-bgj
minify
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-60254109-1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5cb6fd0524aaab4074389eb8614644b23126d29a61ac302f167d8bf82b6cfee2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:24 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39483
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Mar 2021 02:39:24 GMT
BildirtSDKfiles.js
cdn2.bildirt.com/ 		74 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.bildirt.com/BildirtSDKfiles.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
11aee507ab8b3c466a74a9448c5ba338d01f6e975b1416877ea538cc8a4a024c

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2478
x-powered-by
PleskLin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
089267081d000098140c1cd000000001
last-modified
Mon, 01 Mar 2021 15:31:18 GMT
server
cloudflare
etag
W/"603d08c6-12729"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cioxyzkPd4CnN0dkdnSY1ulCfQN%2FsLhtec5DBx80T4K%2BoP9rZJl5NJYtSNV6TDjJ1M9JKAqYpV6g4skwj8ffL%2Fq1KGdBL2NicQZE9wYlIyT1pqbgEKx8pI%2BuZ1FL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
629741202e779814-FRA
atrk.js
certify-js.alexametrics.com/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-28.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 29 Sep 2020 00:34:48 GMT
Via
1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Sat, 16 Mar 2019 16:01:33 GMT
Server
AmazonS3
Age
13313077
ETag
"96c08723796affab377d9bb08d631cd0"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Cache-Control
max-age=26920000
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
4264
X-Amz-Cf-Id
P80ewAMs7JA79EukfBy5rTuLY9mVdkf7fG-B85OCSjXKG4BQN1YCQw==
nr-1198.min.js
js-agent.newrelic.com/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1198.min.js
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39893061747f88b837a34d0395d05fca83e7cd5bbf2d582d181a73c5c9a174c6

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:24 GMT
content-encoding
gzip
x-amz-request-id
6G7N8SBZFWDP9P9M
x-cache
HIT
content-length
10682
x-amz-id-2
0UGCO4Mhlfex45xXj/8DAFadaQ6I71xHRyRaRgwDh98IVodQV5SoRghdxpscDq1FfJKXoBas7qw=
x-served-by
cache-hhn4022-HHN
last-modified
Fri, 29 Jan 2021 19:19:08 GMT
server
AmazonS3
x-timer
S1614652764.384772,VS0,VE0
etag
"59c98195ba35e0b45cbe2e5beebd1ac8"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3600
all-on-defer.js
file.daktilo.com/themes/default/assets/ 		47 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://file.daktilo.com/themes/default/assets/all-on-defer.js?m=1612771995
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99f85bb1561780bb367bb8f4aa78c54d69343a78f4663e1c5bc3ade9e113cdbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
7181
cf-polished
origSize=47954
x-cache
HIT
x-cache-hits
172
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
vttl
3600.000
x-xss-protection
1
last-modified
Mon, 08 Feb 2021 08:13:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"bb52-5bacebde81c16"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ccwCTRXeCVNc%2Bf4flcFNqayI%2BoY6QpRmFAaLHqZ6ITYg0TxoaCGoGPr5TvH1lv1Ry5NUNLP1TcaCYYZiLzZPvYEbKq1gG2nOjfNgXAHuzMDVkdAjFoH2%2FEDUQE00"}],"max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
08926708a8000005f9cab0e000000001
cf-ray
62974121087205f9-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
cf-bgj
minify
jquery.visible.min.js
file.daktilo.com/themes/default/assets/libs/ 		829 B
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://file.daktilo.com/themes/default/assets/libs/jquery.visible.min.js?m=1612771995
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50f6e7ec759bf6204125f85f9b45e9af4095db7483d0a2662b69fb3ceb4d866b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
5373
x-cache
HIT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
vttl
3600.000
x-xss-protection
1
last-modified
Mon, 08 Feb 2021 08:13:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"33d-5bacebdea1fb6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X7VG3qqSnoZQDeypzBkvlvuULQdZCytrt1m3Z%2BwSopUCtF1tGgS%2F%2FmwoROgQBVCiw8YhrZBrVx15oYE44NbjOcGyD7834U0hmgZwg3tLc3F6IrNSS%2FdD5elQ0NkP"}],"max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
08926708a8000005f9d5226000000001
cf-ray
62974121087405f9-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits
3109
main.js
file.daktilo.com/themes/default/assets/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://file.daktilo.com/themes/default/assets/main.js?m=1614329623
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad1409902c319df4b92ebd96f9a9fae23f0bedbfe93e0def6aa1d21414f84f4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
7181
cf-polished
origSize=71616
x-cache
HIT
x-cache-hits
190
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
vttl
3600.000
x-xss-protection
1
last-modified
Fri, 26 Feb 2021 08:53:43 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"117c0-5bc3967c70800"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PQLeisjDs1GHQa9vZIY97mxcNy71%2FSkwLtoizvPPLl0uq6HAC5ytt%2B12oiIyRxm675KTZvB12x8UYHA5cm42lagpXTMqrgWd184xSRMkwsG7Emghzc4UNDvQ5zz4"}],"max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
08926708a8000005f9e22b8000000001
cf-ray
62974121087505f9-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
cf-bgj
minify
main-theme.js
file.daktilo.com/themes/enerjik/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://file.daktilo.com/themes/enerjik/assets/main-theme.js?m=1612771995
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b89d4694686d55f87bf9576034e693406b8ed14118119b78a14bda7faa191cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
7183
x-cache
HIT
x-cache-hits
135
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
vttl
3600.000
x-xss-protection
1
last-modified
Mon, 08 Feb 2021 08:13:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"dff-5bacebdec6200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6PKkBmI2JPinrn6TXtC1liJnAeEH8fjoNHu7r3GCjMVC7vlt2jk4HynpqcQJ9qotnfBVFod8PqLolBTkVErb4FmhvnHvOyOHSiuMWmljsIQDN8OKy%2FWsxynGgLaS"}],"max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
08926708a8000005f9dfa7c000000001
cf-ray
62974121087605f9-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
cf-bgj
minify
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-60254109-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
2208
date
Tue, 02 Mar 2021 02:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Tue, 02 Mar 2021 04:02:36 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Urfa%20Haber%20-%20%C5%9Eanl%C4%B1urfa%20Haberleri%20-%20Urfanatik&time=1614652764371&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.urfanatik.com%2F&random_number=16897629396&sess_cookie=1a98561e177f0cdf0d248bfe745&sess_cookie_flag=1&user_cookie=1a98561e177f0cdf0d248bfe745&user_cookie_flag=1&dynamic=true&domain=urfanatik.com&account=5F9Zn1QolK10cv&jsv=20130128&user_lang=en-US
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-55.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Mar 2021 04:11:26 GMT
Via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
80878
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA50-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
2AEB-7ZoGJxNjTngyxgwxyOaJKJCHiJCc2Ap3ivDVyVcaA_RPyShrQ==
collect
www.google-analytics.com/j/ 		2 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=885757471&t=pageview&_s=1&dl=https%3A%2F%2Fwww.urfanatik.com%2F&ul=en-us&de=UTF-8&dt=Urfa%20Haber%20-%20%C5%9Eanl%C4%B1urfa%20Haberleri%20-%20Urfanatik&sd=undefined-bit&sr=undefinedxundefined&vp=1600x1200&je=0&_u=IEBAAQABAAAAAC~&jid=1473215494&gjid=323762656&cid=1602574259.1614652764&tid=UA-60254109-1&_gid=1686999444.1614652764&_r=1&gtm=2ou2h0&z=28042613
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 02:39:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.urfanatik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
2588219186
bam.eu01.nr-data.net/1/ 		57 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.eu01.nr-data.net/1/2588219186?a=141047623&v=1198.fe6ec20&to=MhBSZQoZXkoAVEwMDAtacVIMEV9XTl9XCAYVFFdU&rst=568&ck=1&ref=https://www.urfanatik.com/&ap=391&be=422&fe=481&dc=480&perf=%7B%22timing%22:%7B%22of%22:1614652763843,%22n%22:0,%22f%22:0,%22dn%22:2,%22dne%22:3,%22c%22:3,%22s%22:8,%22ce%22:17,%22rq%22:17,%22rp%22:59,%22rpe%22:65,%22dl%22:62,%22di%22:323,%22ds%22:328,%22de%22:328,%22dc%22:421,%22l%22:421,%22le%22:425%7D,%22navigation%22:%7B%7D%7D&fp=387&fcp=387&at=HldRE0IDTUQ%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1198.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.221.86.34 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software
/
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
collect
stats.g.doubleclick.net/j/ 		4 B
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-60254109-1&cid=1602574259.1614652764&jid=1473215494&gjid=323762656&_gid=1686999444.1614652764&_u=IEBAAQAAAAAAAC~&z=611486146
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 02 Mar 2021 02:39:24 GMT
content-type
text/plain
access-control-allow-origin
https://www.urfanatik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-60254109-1&cid=1602574259.1614652764&jid=1473215494&_u=IEBAAQAAAAAAAC~&z=295492429
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 02:39:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-60254109-1&cid=1602574259.1614652764&jid=1473215494&_u=IEBAAQAAAAAAAC~&z=295492429
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 02:39:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
advertchannels
www.urfanatik.com/service/ 		24 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.urfanatik.com/service/advertchannels?channels%5B0%5D%5Bslug%5D=yan-l&channels%5B0%5D%5Bset%5D%5Bvalues%5D%5Bunit%5D=true&channels%5B1%5D%5Bslug%5D=yan-r&channels%5B1%5D%5Bset%5D%5Bvalues%5D%5Bunit%5D=true&channels%5B2%5D%5Bslug%5D=ana-1&channels%5B2%5D%5Bset%5D=false&channels%5B3%5D%5Bslug%5D=ana-4&channels%5B3%5D%5Bset%5D=false&channels%5B4%5D%5Bslug%5D=ana-5&channels%5B4%5D%5Bset%5D=false&channels%5B5%5D%5Bslug%5D=mob-akis&channels%5B5%5D%5Bset%5D=false&channels%5B6%5D%5Bslug%5D=ana-15&channels%5B6%5D%5Bset%5D=false&channels%5B7%5D%5Bslug%5D=sm&channels%5B7%5D%5Bset%5D=%7Bamount%3A1%2Cclass%3A%7Bchannel%3A%27row%20center%27%2Cunit%3Acol%7D%7D&channels%5B8%5D%5Bslug%5D=sm&channels%5B8%5D%5Bset%5D=%7Bamount%3A1%2Cclass%3A%7Bchannel%3A%27row%20center%27%2Cunit%3Acol%7D%7D&channels%5B9%5D%5Bslug%5D=sm&channels%5B9%5D%5Bset%5D=%7Bamount%3A1%2Cclass%3A%7Bchannel%3A%27row%20center%27%2Cunit%3Acol%7D%7D&channels%5B10%5D%5Bslug%5D=sm&channels%5B10%5D%5Bset%5D=%7Bamount%3A1%2Cclass%3A%7Bchannel%3A%27row%20center%27%2Cunit%3Acol%7D%7D&channels%5B11%5D%5Bslug%5D=sm&channels%5B11%5D%5Bset%5D=%7Bamount%3A1%2Cclass%3A%7Bchannel%3A%27row%20center%27%2Cunit%3Acol%7D%7D&channels%5B12%5D%5Bslug%5D=mob-akis&channels%5B12%5D%5Bset%5D=false&channels%5B13%5D%5Bslug%5D=sm&channels%5B13%5D%5Bset%5D%5Bamount%5D=2&channels%5B13%5D%5Bset%5D%5Bclass%5D%5Bchannel%5D=row%20center&channels%5B13%5D%5Bset%5D%5Bclass%5D%5Bunit%5D=col&channels%5B14%5D%5Bslug%5D=ana-16&channels%5B14%5D%5Bset%5D=false&channels%5B15%5D%5Bslug%5D=mob-akis&channels%5B15%5D%5Bset%5D=false&channels%5B16%5D%5Bslug%5D=mob-akis&channels%5B16%5D%5Bset%5D=false&channels%5B17%5D%5Bslug%5D=ana-14&channels%5B17%5D%5Bset%5D=false&channels%5B18%5D%5Bslug%5D=mob-akis&channels%5B18%5D%5Bset%5D=false&channels%5B19%5D%5Bslug%5D=sm&channels%5B19%5D%5Bset%5D%5Bamount%5D=2&channels%5B19%5D%5Bset%5D%5Bclass%5D%5Bchannel%5D=row%20center&channels%5B19%5D%5Bset%5D%5Bclass%5D%5Bunit%5D=col&channels%5B20%5D%5Bslug%5D=sm&channels%5B20%5D%5Bset%5D%5Bamount%5D=2&channels%5B20%5D%5Bset%5D%5Bclass%5D%5Bchannel%5D=row%20center&channels%5B20%5D%5Bset%5D%5Bclass%5D%5Bunit%5D=col&channels%5B21%5D%5Bslug%5D=ana-18&channels%5B21%5D%5Bset%5D=false&channels%5B22%5D%5Bslug%5D=mob-akis&channels%5B22%5D%5Bset%5D=false&channels%5B23%5D%5Bslug%5D=mob-akis&channels%5B23%5D%5Bset%5D=false&channels%5B24%5D%5Bslug%5D=code&channels%5B24%5D%5Bset%5D=false&is_mobile=false
Requested by
Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1612771995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1add , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04107eb63aefbb8a1ded9bdfd8bb5252b0dac92a3f90638b94d9211737622859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept
*/*
Referer
https://www.urfanatik.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"max_age":604800,"report_to":"cf-nel"}
mod
reklamlar
x-cache
MISS
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
vttl
60.000
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
089267093e00002b168d3f6000000001
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pS3ryOI%2B3eTP9gSgCCg9qFJAb8l60y59L%2F6vl7cpW8AoejtzlS4WowRITMoHMM2QBNCSoYNXcceAdMdDkh%2BBssIC78Sy58zb3HX9zq3R9Z7LGq9bxymSxEDnAM9uog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1
cache-control
no-cache
cf-ray
62974121f9a32b16-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits
0
sndk.png
file.daktilo.com/themes/enerjik/assets/main/img/stick/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.daktilo.com/themes/enerjik/assets/main/img/stick/sndk.png
Requested by
Host: file.daktilo.com
URL: https://file.daktilo.com/themes/enerjik/assets/main/main-home.min.css?m=1614333036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d6c335f2e1edcb6c8b55446707bfbdca1238d4cf76da64df2260c32f31f56e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://file.daktilo.com/themes/enerjik/assets/main/main-home.min.css?m=1614333036
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:24 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
mod
asset
age
51416
x-cache
HIT
vttl
1296000.000
content-length
1915
x-xss-protection
1
last-modified
Mon, 08 Feb 2021 08:13:15 GMT
server
cloudflare
etag
"77b-5bacebdeb96b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LyD2HPxjHr3qMIg1O3cHvYaL%2FzecIiCkkaCNOx9yQ12AT2HvTiJM6j88S5OuoaFp7OF5s%2F6J3atBgxwpb7MHchPg7LibPAEjpzgPzk9qjcvIom0GdRVilkvh%2B%2BGm"}],"max_age":604800}
content-type
image/png
access-control-allow-origin
*
cf-request-id
089267096d000005f9dfa81000000001
accept-ranges
bytes
cf-ray
62974122493505f9-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
x-cache-hits
6342
u-4n0qyriQwlOrhSvowK_l52_wFZWMf6hPvhPQ.woff2
fonts.gstatic.com/s/merriweather/v22/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6hPvhPQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,900&subset=latin-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a669ca5c6a5fa198da92d2d9578fc18e9f9983bda9b531aae0a64123583a988
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.urfanatik.com
Referer
https://fonts.googleapis.com/css?family=Merriweather:400,900&subset=latin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 14:07:35 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:07:55 GMT
server
sffe
age
304309
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12268
x-xss-protection
0
expires
Sat, 26 Feb 2022 14:07:35 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		138 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1612771995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3628da8fa7768e8c2bdb2fb0856093807a7a9a9837ac50139c4afb94cc4a20a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49425
x-xss-protection
0
server
cafe
etag
12511417949189125007
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 02:39:25 GMT
bos.png
file.daktilo.com/themes/enerjik/assets/img/ 		34 B
871 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.daktilo.com/themes/enerjik/assets/img/bos.png
Requested by
Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1612771995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:25 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
mod
asset
age
7192
cf-polished
origFmt=png, origSize=95
x-cache
HIT
x-cache-hits
121
content-disposition
inline; filename="bos.webp"
vttl
1296000.000
vary
Accept
content-length
34
x-xss-protection
1
last-modified
Mon, 08 Feb 2021 08:13:15 GMT
server
cloudflare
etag
"5f-5bacebdeb8716"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Qe0045CQ1vaIH4CNb1pDYlc2%2FEcSWRWpub%2BhD88W6MNySp802tp2eTSS2Rz1GApM2Y%2B9z4SbMspgyESL7%2B9QQmiC3gY69GcPFdY%2FZRhBdR6KkbvgC13FZh9AtLNM"}],"max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=691200
cf-request-id
0892670ba1000005f9aeb8e000000001
accept-ranges
bytes
cf-ray
62974125caff05f9-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, authorization
cf-bgj
imgq:100,h2pri
adverts
statistics.daktilo.com/stats/ 		15 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://statistics.daktilo.com/stats/adverts
Requested by
Host: file.daktilo.com
URL: https://file.daktilo.com/themes/default/assets/all-of-defer.js?m=1612771995
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.162.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
statistics.daktilo.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept
*/*
Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 02 Mar 2021 02:39:25 GMT
Server
Apache/2.4.38 (Debian)
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Connection
Keep-Alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type, X-Token-Auth, Authorization
Keep-Alive
timeout=3, max=100
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ 		227 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7117107916858709&plah=www.urfanatik.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87195
x-xss-protection
0
server
cafe
etag
3111314854812010922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 02:39:25 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/ Frame 9CFF 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210224/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.urfanatik.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.urfanatik.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 02 Mar 2021 00:12:56 GMT
expires
Tue, 16 Mar 2021 00:12:56 GMT
content-type
text/html; charset=UTF-8
etag
6440208225989294717
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4777
x-xss-protection
0
age
8789
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		203 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.urfanatik.com&callback=_gfp_s_&client=ca-pub-7117107916858709
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7117107916858709&plah=www.urfanatik.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
34aa8cbaedebf87c96cb364145ff881b81d51f4217d1de4721cb989e8bf9da78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.urfanatik.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7117107916858709&plah=www.urfanatik.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.urfanatik.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7117107916858709&plah=www.urfanatik.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3A67 		405 B
376 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=600&slotname=2239800086&adk=2711121141&adf=1171335190&pi=t.ma~as.2239800086&w=300&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1614652765130&bpp=14&bdt=1224&idt=91&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5817649660161&frm=20&pv=2&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=0&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=aWzWK3FPJ4&p=https%3A//www.urfanatik.com&dtd=109
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7117107916858709&plah=www.urfanatik.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7037af85409d77b6db6dc61d45a2af07d0e58586819e0211bc91b747d3e1706b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7117107916858709&output=html&h=600&slotname=2239800086&adk=2711121141&adf=1171335190&pi=t.ma~as.2239800086&w=300&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1614652765130&bpp=14&bdt=1224&idt=91&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5817649660161&frm=20&pv=2&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=0&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=aWzWK3FPJ4&p=https%3A//www.urfanatik.com&dtd=109
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.urfanatik.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.urfanatik.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Mar 2021 02:39:25 GMT
server
cafe
content-length
203
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 02-Mar-2021 02:54:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 02 Mar 2021 02:39:25 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210224&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7117107916858709&plah=www.urfanatik.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5426f25a1f219a9fc4a2290ec3820c96e391ea6cb9a25f4fa28b325c49d78015
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6455
x-xss-protection
0
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7117107916858709&plah=www.urfanatik.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602243598683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Tue, 02 Mar 2021 02:39:25 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 5DCD 		89 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=600&slotname=2239800086&adk=2114660960&adf=1380629932&pi=t.ma~as.2239800086&w=300&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1614652765145&bpp=4&bdt=1240&idt=108&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=1300&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FbbVl6FquU&p=https%3A//www.urfanatik.com&dtd=113
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7117107916858709&plah=www.urfanatik.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18c1dc815e0933ea7f001023a9e848da9f99c8ed071c5975312912f3928a0e38
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10109850618693275199/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10109850618693275199/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMaGiqTKkO8CFbYW0wodTwgEFQ&gqi=XaU9YI6qEM2CzAaqmqSoAw&layout=/sadbundle/%24csp%253Der3%24/10109850618693275199/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7117107916858709&output=html&h=600&slotname=2239800086&adk=2114660960&adf=1380629932&pi=t.ma~as.2239800086&w=300&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1614652765145&bpp=4&bdt=1240&idt=108&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=1300&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FbbVl6FquU&p=https%3A//www.urfanatik.com&dtd=113
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.urfanatik.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.urfanatik.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10109850618693275199/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10109850618693275199/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMaGiqTKkO8CFbYW0wodTwgEFQ&gqi=XaU9YI6qEM2CzAaqmqSoAw&layout=/sadbundle/%24csp%253Der3%24/10109850618693275199/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Mar 2021 02:39:25 GMT
server
cafe
content-length
32191
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 02-Mar-2021 02:54:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 02 Mar 2021 02:39:25 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 6C58 		71 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=3861800019&adf=3259219877&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765149&bpp=2&bdt=1244&idt=120&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GwEoCnVmVN&p=https%3A//www.urfanatik.com&dtd=124
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7117107916858709&plah=www.urfanatik.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c9d939201a9a3de1c97d6b60fd13f3c7713f60753ccadc9500041f7cade629d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=3861800019&adf=3259219877&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765149&bpp=2&bdt=1244&idt=120&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GwEoCnVmVN&p=https%3A//www.urfanatik.com&dtd=124
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.urfanatik.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.urfanatik.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Mar 2021 02:39:25 GMT
server
cafe
content-length
23356
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 02-Mar-2021 02:54:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 02 Mar 2021 02:39:25 GMT
cache-control
private
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7117107916858709&plah=www.urfanatik.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 02:39:25 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A336 		405 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=790544139&adf=2970700112&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765151&bpp=1&bdt=1245&idt=140&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600%2C970x280&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=2472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=NFnPuNr1fu&p=https%3A//www.urfanatik.com&dtd=144
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7117107916858709&plah=www.urfanatik.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6713af8d901ffd40d78ecfb7d97a3d015b50542993a1dbb6b7ffc9eaeb2591b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=790544139&adf=2970700112&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765151&bpp=1&bdt=1245&idt=140&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600%2C970x280&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=2472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=NFnPuNr1fu&p=https%3A//www.urfanatik.com&dtd=144
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.urfanatik.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.urfanatik.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Mar 2021 02:39:25 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 02-Mar-2021 02:54:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 02 Mar 2021 02:39:25 GMT
cache-control
private
integrator.js
adservice.google.de/adsid/ 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.urfanatik.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7117107916858709&plah=www.urfanatik.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.urfanatik.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7117107916858709&plah=www.urfanatik.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 95A5 		405 B
227 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=4193796039&adf=1181124534&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765152&bpp=1&bdt=1247&idt=155&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600%2C970x280%2C970x280&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=3738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8pT9pbHGXE&p=https%3A//www.urfanatik.com&dtd=159
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7117107916858709&plah=www.urfanatik.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11a4dee8fdf2185586d57298a23d9a1d1433a9fef65e8453ffdb5bd9a03c595d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=4193796039&adf=1181124534&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765152&bpp=1&bdt=1247&idt=155&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600%2C970x280%2C970x280&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=3738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8pT9pbHGXE&p=https%3A//www.urfanatik.com&dtd=159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.urfanatik.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.urfanatik.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Mar 2021 02:39:25 GMT
server
cafe
content-length
203
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 02-Mar-2021 02:54:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 02 Mar 2021 02:39:25 GMT
cache-control
private
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame DF98 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.urfanatik.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.urfanatik.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 02 Mar 2021 00:12:28 GMT
expires
Wed, 02 Mar 2022 00:12:28 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
8817
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 3730 		30 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&adk=2687674644&adf=2640988039&lmt=1614652765&plat=1%3A34824%2C2%3A34824%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.urfanatik.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1614652765155&bpp=1&bdt=1249&idt=220&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&dtd=231
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7117107916858709&plah=www.urfanatik.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
224c74acf18556e5f056905d827f5c6762297fdbd7519b74e24cf1c04a85437f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7117107916858709&output=html&adk=2687674644&adf=2640988039&lmt=1614652765&plat=1%3A34824%2C2%3A34824%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.urfanatik.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1614652765155&bpp=1&bdt=1249&idt=220&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&dtd=231
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.urfanatik.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.urfanatik.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Mar 2021 02:39:25 GMT
server
cafe
content-length
1949
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 02-Mar-2021 02:54:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 02 Mar 2021 02:39:25 GMT
cache-control
private
5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js
pagead2.googlesyndication.com/bg/ Frame DF98 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 20:19:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
22809
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6224
x-xss-protection
0
expires
Tue, 01 Mar 2022 20:19:16 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.urfanatik.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7117107916858709&plah=www.urfanatik.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.urfanatik.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7117107916858709&plah=www.urfanatik.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0C52 		12 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7117107916858709&plah=www.urfanatik.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d52712f81384e09d0ec2cb1deabd7814211d14fce4376d71805f8bb4e41e61ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.urfanatik.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.urfanatik.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Mar 2021 02:39:25 GMT
server
cafe
content-length
6130
x-xss-protection
0
set-cookie
IDE=AHWqTUlh2svaNiqqEj139B63VoqU8vi5DtAEtT1_SC9FSf4zuwHBmPtVJf5Tsp3IBHE; expires=Sun, 27-Mar-2022 02:39:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 02 Mar 2021 02:39:25 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 6C00 		120 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=60&adk=1262927770&adf=1840741644&pi=t.aa~a.3253648273~rp.1&w=318&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=318x60&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1594&idt=1&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0%2C974x90&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=641&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=1yPvoLI5ER&p=https%3A//www.urfanatik.com&dtd=32
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7117107916858709&plah=www.urfanatik.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56dc8322fa99ade9ed60d50fbc22edd3984dbadcec10f212a0533e280ce09f92
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15763118691896762517/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15763118691896762517/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMT5mqTKkO8CFRFV0wod7sUIBA&gqi=XaU9YOKJIYqx-wbHk7OwAw&layout=/sadbundle/%24csp%253Der3%24/15763118691896762517/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7117107916858709&output=html&h=60&adk=1262927770&adf=1840741644&pi=t.aa~a.3253648273~rp.1&w=318&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=318x60&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1594&idt=1&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0%2C974x90&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=641&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=1yPvoLI5ER&p=https%3A//www.urfanatik.com&dtd=32
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.urfanatik.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.urfanatik.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15763118691896762517/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15763118691896762517/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMT5mqTKkO8CFRFV0wod7sUIBA&gqi=XaU9YOKJIYqx-wbHk7OwAw&layout=/sadbundle/%24csp%253Der3%24/15763118691896762517/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Mar 2021 02:39:25 GMT
server
cafe
content-length
40055
x-xss-protection
0
set-cookie
IDE=AHWqTUm1qSN1DN0qAbTf-wtZmA43wPgtEoDxPEjppc8PSpBjykQXHgH5CtxndJ30cJc; expires=Sun, 27-Mar-2022 02:39:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 02 Mar 2021 02:39:25 GMT
cache-control
private
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10109850618693275199/ Frame B930 		232 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10109850618693275199/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=600&slotname=2239800086&adk=2114660960&adf=1380629932&pi=t.ma~as.2239800086&w=300&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1614652765145&bpp=4&bdt=1240&idt=108&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=1300&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FbbVl6FquU&p=https%3A//www.urfanatik.com&dtd=113
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f6db0c9dc543d58b607732bc20d1f927ea2f4509a77bde9090d5c8c30627e4d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/10109850618693275199/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=600&slotname=2239800086&adk=2114660960&adf=1380629932&pi=t.ma~as.2239800086&w=300&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1614652765145&bpp=4&bdt=1240&idt=108&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=1300&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FbbVl6FquU&p=https%3A//www.urfanatik.com&dtd=113
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=600&slotname=2239800086&adk=2114660960&adf=1380629932&pi=t.ma~as.2239800086&w=300&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1614652765145&bpp=4&bdt=1240&idt=108&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=1300&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FbbVl6FquU&p=https%3A//www.urfanatik.com&dtd=113

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Sat, 27 Feb 2021 06:04:41 GMT
expires
Sun, 27 Feb 2022 06:04:41 GMT
last-modified
Fri, 19 Feb 2021 18:31:37 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
12664
age
246884
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 5DCD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cf1RlXaU9YIbkELatzAbPkJCoAb_mmsNh842GkakNloLNhYgWEAEgot3xJ2CVAqABy8C7uwLIAQmpAshbMeoZNbQ-qAMByANIqgTFAU_Q3Vmn7L903scEvHCgeBWDVFIy0zHnU-Yb_QoQOX_Q3tSujqwtZBq8Rk7zpN3sVNlhabDnEwYsNitOWi9sD5bNQG76bBuVbGc5QgtDb-yDqNUAchxROhrJ3cbyq9MRCPXAtLjzgSjHt4utEA-GILIqidcffFf9XGyCNPOra-zLIiIQIPNQfUSRv73ZLde3PJQQqSbIZC67eEezzMGd7lguvofNGzb5esy7JnbYBUixDujoeQPahLQ5Lz6KD63bECduLZwkwASypMTNwgOSBQQIBBgBkgUECAUYBKAGLoAHnb_ExAGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQv88B0ggJCIDhgBAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTcxMTcxMDc5MTY4NTg3MDk&sigh=XkdoODM0d2s&template_id=419&tpd=AGWhJmsVEa2tkJ01Fz5QDwP0ESNpaAEXfneJVWFo27pKAI8MCA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=600&slotname=2239800086&adk=2114660960&adf=1380629932&pi=t.ma~as.2239800086&w=300&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1614652765145&bpp=4&bdt=1240&idt=108&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=1300&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FbbVl6FquU&p=https%3A//www.urfanatik.com&dtd=113
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=600&slotname=2239800086&adk=2114660960&adf=1380629932&pi=t.ma~as.2239800086&w=300&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1614652765145&bpp=4&bdt=1240&idt=108&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=1300&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FbbVl6FquU&p=https%3A//www.urfanatik.com&dtd=113
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 02 Mar 2021 02:39:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 02 Mar 2021 02:39:25 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame 5DCD 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=600&slotname=2239800086&adk=2114660960&adf=1380629932&pi=t.ma~as.2239800086&w=300&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1614652765145&bpp=4&bdt=1240&idt=108&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=1300&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FbbVl6FquU&p=https%3A//www.urfanatik.com&dtd=113
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=600&slotname=2239800086&adk=2114660960&adf=1380629932&pi=t.ma~as.2239800086&w=300&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1614652765145&bpp=4&bdt=1240&idt=108&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=1300&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FbbVl6FquU&p=https%3A//www.urfanatik.com&dtd=113
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:32:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
435
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
18079855114753437313
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 02:32:10 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 5DCD 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=600&slotname=2239800086&adk=2114660960&adf=1380629932&pi=t.ma~as.2239800086&w=300&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1614652765145&bpp=4&bdt=1240&idt=108&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=1300&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FbbVl6FquU&p=https%3A//www.urfanatik.com&dtd=113
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=600&slotname=2239800086&adk=2114660960&adf=1380629932&pi=t.ma~as.2239800086&w=300&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1614652765145&bpp=4&bdt=1240&idt=108&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=1300&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FbbVl6FquU&p=https%3A//www.urfanatik.com&dtd=113
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:10:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1717
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 02:10:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5DCD 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=600&slotname=2239800086&adk=2114660960&adf=1380629932&pi=t.ma~as.2239800086&w=300&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1614652765145&bpp=4&bdt=1240&idt=108&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=1300&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FbbVl6FquU&p=https%3A//www.urfanatik.com&dtd=113
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=600&slotname=2239800086&adk=2114660960&adf=1380629932&pi=t.ma~as.2239800086&w=300&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1614652765145&bpp=4&bdt=1240&idt=108&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=1300&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FbbVl6FquU&p=https%3A//www.urfanatik.com&dtd=113
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 02:39:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 5DCD 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=600&slotname=2239800086&adk=2114660960&adf=1380629932&pi=t.ma~as.2239800086&w=300&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1614652765145&bpp=4&bdt=1240&idt=108&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=1300&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FbbVl6FquU&p=https%3A//www.urfanatik.com&dtd=113
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=600&slotname=2239800086&adk=2114660960&adf=1380629932&pi=t.ma~as.2239800086&w=300&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1614652765145&bpp=4&bdt=1240&idt=108&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=1300&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FbbVl6FquU&p=https%3A//www.urfanatik.com&dtd=113
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:32:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3986
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 01:32:59 GMT
css
fonts.googleapis.com/ Frame 6C58 		3 KB
1023 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=3861800019&adf=3259219877&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765149&bpp=2&bdt=1244&idt=120&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GwEoCnVmVN&p=https%3A//www.urfanatik.com&dtd=124
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=3861800019&adf=3259219877&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765149&bpp=2&bdt=1244&idt=120&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GwEoCnVmVN&p=https%3A//www.urfanatik.com&dtd=124
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 02:19:45 GMT
server
ESF
date
Tue, 02 Mar 2021 02:39:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Mar 2021 02:39:25 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 6C58 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=3861800019&adf=3259219877&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765149&bpp=2&bdt=1244&idt=120&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GwEoCnVmVN&p=https%3A//www.urfanatik.com&dtd=124
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=3861800019&adf=3259219877&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765149&bpp=2&bdt=1244&idt=120&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GwEoCnVmVN&p=https%3A//www.urfanatik.com&dtd=124
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 00:49:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6584
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
896
x-xss-protection
0
server
cafe
etag
948078048762640732
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 00:49:41 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame 6C58 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=3861800019&adf=3259219877&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765149&bpp=2&bdt=1244&idt=120&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GwEoCnVmVN&p=https%3A//www.urfanatik.com&dtd=124
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=3861800019&adf=3259219877&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765149&bpp=2&bdt=1244&idt=120&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GwEoCnVmVN&p=https%3A//www.urfanatik.com&dtd=124
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:32:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
435
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
18079855114753437313
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 02:32:10 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 6C58 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=3861800019&adf=3259219877&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765149&bpp=2&bdt=1244&idt=120&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GwEoCnVmVN&p=https%3A//www.urfanatik.com&dtd=124
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=3861800019&adf=3259219877&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765149&bpp=2&bdt=1244&idt=120&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GwEoCnVmVN&p=https%3A//www.urfanatik.com&dtd=124
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:10:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1717
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 02:10:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C58 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=3861800019&adf=3259219877&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765149&bpp=2&bdt=1244&idt=120&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GwEoCnVmVN&p=https%3A//www.urfanatik.com&dtd=124
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=3861800019&adf=3259219877&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765149&bpp=2&bdt=1244&idt=120&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GwEoCnVmVN&p=https%3A//www.urfanatik.com&dtd=124
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 02:39:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 6C58 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=3861800019&adf=3259219877&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765149&bpp=2&bdt=1244&idt=120&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GwEoCnVmVN&p=https%3A//www.urfanatik.com&dtd=124
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=3861800019&adf=3259219877&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765149&bpp=2&bdt=1244&idt=120&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GwEoCnVmVN&p=https%3A//www.urfanatik.com&dtd=124
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:32:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3986
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 01:32:59 GMT
5d4b6918ba53c75bacf90c3e9a55021e.js
www.gstatic.com/mysidia/ Frame 6C58 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5d4b6918ba53c75bacf90c3e9a55021e.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=3861800019&adf=3259219877&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765149&bpp=2&bdt=1244&idt=120&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GwEoCnVmVN&p=https%3A//www.urfanatik.com&dtd=124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
292e3b9fa7eff78d18f9f28e666f940c96696c6a2aa4dd543227f82d0c6c21c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=3861800019&adf=3259219877&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765149&bpp=2&bdt=1244&idt=120&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GwEoCnVmVN&p=https%3A//www.urfanatik.com&dtd=124
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 09:49:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 24 Feb 2021 01:31:13 GMT
server
sffe
age
146984
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10833
x-xss-protection
0
expires
Sat, 29 May 2021 09:49:41 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/12239617193796519363/ Frame 6C58 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12239617193796519363/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=3861800019&adf=3259219877&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765149&bpp=2&bdt=1244&idt=120&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GwEoCnVmVN&p=https%3A//www.urfanatik.com&dtd=124
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2e350ddbf1b61dd41d8f72a823830cae435bd533105387f2c92523f38c38056
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=3861800019&adf=3259219877&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765149&bpp=2&bdt=1244&idt=120&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GwEoCnVmVN&p=https%3A//www.urfanatik.com&dtd=124
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 15:37:15 GMT
x-content-type-options
nosniff
age
558130
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18939
x-xss-protection
0
last-modified
Tue, 07 Jul 2020 08:15:53 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Feb 2022 15:37:15 GMT
truncated
/ Frame 6C58 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
adview
googleads.g.doubleclick.net/pagead/ Frame 6C58 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C3LYqXaU9YPvWEdb5zAbJjpq4DfnFvf9d8_zovKUNloLNhYgWEAEgot3xJ2CVAqABq9XFzgPIAQmpAshbMeoZNbQ-qAMByAPLBKoEwQFP0PnJjeIzUIOQWXpUXNT79yfxg-b_LImCFTMK8DAkmKlrCqhzK-Q_h3P6gB29JqvThA7SXXHaRmXED26hSC0PXBxIbXFMzgtqwGK0o1Kx_ESq15HE4i5Pw13Q-Gue3RXGSI2B8nZ4utcjqPY66AaMaWxTpc--blr7UGwPA_HOrIWCuR6Gmh1XGkfFR2Q-xIGFVohRFNBcZqHitdRNy-gPYpewOK7bY9y7o2QrkqvLb1sRuqViDPh8_qtH7ys6wgmUwAS_zfOV9QKSBQQIBBgBkgUECAUYBKAGLoAHu9njaKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCZtwHSCAkIgOGAEBABGB-ACgHICwHYEwyIFAGyFxoKGAgAEhRwdWItNzExNzEwNzkxNjg1ODcwOQ&sigh=J5RkA9bfw0g&template_id=5000&tpd=AGWhJmv6vM3eWxM-bBh9qaL01SywLklxSfKsAh6dw0JvOIp6iw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=3861800019&adf=3259219877&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765149&bpp=2&bdt=1244&idt=120&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GwEoCnVmVN&p=https%3A//www.urfanatik.com&dtd=124
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=3861800019&adf=3259219877&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765149&bpp=2&bdt=1244&idt=120&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GwEoCnVmVN&p=https%3A//www.urfanatik.com&dtd=124
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 02 Mar 2021 02:39:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 563A 		143 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=600&slotname=2239800086&adk=2114660960&adf=1380629932&pi=t.ma~as.2239800086&w=300&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1614652765145&bpp=4&bdt=1240&idt=108&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=1300&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FbbVl6FquU&p=https%3A//www.urfanatik.com&dtd=113
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=600&slotname=2239800086&adk=2114660960&adf=1380629932&pi=t.ma~as.2239800086&w=300&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1614652765145&bpp=4&bdt=1240&idt=108&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=1300&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FbbVl6FquU&p=https%3A//www.urfanatik.com&dtd=113
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlroP5826Rt97Jw8Mn0FDCTZqPsVy-G7QAGoaCXwg4UHp4kJu2N0owj7krPTpg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=600&slotname=2239800086&adk=2114660960&adf=1380629932&pi=t.ma~as.2239800086&w=300&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1614652765145&bpp=4&bdt=1240&idt=108&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=1300&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FbbVl6FquU&p=https%3A//www.urfanatik.com&dtd=113

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 02 Mar 2021 01:41:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3481
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 5DCD 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
abe54e36fee5a5c5fff90bbeedb0b4a6eb34a80cad9801dc019fc29d3c67860c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6C58 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3790365d5b0407189216c48264573b4f92e50b004cce0244bbc12050a75341f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame B930 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10109850618693275199/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 12:33:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50760
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 02 Mar 2021 12:33:25 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B930 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10109850618693275199/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 12:41:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50251
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 02 Mar 2021 12:41:54 GMT
bg3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10109850618693275199/ Frame B930 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10109850618693275199/bg3.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10109850618693275199/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f02f8076d8a13a079d5ddb0abf89196195187d1d7bf771f01ce8e048b914f889
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
255310
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39639
x-xss-protection
0
last-modified
Fri, 19 Feb 2021 18:31:37 GMT
server
sffe
date
Sat, 27 Feb 2021 03:44:15 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Feb 2022 03:44:15 GMT
logo2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10109850618693275199/ Frame B930 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10109850618693275199/logo2.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10109850618693275199/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232a6e4747a4177b230dbcef1b31ef29d374f76e3dbf8b138bdf545339e0d19a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
231341
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19561
x-xss-protection
0
last-modified
Fri, 19 Feb 2021 18:31:37 GMT
server
sffe
date
Sat, 27 Feb 2021 10:23:44 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Feb 2022 10:23:44 GMT
bestseller.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10109850618693275199/ Frame B930 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10109850618693275199/bestseller.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10109850618693275199/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa890abc5ab86ad46f94718f9447d95d3778b91c08402ff00a2cb4557341df8a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
231056
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18672
x-xss-protection
0
last-modified
Fri, 19 Feb 2021 18:31:37 GMT
server
sffe
date
Sat, 27 Feb 2021 10:28:29 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Feb 2022 10:28:29 GMT
price.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10109850618693275199/ Frame B930 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10109850618693275199/price.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10109850618693275199/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65a0a8b1a01ff70ed2b745f739f4f0843a159af323c9f1df3b44d665adac209c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
255310
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7029
x-xss-protection
0
last-modified
Fri, 19 Feb 2021 18:31:37 GMT
server
sffe
date
Sat, 27 Feb 2021 03:44:15 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Feb 2022 03:44:15 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 6C58 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 06:32:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:17 GMT
server
sffe
age
245231
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14816
x-xss-protection
0
expires
Sun, 27 Feb 2022 06:32:14 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 6C58 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 15:30:54 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:06 GMT
server
sffe
age
126511
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14608
x-xss-protection
0
expires
Mon, 28 Feb 2022 15:30:54 GMT
5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js
pagead2.googlesyndication.com/bg/ Frame EBE3 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=3861800019&adf=3259219877&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765149&bpp=2&bdt=1244&idt=120&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GwEoCnVmVN&p=https%3A//www.urfanatik.com&dtd=124
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=3861800019&adf=3259219877&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765149&bpp=2&bdt=1244&idt=120&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GwEoCnVmVN&p=https%3A//www.urfanatik.com&dtd=124
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 20:19:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
22809
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6224
x-xss-protection
0
expires
Tue, 01 Mar 2022 20:19:16 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2AEF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CVsznXaU9YKSwIYie-wbuqIv4Cs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzExNzEwNzkxNjg1ODcwOcgBCagDAaoEqgFP0EODvqmY5nCVaqUZm1MBLsgTzSefwe5X3bBL7gsWcsRouWAqXTeR85hUM4mGHvjnp_Kr2S6XKaCvBXgkDG-cEdj0VOMscUOYfK_EzroZWHA5YE3tflfjXEWlqPcc1OPox47YLnetDhAJ9SHLh_A1QDrBrLUkORtWW_6Gu6HIN4eyQ97Bj4JxiWnZJ0AIRKUZZ533KAfHUb47AlJUppwdad2ybfdYlKd-fYAGpq_b7sjW4OYFoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItNzExNzEwNzkxNjg1ODcwOQ&sigh=b8tULvIdYIM&tpd=AGWhJmuTVegnMe8fAvtB--Rnh1ieUNHt07dzmhjJHTk9hG929cVJJdGoWfZdUNPunRbqgbfZGORf9SKQt4HaNyoxDaqjkVjwlRids5ahi5buiSufFxQ9I6Jf_OQqvOm3Qkk1THMNN8Qg_snyDCy-iCCpN9tzW_Pa5u9f4WNofVTp58gv0rbevOBiE442WFZg-IDe3-JeEOKQV1CjogUBdHaybgTad4EdahP-79A_SBiyhnP8ryxA-sbDl77Wec-ehBe6nowhy5wI013BO7ZQUrfOEphnGqtKBrFflcmmkU2JB4goFgfu5Jj2GS3uQ5ejpOvwJsdmx5Yy2IyErg8yi6prq5Kyj5g_yDuZWZKwVWfcMO1T65aAL_Z4r9iZ8vDkJqVKr0U2kBsX_74onVyiFvUWoIomc4zImrWHYJcFgZA4dZUCskGuViA_tUgM-8t3oy89t-5eWfF0tVNQz2OW5Ctccp9Mg47h-wQrZ_H-2HnVhMydTcpomhC1U2qjYCgOl5LhKSXpIRvdMQLw_4rX3irW_MMSL5gj5HIiNNQWfMWZdiuf0tz3x1_mmRu-Gfc1tuHxcS_wXr1Zqh6hx9cuGBLFZZnV0xp8oCIssZ6UV0Eom0B449lPOTyCg78uRy7wCCov18mvvy9PGNSIUy9aZT6y3kgxhGyVsq-k4MheIyDPlfi9j7Sxvwqr7y_roZMzav_bBUXCrL7JjKnnVCzrLqp6wN8Fbm_vJEXQFl0xl60bNW_57-IvMnMbLCbBUNXGeWCDa-BP3Y5PiSblmKCB7CXS_EqB8aJjzGT1npyWRDAXLltzpsaMKvSZx-aa9UsrEqGHK94htJTne_isWQYVTd_ylfw66IeiIRlYM5GKttHjNkLUIkFjxXb2e2eRGqVO5b3FXyedS_h_Fbw5BH2oVUJLE3vshSGFl9HLWBwipThtECQjLMjj2Y0ZTE_lM9b3kcgdp2cYJB3GPZT9VY9iPwTsS-JtGKoBcgwHj6M-CQe-eJtqLhOPqBHPQ0JBIGdzUVuo3Ivxg_hNZY6FMkegMWJV9_Tm6skZ
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 02 Mar 2021 02:39:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
js
tags.mathtag.com/notify/ Frame 2AEF 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWlRjeE1qTmlZbVl0WVdObU9DMWpNalZrTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQyOTAxNDA0NTc0ODYyODEzMDkvODY1NjkwNi83NjUwMzI2LzQvakVoa1Q5VmZBRDR3cGl1Tkc2Njdxd2FmN2JZa3NUT214dUVZdklJcDFPMC8xLzQvMC8wLzE0OTgzOTgvMC8yMjI2MzIvODY4MTU4LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNDI5MDE0MDQ1NzQ4NjI4MTMwOS96cmgvMC84NjcyLzY1Lzk5OS8yLzJhMDE6NGY4OjE5Mjo6LzAuMDAwLzE2MTQ2NTI3NjUvMTYxNDY2NTM2NS80L3B1Yi03MTE3MTA3OTE2ODU4NzA5Lw/VA9tBuQ8rjW-5xiVUiv_wYGyeDk&nodeid=238&group=eu&auctionid=4290140457486281309&sid=7650326&cid=8656906&bp=a_bbeggb&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.67&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVPSrXaU9YKSwIYie-wbuqIv4Cs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzExNzEwNzkxNjg1ODcwOcgBCagDAaoErQFP0EODvqmY5nCVaqUZm1MBLsgTzSefwe5X3bBL7gsWcsRouWAqXTeR85hUM4mGHvjnp_Kr2S6XKaCvBXgkDG-cEdj0VOMscUOYfK_EzroZWHA5YE3tflfjXEWlqPcc1OPox47YLnetDhAJ9SHLh_A1QDrBrLUkORtWW_6Gu6HIN4eyQ97Bj4JxiWnZJ0AIRKUZZ533KAfHUfw5D8D4Njga5Hn6xi8YO1djafCWGIAGpq_b7sjW4OYFoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2LAzRWEPIUsYVc2y6Q0yI-pXQumA%26client%3Dca-pub-7117107916858709%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.133.224 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.193.2 /
Resource Hash
a6f89adf039054ead0676f9f333163a325eb5c04491a20e4f11eb23b3209eb06

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 02:39:33 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1614652765
Last-Modified
Tue, 02 Mar 2021 02:39:25 GMT
Server
MMBD/3.193.2
x-mm-latency
1 (0)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
zrh-router-x71, zrh-bidder-x35
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Tue, 02 Mar 2021 02:39:32 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 2AEF 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:10:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1717
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 02:10:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2AEF 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 02:39:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 2AEF 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:32:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3986
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 01:32:59 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15763118691896762517/ Frame F9D4 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15763118691896762517/index.html
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
836f1dfab32f0c5396a51e712bc4388ba740ec4f2158964170f3dba614d13db6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/15763118691896762517/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=60&adk=1262927770&adf=1840741644&pi=t.aa~a.3253648273~rp.1&w=318&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=318x60&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1594&idt=1&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0%2C974x90&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=641&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=1yPvoLI5ER&p=https%3A//www.urfanatik.com&dtd=32
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=60&adk=1262927770&adf=1840741644&pi=t.aa~a.3253648273~rp.1&w=318&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=318x60&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1594&idt=1&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0%2C974x90&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=641&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=1yPvoLI5ER&p=https%3A//www.urfanatik.com&dtd=32

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3313
date
Fri, 26 Feb 2021 13:38:45 GMT
expires
Sat, 26 Feb 2022 13:38:45 GMT
last-modified
Thu, 25 Feb 2021 12:33:44 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
306040
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame B1D3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ClK69XaU9YITXIZGqzQbui6Mg28CGzWHgkfXHww2nr-OqwyIQASCi3fEnYJUCoAGFwMbgA8gBCakCyFsx6hk1tD6oAwHIA0iqBNMBT9BgpSxae03EOqlS2T9X0_RCJ2-30gGkXiOq6Jhp048j8CbAwFbwJlojYLHMUSiJUBR6mKgAejPG8K5RQNDoWpEdrLAAK7dyFh_icbzmxHbE1n5LQgSiDwzL_ZSNzOTyzvy118LWOn-dn5nih2TzmcpJPlDDfXNbF5FKD9GTSuNiw0FiBdP6In0DrY1QIQk1YEnvLEPCmaODraJSpTXRtNStEyFxlLF3-mETZmo9ElhX-VjIJ1Su6gDjwG3dcD8KBf8tCJYhrTZPCUtd6gu40jY69sAE07yIyRGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH47-5H6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCFkwHSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItNzExNzEwNzkxNjg1ODcwOQ&sigh=d9FhE66L-To&template_id=419&tpd=AGWhJmsDqw4EIX1ensTGFRj4ihdyi-NUryl_GvOUaRGWsxmxiQ
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=60&adk=1262927770&adf=1840741644&pi=t.aa~a.3253648273~rp.1&w=318&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=318x60&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1594&idt=1&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0%2C974x90&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=641&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=1yPvoLI5ER&p=https%3A//www.urfanatik.com&dtd=32
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 02 Mar 2021 02:39:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame B1D3 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=60&adk=1262927770&adf=1840741644&pi=t.aa~a.3253648273~rp.1&w=318&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=318x60&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1594&idt=1&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0%2C974x90&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=641&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=1yPvoLI5ER&p=https%3A//www.urfanatik.com&dtd=32
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=60&adk=1262927770&adf=1840741644&pi=t.aa~a.3253648273~rp.1&w=318&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=318x60&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1594&idt=1&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0%2C974x90&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=641&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=1yPvoLI5ER&p=https%3A//www.urfanatik.com&dtd=32
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:32:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
435
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
18079855114753437313
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 02:32:10 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame B1D3 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=60&adk=1262927770&adf=1840741644&pi=t.aa~a.3253648273~rp.1&w=318&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=318x60&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1594&idt=1&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0%2C974x90&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=641&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=1yPvoLI5ER&p=https%3A//www.urfanatik.com&dtd=32
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=60&adk=1262927770&adf=1840741644&pi=t.aa~a.3253648273~rp.1&w=318&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=318x60&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1594&idt=1&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0%2C974x90&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=641&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=1yPvoLI5ER&p=https%3A//www.urfanatik.com&dtd=32
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:10:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1717
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 02:10:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B1D3 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=60&adk=1262927770&adf=1840741644&pi=t.aa~a.3253648273~rp.1&w=318&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=318x60&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1594&idt=1&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0%2C974x90&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=641&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=1yPvoLI5ER&p=https%3A//www.urfanatik.com&dtd=32
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=60&adk=1262927770&adf=1840741644&pi=t.aa~a.3253648273~rp.1&w=318&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=318x60&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1594&idt=1&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0%2C974x90&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=641&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=1yPvoLI5ER&p=https%3A//www.urfanatik.com&dtd=32
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 02:39:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame B1D3 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=60&adk=1262927770&adf=1840741644&pi=t.aa~a.3253648273~rp.1&w=318&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=318x60&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1594&idt=1&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0%2C974x90&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=641&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=1yPvoLI5ER&p=https%3A//www.urfanatik.com&dtd=32
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=60&adk=1262927770&adf=1840741644&pi=t.aa~a.3253648273~rp.1&w=318&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=318x60&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1594&idt=1&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0%2C974x90&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=641&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=1yPvoLI5ER&p=https%3A//www.urfanatik.com&dtd=32
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 01:32:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3986
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 01:32:59 GMT
l
www.google.com/ads/measurement/ Frame B1D3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTYBTFCPKd_wpCz-Ztv2dGQ2tVUgA7YgJuHqs7TLTALVW9tu8OSOTw0l4THmak5IU-ZeFbfRR9YiBMXxhPCZc6sz6g4SA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=60&adk=1262927770&adf=1840741644&pi=t.aa~a.3253648273~rp.1&w=318&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=318x60&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1594&idt=1&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0%2C974x90&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=641&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=1yPvoLI5ER&p=https%3A//www.urfanatik.com&dtd=32
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=60&adk=1262927770&adf=1840741644&pi=t.aa~a.3253648273~rp.1&w=318&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=318x60&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1594&idt=1&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0%2C974x90&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=641&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=1yPvoLI5ER&p=https%3A//www.urfanatik.com&dtd=32
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame 563A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=600&slotname=2239800086&adk=2114660960&adf=1380629932&pi=t.ma~as.2239800086&w=300&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1614652765145&bpp=4&bdt=1240&idt=108&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=1300&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FbbVl6FquU&p=https%3A//www.urfanatik.com&dtd=113
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUm1qSN1DN0qAbTf-wtZmA43wPgtEoDxPEjppc8PSpBjykQXHgH5CtxndJ30cJc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 02 Mar 2021 02:39:25 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 02-Mar-2021 03:39:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 02 Mar 2021 02:39:25 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 02 Mar 2021 02:39:25 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210224&jk=2912353265427547&bg=!mZqlmtnNAAXB_3NtwTsAKQB2-Dxaqr62RQp4R4rXh1u0LGUjN58OjcRFp_CGylY5qD1ANn7j7UZtAgAAAZRSAAAAJ2gBBwoAh_BLHNNd-Md9WT_ROWjMggdGP8iJdXGO0bcgsEB5vIZ1X_knd0vdN3KajfKrh9N8RnzffCPPc2bGcWKt8G58--DfidcwbAUgO2X7tmE42ZlMhYYC6OF3lr2u3VPrqicv_EshGT9Ug0SP6jzsgJQb-ugtWToyU_BzYHcrWTuQeKTlZsZxySJAdpkB2pv68eT2eL2vaNONpCQou_rQlcQwUlkYiDGeC53t32tIUpTW_t-E4mOKulB-15IIrPZg9SBXcg0-gY1tqFMefs03Dfn2M4w-6sGvkZElfedOHpNJTToNAGGDDH3bGyq1g-d7Z2yxRXlh040flke6S1u50wfZRqpW_zNHxQ8SPQgSkqQK13TR8pay4I7W7tQkMAsrhJdILxb8ps1eXHqYpkRX4rVKoJzDlCxgxZOBDb9JiGATCSGAMimqcP7NG5UskIIFjbI4h-4BrFofwwf1dmvoGk0ud7qYRwFTClOo990LDdL42SH8we0LtC1aRsNdyq-nKADhmVkJKoEIRwIyf7Kr8ASETt_NuborTH_qcC2ZtAv4BJIV54KFIofzgGs47ZGvLMeImsl79UrSp_03eV4KEIn31bdFpPUna79kJQehTmW8YvgZzZlxWEhmnkmQyTa9GKhKzHFU2wV7LPx5MCdahloRT2hi2nMW45GFqI5c2pGEeiwgpzuuYOtVXW9uJP3Q94Phk_9NdwsA1e02UARbUA3WqxyqrOQfqmBNSYkXgE5cyA1YjP_QJIdR8jKxZjjHebtrcQITwXWXzC4CeRwn6kwGYUQ1ctPoTT5_z9lOUTmN5l7EkQY5-A
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 02:39:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 027A 		143 B
169 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=60&adk=1262927770&adf=1840741644&pi=t.aa~a.3253648273~rp.1&w=318&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=318x60&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1594&idt=1&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0%2C974x90&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=641&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=1yPvoLI5ER&p=https%3A//www.urfanatik.com&dtd=32
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=60&adk=1262927770&adf=1840741644&pi=t.aa~a.3253648273~rp.1&w=318&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=318x60&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1594&idt=1&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0%2C974x90&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=641&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=1yPvoLI5ER&p=https%3A//www.urfanatik.com&dtd=32
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUm1qSN1DN0qAbTf-wtZmA43wPgtEoDxPEjppc8PSpBjykQXHgH5CtxndJ30cJc; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=60&adk=1262927770&adf=1840741644&pi=t.aa~a.3253648273~rp.1&w=318&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=318x60&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1594&idt=1&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0%2C974x90&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=641&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=1yPvoLI5ER&p=https%3A//www.urfanatik.com&dtd=32

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 02 Mar 2021 01:41:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3482
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame B1D3 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c1456292071ee33185a67f09b834f34a0a7347ad20e9d9b8349d8a99eaf10da

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js
pagead2.googlesyndication.com/bg/ Frame B930 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 20:19:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
22810
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6224
x-xss-protection
0
expires
Tue, 01 Mar 2022 20:19:16 GMT
gen_csp
pagead2.googlesyndication.com/pagead/ Frame B1D3 		0
111 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMT5mqTKkO8CFRFV0wod7sUIBA&gqi=XaU9YOKJIYqx-wbHk7OwAw&layout=/sadbundle/%24csp%253Der3%24/15763118691896762517/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=60&adk=1262927770&adf=1840741644&pi=t.aa~a.3253648273~rp.1&w=318&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=318x60&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1594&idt=1&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0%2C974x90&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=641&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=1yPvoLI5ER&p=https%3A//www.urfanatik.com&dtd=32
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=60&adk=1262927770&adf=1840741644&pi=t.aa~a.3253648273~rp.1&w=318&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=318x60&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1594&idt=1&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0%2C974x90&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=641&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=1yPvoLI5ER&p=https%3A//www.urfanatik.com&dtd=32
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 02:39:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame F9D4 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15763118691896762517/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 12:33:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 02 Mar 2021 12:33:25 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F9D4 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15763118691896762517/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 12:41:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50252
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 02 Mar 2021 12:41:54 GMT
css
fonts.googleapis.com/ Frame F9D4 		22 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Prompt:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&cb=1614256282
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15763118691896762517/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
23521e43e4772bb55f516a8e0aa12c96d08a144ddfed5b1b4c30680aef3514cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 02:39:26 GMT
server
ESF
date
Tue, 02 Mar 2021 02:39:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Mar 2021 02:39:26 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame F9D4 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15763118691896762517/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Mar 2021 02:39:26 GMT
posdjza6jyw1
hal9000.redintelligence.net/zone/ Frame 2AEF 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/posdjza6jyw1?subid=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&rnd=4290140457486281309&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4290140457486281309%26mt_id%3D8656906%26mt_adid%3D222632%26mt_sid%3D7650326%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D0d18603d-a55d-4d01-a171-e0aab72c9691%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCVPSrXaU9YKSwIYie-wbuqIv4Cs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzExNzEwNzkxNjg1ODcwOcgBCagDAaoErQFP0EODvqmY5nCVaqUZm1MBLsgTzSefwe5X3bBL7gsWcsRouWAqXTeR85hUM4mGHvjnp_Kr2S6XKaCvBXgkDG-cEdj0VOMscUOYfK_EzroZWHA5YE3tflfjXEWlqPcc1OPox47YLnetDhAJ9SHLh_A1QDrBrLUkORtWW_6Gu6HIN4eyQ97Bj4JxiWnZJ0AIRKUZZ533KAfHUfw5D8D4Njga5Hn6xi8YO1djafCWGIAGpq_b7sjW4OYFoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2LAzRWEPIUsYVc2y6Q0yI-pXQumA%2526client%253Dca-pub-7117107916858709%2526adurl%253D%26redirect%3D
Requested by
Host: www.urfanatik.com
URL: https://www.urfanatik.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
256e91f063ad885b7b5546382e80667d7d91ed02676eda4dc473aa968cd4748b

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 02:39:26 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3344
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 2AEF 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=4290140457486281309&node_id=238&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWlRjeE1qTmlZbVl0WVdObU9DMWpNalZrTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQyOTAxNDA0NTc0ODYyODEzMDkvODY1NjkwNi83NjUwMzI2LzQvakVoa1Q5VmZBRDR3cGl1Tkc2Njdxd2FmN2JZa3NUT214dUVZdklJcDFPMC8xLzQvMC8wLzE0OTgzOTgvMC8yMjI2MzIvODY4MTU4LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNDI5MDE0MDQ1NzQ4NjI4MTMwOS96cmgvMC84NjcyLzY1Lzk5OS8yLzJhMDE6NGY4OjE5Mjo6LzAuMDAwLzE2MTQ2NTI3NjUvMTYxNDY2NTM2NS80L3B1Yi03MTE3MTA3OTE2ODU4NzA5Lw/VA9tBuQ8rjW-5xiVUiv_wYGyeDk&nodeid=238&group=eu&auctionid=4290140457486281309&sid=7650326&cid=8656906&bp=a_bbeggb&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.67&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVPSrXaU9YKSwIYie-wbuqIv4Cs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzExNzEwNzkxNjg1ODcwOcgBCagDAaoErQFP0EODvqmY5nCVaqUZm1MBLsgTzSefwe5X3bBL7gsWcsRouWAqXTeR85hUM4mGHvjnp_Kr2S6XKaCvBXgkDG-cEdj0VOMscUOYfK_EzroZWHA5YE3tflfjXEWlqPcc1OPox47YLnetDhAJ9SHLh_A1QDrBrLUkORtWW_6Gu6HIN4eyQ97Bj4JxiWnZJ0AIRKUZZ533KAfHUfw5D8D4Njga5Hn6xi8YO1djafCWGIAGpq_b7sjW4OYFoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2LAzRWEPIUsYVc2y6Q0yI-pXQumA%26client%3Dca-pub-7117107916858709%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.133.224 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.193.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 02:39:33 GMT
Server
MMBD/3.193.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x64, zrh-bidder-x35
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 02 Mar 2021 02:39:32 GMT
analytics.js
s.update.mediamathtag.com/2/619621/ Frame 2AEF 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.urfanatik.com&ui=e7123bbf-acf8-c25d-0000-000000000000&ap=&ti=4290140457486281309&pv=1ed7f715-2eb0-4ced-82a3-365b2f259945&pp=pub-7117107916858709&sr=4&de=43002&si=313062311&dm=728x90&ac=868158&cr=8656906&ai=222632&c1=7650326&r1=2a01:4f8:192::&r2=&r3=
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWlRjeE1qTmlZbVl0WVdObU9DMWpNalZrTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQyOTAxNDA0NTc0ODYyODEzMDkvODY1NjkwNi83NjUwMzI2LzQvakVoa1Q5VmZBRDR3cGl1Tkc2Njdxd2FmN2JZa3NUT214dUVZdklJcDFPMC8xLzQvMC8wLzE0OTgzOTgvMC8yMjI2MzIvODY4MTU4LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNDI5MDE0MDQ1NzQ4NjI4MTMwOS96cmgvMC84NjcyLzY1Lzk5OS8yLzJhMDE6NGY4OjE5Mjo6LzAuMDAwLzE2MTQ2NTI3NjUvMTYxNDY2NTM2NS80L3B1Yi03MTE3MTA3OTE2ODU4NzA5Lw/VA9tBuQ8rjW-5xiVUiv_wYGyeDk&nodeid=238&group=eu&auctionid=4290140457486281309&sid=7650326&cid=8656906&bp=a_bbeggb&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.67&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVPSrXaU9YKSwIYie-wbuqIv4Cs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzExNzEwNzkxNjg1ODcwOcgBCagDAaoErQFP0EODvqmY5nCVaqUZm1MBLsgTzSefwe5X3bBL7gsWcsRouWAqXTeR85hUM4mGHvjnp_Kr2S6XKaCvBXgkDG-cEdj0VOMscUOYfK_EzroZWHA5YE3tflfjXEWlqPcc1OPox47YLnetDhAJ9SHLh_A1QDrBrLUkORtWW_6Gu6HIN4eyQ97Bj4JxiWnZJ0AIRKUZZ533KAfHUfw5D8D4Njga5Hn6xi8YO1djafCWGIAGpq_b7sjW4OYFoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2LAzRWEPIUsYVc2y6Q0yI-pXQumA%26client%3Dca-pub-7117107916858709%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f8cabd887f64ec3be3db18a0855b527ea56c40c260bc577780cf7e08c51dcb89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 02:39:26 GMT
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
2051
Expires
0
img
pixel.mathtag.com/event/ Frame 2AEF 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=4290140457486281309&v3=868158&v4=7650326&v5=8656906&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWlRjeE1qTmlZbVl0WVdObU9DMWpNalZrTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQyOTAxNDA0NTc0ODYyODEzMDkvODY1NjkwNi83NjUwMzI2LzQvakVoa1Q5VmZBRDR3cGl1Tkc2Njdxd2FmN2JZa3NUT214dUVZdklJcDFPMC8xLzQvMC8wLzE0OTgzOTgvMC8yMjI2MzIvODY4MTU4LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNDI5MDE0MDQ1NzQ4NjI4MTMwOS96cmgvMC84NjcyLzY1Lzk5OS8yLzJhMDE6NGY4OjE5Mjo6LzAuMDAwLzE2MTQ2NTI3NjUvMTYxNDY2NTM2NS80L3B1Yi03MTE3MTA3OTE2ODU4NzA5Lw/VA9tBuQ8rjW-5xiVUiv_wYGyeDk&nodeid=238&group=eu&auctionid=4290140457486281309&sid=7650326&cid=8656906&bp=a_bbeggb&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.67&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVPSrXaU9YKSwIYie-wbuqIv4Cs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzExNzEwNzkxNjg1ODcwOcgBCagDAaoErQFP0EODvqmY5nCVaqUZm1MBLsgTzSefwe5X3bBL7gsWcsRouWAqXTeR85hUM4mGHvjnp_Kr2S6XKaCvBXgkDG-cEdj0VOMscUOYfK_EzroZWHA5YE3tflfjXEWlqPcc1OPox47YLnetDhAJ9SHLh_A1QDrBrLUkORtWW_6Gu6HIN4eyQ97Bj4JxiWnZJ0AIRKUZZ533KAfHUfw5D8D4Njga5Hn6xi8YO1djafCWGIAGpq_b7sjW4OYFoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2LAzRWEPIUsYVc2y6Q0yI-pXQumA%26client%3Dca-pub-7117107916858709%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-113.deploy.static.akamaitechnologies.com
Software
MT3 3518 2f03077 master zrh-pixel-x2 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 02:39:26 GMT
Server
MT3 3518 2f03077 master zrh-pixel-x2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 02 Mar 2021 02:39:25 GMT
img
tags.mathtag.com/event/ Frame 2AEF 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=4290140457486281309&st=7650326&time=1614652765&nodeid=238
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWlRjeE1qTmlZbVl0WVdObU9DMWpNalZrTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQyOTAxNDA0NTc0ODYyODEzMDkvODY1NjkwNi83NjUwMzI2LzQvakVoa1Q5VmZBRDR3cGl1Tkc2Njdxd2FmN2JZa3NUT214dUVZdklJcDFPMC8xLzQvMC8wLzE0OTgzOTgvMC8yMjI2MzIvODY4MTU4LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNDI5MDE0MDQ1NzQ4NjI4MTMwOS96cmgvMC84NjcyLzY1Lzk5OS8yLzJhMDE6NGY4OjE5Mjo6LzAuMDAwLzE2MTQ2NTI3NjUvMTYxNDY2NTM2NS80L3B1Yi03MTE3MTA3OTE2ODU4NzA5Lw/VA9tBuQ8rjW-5xiVUiv_wYGyeDk&nodeid=238&group=eu&auctionid=4290140457486281309&sid=7650326&cid=8656906&bp=a_bbeggb&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.67&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVPSrXaU9YKSwIYie-wbuqIv4Cs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzExNzEwNzkxNjg1ODcwOcgBCagDAaoErQFP0EODvqmY5nCVaqUZm1MBLsgTzSefwe5X3bBL7gsWcsRouWAqXTeR85hUM4mGHvjnp_Kr2S6XKaCvBXgkDG-cEdj0VOMscUOYfK_EzroZWHA5YE3tflfjXEWlqPcc1OPox47YLnetDhAJ9SHLh_A1QDrBrLUkORtWW_6Gu6HIN4eyQ97Bj4JxiWnZJ0AIRKUZZ533KAfHUfw5D8D4Njga5Hn6xi8YO1djafCWGIAGpq_b7sjW4OYFoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2LAzRWEPIUsYVc2y6Q0yI-pXQumA%26client%3Dca-pub-7117107916858709%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.133.224 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.193.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 02:39:33 GMT
Server
MMBD/3.193.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x70, zrh-bidder-x35
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 02 Mar 2021 02:39:32 GMT
request.php
hal900019.redintelligence.net/ Frame 2AEF
Redirect Chain
  • https://hal900019.redintelligence.net/request.php?zone=posdjza6jyw1&nw=20&renderingType=javascript&namespace=4fc7af68e1&subid=&uid=85aa5be9b4f82e9d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900019.redintelligence.net/request.php?zone=posdjza6jyw1&nw=20&renderingType=javascript&namespace=4fc7af68e1&subid=&uid=85aa5be9b4f82e9d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900019.redintelligence.net/request.php?zone=posdjza6jyw1&nw=20&renderingType=javascript&namespace=4fc7af68e1&subid=&uid=85aa5be9b4f82e9d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4290140457486281309%26mt_id%3D8656906%26mt_adid%3D222632%26mt_sid%3D7650326%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D0d18603d-a55d-4d01-a171-e0aab72c9691%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCVPSrXaU9YKSwIYie-wbuqIv4Cs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzExNzEwNzkxNjg1ODcwOcgBCagDAaoErQFP0EODvqmY5nCVaqUZm1MBLsgTzSefwe5X3bBL7gsWcsRouWAqXTeR85hUM4mGHvjnp_Kr2S6XKaCvBXgkDG-cEdj0VOMscUOYfK_EzroZWHA5YE3tflfjXEWlqPcc1OPox47YLnetDhAJ9SHLh_A1QDrBrLUkORtWW_6Gu6HIN4eyQ97Bj4JxiWnZJ0AIRKUZZ533KAfHUfw5D8D4Njga5Hn6xi8YO1djafCWGIAGpq_b7sjW4OYFoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2LAzRWEPIUsYVc2y6Q0yI-pXQumA%2526client%253Dca-pub-7117107916858709%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7117107916858709%26output%3Dhtml%26h%3D90%26adk%3D1738659094%26adf%3D918079177%26pi%3Dt.aa~a.1181726518~rp.4%26w%3D974%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1614652765%26rafmt%3D1%26to%3Dqs%26pwprc%3D8721816769%26psa%3D0%26format%3D974x90%26url%3Dhttps%253A%252F%252Fwww.urfanatik.com%252F%26flash%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1614652765500%26bpp%3D1%26bdt%3D1595%26idt%3D-M%26shv%3Dr20210224%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D0b37734f3c069b97-22372c82dca60072%253AT%253D1614652765%253ART%253D1614652765%253AS%253DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg%26prev_fmts%3D300x600%252C300x600%252C970x280%252C970x280%252C970x280%252C0x0%26nras%3D1%26correlator%3D5817649660161%26frm%3D20%26pv%3D1%26ga_vid%3D1602574259.1614652764%26ga_sid%3D1614652765%26ga_hid%3D885757471%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_java%3D0%26u_nplug%3D0%26u_nmime%3D0%26adx%3D313%26ady%3D2470%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44736377%26oid%3D3%26pvsid%3D2912353265427547%26rx%3D0%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C%252C%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Do%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D8320%26bc%3D31%26ifi%3D8%26uci%3Da!8%26btvi%3D3%26fsb%3D1%26xpc%3D3Cagxuk87j%26p%3Dhttps%253A%2F%2Fwww.urfanatik.com%26dtd%3D27&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.urfanatik.com&random=9865821286291&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
01496ca5162c5f98d1b5dd8540a927305fab73282f54d583c8c59538bee12ee1

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 02:39:26 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
81250400010621902142767011521019
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
727
Expires
Tue, 02 Mar 2021 02:39:26 +0100

Redirect headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 02:39:26 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=posdjza6jyw1&nw=20&renderingType=javascript&namespace=4fc7af68e1&subid=&uid=85aa5be9b4f82e9d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4290140457486281309%26mt_id%3D8656906%26mt_adid%3D222632%26mt_sid%3D7650326%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D0d18603d-a55d-4d01-a171-e0aab72c9691%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCVPSrXaU9YKSwIYie-wbuqIv4Cs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzExNzEwNzkxNjg1ODcwOcgBCagDAaoErQFP0EODvqmY5nCVaqUZm1MBLsgTzSefwe5X3bBL7gsWcsRouWAqXTeR85hUM4mGHvjnp_Kr2S6XKaCvBXgkDG-cEdj0VOMscUOYfK_EzroZWHA5YE3tflfjXEWlqPcc1OPox47YLnetDhAJ9SHLh_A1QDrBrLUkORtWW_6Gu6HIN4eyQ97Bj4JxiWnZJ0AIRKUZZ533KAfHUfw5D8D4Njga5Hn6xi8YO1djafCWGIAGpq_b7sjW4OYFoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2LAzRWEPIUsYVc2y6Q0yI-pXQumA%2526client%253Dca-pub-7117107916858709%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7117107916858709%26output%3Dhtml%26h%3D90%26adk%3D1738659094%26adf%3D918079177%26pi%3Dt.aa~a.1181726518~rp.4%26w%3D974%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1614652765%26rafmt%3D1%26to%3Dqs%26pwprc%3D8721816769%26psa%3D0%26format%3D974x90%26url%3Dhttps%253A%252F%252Fwww.urfanatik.com%252F%26flash%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1614652765500%26bpp%3D1%26bdt%3D1595%26idt%3D-M%26shv%3Dr20210224%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D0b37734f3c069b97-22372c82dca60072%253AT%253D1614652765%253ART%253D1614652765%253AS%253DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg%26prev_fmts%3D300x600%252C300x600%252C970x280%252C970x280%252C970x280%252C0x0%26nras%3D1%26correlator%3D5817649660161%26frm%3D20%26pv%3D1%26ga_vid%3D1602574259.1614652764%26ga_sid%3D1614652765%26ga_hid%3D885757471%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_java%3D0%26u_nplug%3D0%26u_nmime%3D0%26adx%3D313%26ady%3D2470%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44736377%26oid%3D3%26pvsid%3D2912353265427547%26rx%3D0%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C%252C%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Do%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D8320%26bc%3D31%26ifi%3D8%26uci%3Da!8%26btvi%3D3%26fsb%3D1%26xpc%3D3Cagxuk87j%26p%3Dhttps%253A%2F%2Fwww.urfanatik.com%26dtd%3D27&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.urfanatik.com&random=9865821286291&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Tue, 02 Mar 2021 02:39:26 +0100
0426a9bef2466440fe01d96ff92d2bc6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15763118691896762517/ Frame F9D4 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15763118691896762517/0426a9bef2466440fe01d96ff92d2bc6.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15763118691896762517/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08d4e132e8ad9e23f61a5202ff77a2595e11deb35718592c7b09bee6666da084
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15763118691896762517/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
307995
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6762
x-xss-protection
0
last-modified
Thu, 25 Feb 2021 12:33:44 GMT
server
sffe
date
Fri, 26 Feb 2021 13:06:11 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Feb 2022 13:06:11 GMT
imagesnrzkycjy9je41fextlzb.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15763118691896762517/ Frame F9D4 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15763118691896762517/imagesnrzkycjy9je41fextlzb.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15763118691896762517/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e98a1273451d9c990f69b8e455cc3119feca8af8e0f20dc0b7c4982217550458
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15763118691896762517/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
2138
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1136
x-xss-protection
0
last-modified
Thu, 25 Feb 2021 12:33:44 GMT
server
sffe
date
Tue, 02 Mar 2021 02:03:48 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 02:03:48 GMT
-W_8XJnvUD7dzB2Ck_kIaWMuUZctdg.woff2
fonts.gstatic.com/s/prompt/v4/ Frame F9D4 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/prompt/v4/-W_8XJnvUD7dzB2Ck_kIaWMuUZctdg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Prompt:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&cb=1614256282
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fe0455feb77a597b2aa413dac14b0cd7474f4b08057e775a7bd722c75a44b43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/css?family=Prompt:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&cb=1614256282
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 00:46:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:51:47 GMT
server
sffe
age
438768
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10328
x-xss-protection
0
expires
Fri, 25 Feb 2022 00:46:38 GMT
-W__XJnvUD7dzB2KYNodREEjew.woff2
fonts.gstatic.com/s/prompt/v4/ Frame F9D4 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/prompt/v4/-W__XJnvUD7dzB2KYNodREEjew.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Prompt:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&cb=1614256282
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c71e99a19048bfbef643401206c8da3dadceb417cf398b8524a0afb4dbd2743b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/css?family=Prompt:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&cb=1614256282
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 06:09:47 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:52:45 GMT
server
sffe
age
505779
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10700
x-xss-protection
0
expires
Thu, 24 Feb 2022 06:09:47 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 027A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
156 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=60&adk=1262927770&adf=1840741644&pi=t.aa~a.3253648273~rp.1&w=318&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=318x60&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1594&idt=1&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0%2C974x90&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=641&ady=4150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=1yPvoLI5ER&p=https%3A//www.urfanatik.com&dtd=32
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUm1qSN1DN0qAbTf-wtZmA43wPgtEoDxPEjppc8PSpBjykQXHgH5CtxndJ30cJc; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 02 Mar 2021 02:39:26 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 02-Mar-2021 03:39:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 02 Mar 2021 02:39:26 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 02 Mar 2021 02:39:26 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js
pagead2.googlesyndication.com/bg/ Frame F9D4 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 20:19:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
22810
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6224
x-xss-protection
0
expires
Tue, 01 Mar 2022 20:19:16 GMT
view.aspx
pb.media01.eu/ Frame DA89
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873c116b067622a85af?subid=81250400010621902142767011521019&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=81250400010621902142767011521019&actionid=879111&produktid=ratenkredit&dt_url=
0
607 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=81250400010621902142767011521019&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=posdjza6jyw1&nw=20&renderingType=javascript&namespace=4fc7af68e1&subid=&uid=85aa5be9b4f82e9d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4290140457486281309%26mt_id%3D8656906%26mt_adid%3D222632%26mt_sid%3D7650326%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D0d18603d-a55d-4d01-a171-e0aab72c9691%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCVPSrXaU9YKSwIYie-wbuqIv4Cs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzExNzEwNzkxNjg1ODcwOcgBCagDAaoErQFP0EODvqmY5nCVaqUZm1MBLsgTzSefwe5X3bBL7gsWcsRouWAqXTeR85hUM4mGHvjnp_Kr2S6XKaCvBXgkDG-cEdj0VOMscUOYfK_EzroZWHA5YE3tflfjXEWlqPcc1OPox47YLnetDhAJ9SHLh_A1QDrBrLUkORtWW_6Gu6HIN4eyQ97Bj4JxiWnZJ0AIRKUZZ533KAfHUfw5D8D4Njga5Hn6xi8YO1djafCWGIAGpq_b7sjW4OYFoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2LAzRWEPIUsYVc2y6Q0yI-pXQumA%2526client%253Dca-pub-7117107916858709%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7117107916858709%26output%3Dhtml%26h%3D90%26adk%3D1738659094%26adf%3D918079177%26pi%3Dt.aa~a.1181726518~rp.4%26w%3D974%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1614652765%26rafmt%3D1%26to%3Dqs%26pwprc%3D8721816769%26psa%3D0%26format%3D974x90%26url%3Dhttps%253A%252F%252Fwww.urfanatik.com%252F%26flash%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1614652765500%26bpp%3D1%26bdt%3D1595%26idt%3D-M%26shv%3Dr20210224%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D0b37734f3c069b97-22372c82dca60072%253AT%253D1614652765%253ART%253D1614652765%253AS%253DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg%26prev_fmts%3D300x600%252C300x600%252C970x280%252C970x280%252C970x280%252C0x0%26nras%3D1%26correlator%3D5817649660161%26frm%3D20%26pv%3D1%26ga_vid%3D1602574259.1614652764%26ga_sid%3D1614652765%26ga_hid%3D885757471%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_java%3D0%26u_nplug%3D0%26u_nmime%3D0%26adx%3D313%26ady%3D2470%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44736377%26oid%3D3%26pvsid%3D2912353265427547%26rx%3D0%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C%252C%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Do%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D8320%26bc%3D31%26ifi%3D8%26uci%3Da!8%26btvi%3D3%26fsb%3D1%26xpc%3D3Cagxuk87j%26p%3Dhttps%253A%2F%2Fwww.urfanatik.com%26dtd%3D27&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.urfanatik.com&random=9865821286291&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.10.231.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
85-10-231-199.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
pb.media01.eu
:scheme
https
:path
/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=81250400010621902142767011521019&actionid=879111&produktid=ratenkredit&dt_url=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Tue, 02 Mar 2021 03:39:26 GMT
server
Microsoft-IIS/10.0
set-cookie
ASP.NET_SessionId=fjdfojihyqmw50jjbbkqai1m; path=/; secure; HttpOnly DTU=7032B88BCDC9A1947D3DC1608438BF0D; expires=Thu, 02-Mar-2023 02:39:26 GMT; path=/; SameSite=None; secure; HttpOnly
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Tue, 02 Mar 2021 02:39:26 GMT
content-length
0

Redirect headers

server
nginx/1.17.5
date
Tue, 02 Mar 2021 02:39:26 GMT
content-type
text/html; charset=UTF-8
location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=81250400010621902142767011521019&actionid=879111&produktid=ratenkredit&dt_url=
x-powered-by
PHP/7.2.21
access-control-allow-origin
*
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
access-control-allow-headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
access-control-allow-credentials
true
set-cookie
trscj=MTYxNDY1Mjc2NnxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TmpNVEUyWWpBMk56WXlNbUU0TldGbVAzTjFZbWxrUFRneE1qVXdOREF3TURFd05qSXhPVEF5TVRReU56WTNNREV4TlRJeE1ERTVKblE5YUhSc2NBPT18YUhSMGNITTZMeTluYjI5bmJHVmhaSE11Wnk1a2IzVmliR1ZqYkdsamF5NXVaWFF2Y0dGblpXRmtMMkZrY3o5amJHbGxiblE5WTJFdGNIVmlMVGN4TVRjeE1EYzVNVFk0TlRnM01Ea21iM1YwY0hWMFBXaDBiV3dtYUQwNU1DWmhaR3M5TVRjek9EWTFPVEE1TkNaaFpHWTlPVEU0TURjNU1UYzNKbkJwUFhRdVlXRitZUzR4TVRneE56STJOVEU0Zm5Kd0xqUW1kejA1TnpRbVpuZHliajAwSm1aM2NtNW9QVEV3TUNac2JYUTlNVFl4TkRZMU1qYzJOU1p5WVdadGREMHhKblJ2UFhGekpuQjNjSEpqUFRnM01qRTRNVFkzTmprbWNITmhQVEFtWm05eWJXRjBQVGszTkhnNU1DWjFjbXc5YUhSMGNITWxNMEVsTWtZbE1rWjNkM2N1ZFhKbVlXNWhkR2xyTG1OdmJTVXlSaVptYkdGemFEMHdKbVozY2owd0puSndaVDB4Sm5KbGMzQmZabTEwY3owekpuZG5iRDB4Sm1SMFBURTJNVFEyTlRJM05qVTFNREFtWW5Cd1BURW1ZbVIwUFRFMU9UVW1hV1IwUFMxTkpuTm9kajF5TWpBeU1UQXlNalFtWTJKMlBYSXlNREU1TURFek1TWndkSFE5T1NaellXeGtjajFoWVNaaFluaGxQVEVtWTI5dmEybGxQVWxFSlRORU1HSXpOemN6TkdZell6QTJPV0k1TnkweU1qTTNNbU00TW1SallUWXdNRGN5SlROQlZDVXpSREUyTVRRMk5USTNOalVsTTBGU1ZDVXpSREUyTVRRMk5USTNOalVsTTBGVEpUTkVRVXhPU1Y5TllUazFPVTlQTTBoYVN5MHRRbXhzVW5Wb1UzWkliVjlOYzNCYVp5WndjbVYyWDJadGRITTlNekF3ZURZd01DVXlRek13TUhnMk1EQWxNa001TnpCNE1qZ3dKVEpET1Rjd2VESTRNQ1V5UXprM01IZ3lPREFsTWtNd2VEQW1ibkpoY3oweEptTnZjbkpsYkdGMGIzSTlOVGd4TnpZME9UWTJNREUyTVNabWNtMDlNakFtY0hZOU1TWm5ZVjkyYVdROU1UWXdNalUzTkRJMU9TNHhOakUwTmpVeU56WTBKbWRoWDNOcFpEMHhOakUwTmpVeU56WTFKbWRoWDJocFpEMDRPRFUzTlRjME56RW1aMkZmWm1NOU1DWjFYM1I2UFRZd0puVmZhR2x6UFRJbWRWOXFZWFpoUFRBbWRWOXVjR3gxWnowd0puVmZibTFwYldVOU1DWmhaSGc5TXpFekptRmtlVDB5TkRjd0ptSnBkejB4TmpBd0ptSnBhRDB4TWpBd0puTmpjbDk0UFRBbWMyTnlYM2s5TUNabGFXUTlORFEzTXpZek56Y21iMmxrUFRNbWNIWnphV1E5TWpreE1qTTFNekkyTlRReU56VTBOeVp5ZUQwd0ptVmhaVDB3Sm1aalBUZzVOaVppY21ScGJUMHdKVEpETUNVeVF6QWxNa013SlRKREpUSkRKVEpETVRZd01DVXlRekV5TURBbE1rTXhOakF3SlRKRE1USXdNQ1oyYVhNOU1TWnljM285YnlVM1F5VTNRMlZGWW5JbE4wTW1ZV0pzUFVOVEpuQm1lRDB3Sm1aMVBUZ3pNakFtWW1NOU16RW1hV1pwUFRnbWRXTnBQV0VoT0NaaWRIWnBQVE1tWm5OaVBURW1lSEJqUFRORFlXZDRkV3M0TjJvbWNEMW9kSFJ3Y3lVelFTOHZkM2QzTG5WeVptRnVZWFJwYXk1amIyMG1aSFJrUFRJMw%3D%3D; expires=Wed, 02-Mar-2022 02:39:26 GMT; Max-Age=31536000; path=/; samesite=none; domain=.medialead.de; secure
strict-transport-security
max-age=63072000;includeSubdomains;preload
request_content.php
hal900019.redintelligence.net/ Frame 23EC 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900019.redintelligence.net/request_content.php?s=81250400010621902142767011521019&a=9d0f26f1
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=posdjza6jyw1&nw=20&renderingType=javascript&namespace=4fc7af68e1&subid=&uid=85aa5be9b4f82e9d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4290140457486281309%26mt_id%3D8656906%26mt_adid%3D222632%26mt_sid%3D7650326%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D0d18603d-a55d-4d01-a171-e0aab72c9691%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCVPSrXaU9YKSwIYie-wbuqIv4Cs-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzExNzEwNzkxNjg1ODcwOcgBCagDAaoErQFP0EODvqmY5nCVaqUZm1MBLsgTzSefwe5X3bBL7gsWcsRouWAqXTeR85hUM4mGHvjnp_Kr2S6XKaCvBXgkDG-cEdj0VOMscUOYfK_EzroZWHA5YE3tflfjXEWlqPcc1OPox47YLnetDhAJ9SHLh_A1QDrBrLUkORtWW_6Gu6HIN4eyQ97Bj4JxiWnZJ0AIRKUZZ533KAfHUfw5D8D4Njga5Hn6xi8YO1djafCWGIAGpq_b7sjW4OYFoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2LAzRWEPIUsYVc2y6Q0yI-pXQumA%2526client%253Dca-pub-7117107916858709%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7117107916858709%26output%3Dhtml%26h%3D90%26adk%3D1738659094%26adf%3D918079177%26pi%3Dt.aa~a.1181726518~rp.4%26w%3D974%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1614652765%26rafmt%3D1%26to%3Dqs%26pwprc%3D8721816769%26psa%3D0%26format%3D974x90%26url%3Dhttps%253A%252F%252Fwww.urfanatik.com%252F%26flash%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1614652765500%26bpp%3D1%26bdt%3D1595%26idt%3D-M%26shv%3Dr20210224%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D0b37734f3c069b97-22372c82dca60072%253AT%253D1614652765%253ART%253D1614652765%253AS%253DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg%26prev_fmts%3D300x600%252C300x600%252C970x280%252C970x280%252C970x280%252C0x0%26nras%3D1%26correlator%3D5817649660161%26frm%3D20%26pv%3D1%26ga_vid%3D1602574259.1614652764%26ga_sid%3D1614652765%26ga_hid%3D885757471%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_java%3D0%26u_nplug%3D0%26u_nmime%3D0%26adx%3D313%26ady%3D2470%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44736377%26oid%3D3%26pvsid%3D2912353265427547%26rx%3D0%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C%252C%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Do%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D8320%26bc%3D31%26ifi%3D8%26uci%3Da!8%26btvi%3D3%26fsb%3D1%26xpc%3D3Cagxuk87j%26p%3Dhttps%253A%2F%2Fwww.urfanatik.com%26dtd%3D27&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.urfanatik.com&random=9865821286291&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
8b8941c85880a43afc2665afb150b0b5aa4b9594831499b5e8311d30bd4f869e

Request headers

Host
hal900019.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8lcfmzhxc8d6_uid=760bfed085a5fefd
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27

Response headers

Date
Tue, 02 Mar 2021 02:39:26 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 02 Mar 2021 02:39:26 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2108
Connection
close
Content-Type
text/html; charset=utf-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 437C 		1 KB
858 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 01 Mar 2021 03:14:09 GMT
expires
Tue, 02 Mar 2021 03:14:09 GMT
content-type
text/html; charset=ISO-8859-1
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
84317
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 2AEF 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e162909aee13c010bde493ad099224968f95d5918bb6a56e1c30cf587e8ed0c2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
postback
s.update.mediamathtag.com/2/1.22.2/619621/AGHnbNQAEPKrK3SM/ Frame 2AEF 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/1.22.2/619621/AGHnbNQAEPKrK3SM/postback?oz_pl=1&pp=pub-7117107916858709&de=43002&dm=728x90&ai=222632&r2=&r3=&pv=1ed7f715-2eb0-4ced-82a3-365b2f259945&ap=&sr=4&si=313062311&cr=8656906&ui=e7123bbf-acf8-c25d-0000-000000000000&c1=7650326&ti=4290140457486281309&pd=avt&di=https%3A%2F%2Fwww.urfanatik.com&ac=868158&r1=2a01%3A4f8%3A192%3A%3A&ci=619621&dt=6196211556140246740000
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.urfanatik.com&ui=e7123bbf-acf8-c25d-0000-000000000000&ap=&ti=4290140457486281309&pv=1ed7f715-2eb0-4ced-82a3-365b2f259945&pp=pub-7117107916858709&sr=4&de=43002&si=313062311&dm=728x90&ac=868158&cr=8656906&ai=222632&c1=7650326&r1=2a01:4f8:192::&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 02 Mar 2021 02:39:26 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.update.mediamathtag.com/2/1.22.2/ Frame 2AEF 		117 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/1.22.2/main.js?o=1
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.urfanatik.com&ui=e7123bbf-acf8-c25d-0000-000000000000&ap=&ti=4290140457486281309&pv=1ed7f715-2eb0-4ced-82a3-365b2f259945&pp=pub-7117107916858709&sr=4&de=43002&si=313062311&dm=728x90&ac=868158&cr=8656906&ai=222632&c1=7650326&r1=2a01:4f8:192::&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
48bbcc1ce2487936f5f8224d471cfc0b639d68abca1789fafd9f393f6bebaf76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 02:39:26 GMT
Content-Encoding
br
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, no-transform, immutable, max-age=999999999
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
37340
Expires
Thu, 07 Nov 2052 05:32:40 GMT
dpixel
cms.quantserve.com/ Frame 437C 		35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELpGF6WNfe1JDh2IRVu27lw&google_cver=1&google_push=AQvitUJ3hh2lgwz1Jm1IOmLLXD6meWxNR95qPEMjX33PAY6wwopNNcw3F6Lckacn-2I0uCA3hlVoD_EEoeUBTZwm-Ug01zwxoKA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 02:39:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 437C
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitULqzTuP6ukenf9ToNacvPr98atsfglQG-GD7vP...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUQybFhnQUFCRkBjY3h5Wg&google_push=AQvitULqzTuP6ukenf9ToNacvPr98atsfglQG-GD7vPcJmszfUOmNf9GeKEGxNAFKxkszu64Bzn1IGpZtyc-A16CV9ti2fpn7Yda
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUQybFhnQUFCRkBjY3h5Wg&google_push=AQvitULqzTuP6ukenf9ToNacvPr98atsfglQG-GD7vPcJmszfUOmNf9GeKEGxNAFKxkszu64Bzn1IGpZtyc-A16CV9ti2fpn7Yda
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 02:39:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUQybFhnQUFCRkBjY3h5Wg&google_push=AQvitULqzTuP6ukenf9ToNacvPr98atsfglQG-GD7vPcJmszfUOmNf9GeKEGxNAFKxkszu64Bzn1IGpZtyc-A16CV9ti2fpn7Yda
Date
Tue, 02 Mar 2021 02:39:26 GMT
Server
Apache
Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
sync
odr.mookie1.com/t/v2/ Frame 437C 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEFEpArhrPq6pxzkCiI9fIc4&google_push=AQvitUK1WBsRxb6v5llEHgpFpYoFTr9OAlAbnR0TsYJZaF--3TmQyA8GPRCkbRstN9i59JuMK77luxocqN8ddQROTPoXwUcuFfM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 02:39:26 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 437C
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEPzMJB_crKh48PMcIe4Bars&google_cver=1&google_push=AQvitUJibqHt2wumAIjE8DQMpsD7P4508xu46BMBdxQpBcfU3uwxafF-8HuDYJEHhOGbyyszx_MBFcUIWCQ4Gfus_NeJe8--V-nD
  • https://rtb.openx.net/sync/dds?google_gid=CAESEPzMJB_crKh48PMcIe4Bars&google_cver=1&google_push=AQvitUJibqHt2wumAIjE8DQMpsD7P4508xu46BMBdxQpBcfU3uwxafF-8HuDYJEHhOGbyyszx_MBFcUIWCQ4Gfus_NeJe8--V-nD&...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJibqHt2wumAIjE8DQMpsD7P4508xu46BMBdxQpBcfU3uwxafF-8HuDYJEHhOGbyyszx_MBFcUIWCQ4Gfus_NeJe8--V-nD&google_hm=_l57BKTYxEg9fM5FG__G5Q==
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJibqHt2wumAIjE8DQMpsD7P4508xu46BMBdxQpBcfU3uwxafF-8HuDYJEHhOGbyyszx_MBFcUIWCQ4Gfus_NeJe8--V-nD&google_hm=_l57BKTYxEg9fM5FG__G5Q==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 02:39:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Mar 2021 02:39:26 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJibqHt2wumAIjE8DQMpsD7P4508xu46BMBdxQpBcfU3uwxafF-8HuDYJEHhOGbyyszx_MBFcUIWCQ4Gfus_NeJe8--V-nD&google_hm=_l57BKTYxEg9fM5FG__G5Q==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
ee302hpetqmlnksb9g5s5t08l37q09ba
pixel
cm.g.doubleclick.net/ Frame 437C
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2NkkTUO3STSmkEVBhMVusw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2NkkTUO3STSmkEVBhMVusw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKFDkcuobT3oc1Qu9S1bc-57ef8lUyZgfLMtz8W3Bz80HEh6HBxGDKKL6vhSdWnocARG3uL-twmKemfq8dwc4qKU3C8A3fh
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 02:39:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2NkkTUO3STSmkEVBhMVusw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKFDkcuobT3oc1Qu9S1bc-57ef8lUyZgfLMtz8W3Bz80HEh6HBxGDKKL6vhSdWnocARG3uL-twmKemfq8dwc4qKU3C8A3fh
Date
Tue, 02 Mar 2021 02:39:26 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 437C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHyZVCz0HQDrXbJYdi87XpM&google_cver=1&google_push=AQvitUKzKUd_nKBeFvu8wjhQOcPC48JK1GvqM7g2BmqqzN0MKW_niHflA0uBbIAvRJ0n5AnSYo_...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xSRUtHRzYtMVEtSFQyTQ==&google_push=AQvitUKzKUd_nKBeFvu8wjhQOcPC48JK1GvqM7g2BmqqzN0MKW_niHflA0uBbIAvRJ0n5AnSYo_MsxGV-OWRkl-qshTIOeWOBAdu
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xSRUtHRzYtMVEtSFQyTQ==&google_push=AQvitUKzKUd_nKBeFvu8wjhQOcPC48JK1GvqM7g2BmqqzN0MKW_niHflA0uBbIAvRJ0n5AnSYo_MsxGV-OWRkl-qshTIOeWOBAdu
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 02:39:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xSRUtHRzYtMVEtSFQyTQ==&google_push=AQvitUKzKUd_nKBeFvu8wjhQOcPC48JK1GvqM7g2BmqqzN0MKW_niHflA0uBbIAvRJ0n5AnSYo_MsxGV-OWRkl-qshTIOeWOBAdu
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame 437C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENVnu66aXGCUiMjLHvc2EOM&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENVnu66aXGCUiMjLHvc2EOM&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YD2lXrHJlUuT7tNn30P8MgAABI0AAAIB&google_push=AQvitUIq1JUAKmJI2jn6oDzjDLXGiaXujQD3mYPjX8JSGgsU-SGtH8zygAmuhZaS0rF-3mjMd2s1yeJURfxQGFHXqP...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YD2lXrHJlUuT7tNn30P8MgAABI0AAAIB&google_push=AQvitUIq1JUAKmJI2jn6oDzjDLXGiaXujQD3mYPjX8JSGgsU-SGtH8zygAmuhZaS0rF-3mjMd2s1yeJURfxQGFHXqPxG7csaWzc&google_cver=1&google_gid=CAESENVnu66aXGCUiMjLHvc2EOM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 02:39:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 02:39:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YD2lXrHJlUuT7tNn30P8MgAABI0AAAIB&google_push=AQvitUIq1JUAKmJI2jn6oDzjDLXGiaXujQD3mYPjX8JSGgsU-SGtH8zygAmuhZaS0rF-3mjMd2s1yeJURfxQGFHXqPxG7csaWzc&google_cver=1&google_gid=CAESENVnu66aXGCUiMjLHvc2EOM
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
459
Expires
Tue, 02 Mar 2021 02:39:26 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 437C 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ILNbncIomzdy5H-5-4WgiOw2Y5PuuFXRi0pKNPpbt_WfWEwGaGoQ6uek-6NliqI036_yQh
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:39:26 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 23EC 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=81250400010621902142767011521019&a=9d0f26f1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hal900019.redintelligence.net/request_content.php?s=81250400010621902142767011521019&a=9d0f26f1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 06:47:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
244295
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Feb 2022 06:47:51 GMT
pb_ratenkredit_728x90.gif
ad-server.eu/wm/pb/rate/aktion/ Frame 23EC
Redirect Chain
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873c116b067622a85af?subid=81250400010621902142767011521019
  • https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_728x90.gif
32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_728x90.gif
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=81250400010621902142767011521019&a=9d0f26f1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
17ca972433d43e87615ae0b3a53bff8a7644713829083969baa4c57be87153b5

Request headers

Referer
https://hal900019.redintelligence.net/request_content.php?s=81250400010621902142767011521019&a=9d0f26f1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 02:41:14 GMT
Last-Modified
Wed, 17 Feb 2021 10:55:29 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"602cf621-80c2"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32962

Redirect headers

location
https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_728x90.gif
date
Tue, 02 Mar 2021 02:39:26 GMT
server
nginx/1.17.5
x-powered-by
PHP/7.2.21
strict-transport-security
max-age=63072000;includeSubdomains;preload
content-type
text/html; charset=UTF-8
postback
s.update.mediamathtag.com/2/1.22.2/619621/AGHnbNQAEPKrK3SM/ Frame 2AEF 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/1.22.2/619621/AGHnbNQAEPKrK3SM/postback?oz_pl=1&pp=pub-7117107916858709&de=43002&dm=728x90&ai=222632&r2=&r3=&pv=1ed7f715-2eb0-4ced-82a3-365b2f259945&ap=&sr=4&si=313062311&cr=8656906&ui=e7123bbf-acf8-c25d-0000-000000000000&c1=7650326&ti=4290140457486281309&pd=avt&di=https%3A%2F%2Fwww.urfanatik.com&ac=868158&r1=2a01%3A4f8%3A192%3A%3A&ci=619621&dt=6196211556140246740000
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.urfanatik.com&ui=e7123bbf-acf8-c25d-0000-000000000000&ap=&ti=4290140457486281309&pv=1ed7f715-2eb0-4ced-82a3-365b2f259945&pp=pub-7117107916858709&sr=4&de=43002&si=313062311&dm=728x90&ac=868158&cr=8656906&ai=222632&c1=7650326&r1=2a01:4f8:192::&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 02 Mar 2021 02:39:26 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
viewability
hal900019.redintelligence.net/ Frame 23EC 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900019.redintelligence.net/viewability?s=81250400010621902142767011521019&a=d8706f5f&vb=m
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=81250400010621902142767011521019&a=9d0f26f1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal900019.redintelligence.net/request_content.php?s=81250400010621902142767011521019&a=9d0f26f1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 02:39:26 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 23EC 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame 5DCD 		42 B
69 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxVNYoHLoN4_J9zDzGphT0KGcpVsnQuKceTqD4qpmu2URguyDHf5i0BKOZk7F3fqy7Wx3tsyOVPFtZgZ6LdAzERBLosCbwZ_4UgtTNKzC3XV_cmLRRU-k55PzoOw&sai=AMfl-YSZyldhpa4cRHlZ103RVmzjAgngi3V-revUAdL-Oe7deHis40fqtFv_KVUYrvl7caBeiTuWK3SAwz1t&sig=Cg0ArKJSzL7xjGVo9mZyEAE&id=osdim&mcvt=1029&p=160,1300,760,1600&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20210301&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=2114660960&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614652765260&dlt=200&rpt=82&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=600&slotname=2239800086&adk=2114660960&adf=1380629932&pi=t.ma~as.2239800086&w=300&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1614652765145&bpp=4&bdt=1240&idt=108&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=1300&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FbbVl6FquU&p=https%3A//www.urfanatik.com&dtd=113
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 02:39:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.update.mediamathtag.com/2/1.22.2/619621/AGHnbNQAEPKrK3SM/ Frame 2AEF 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/1.22.2/619621/AGHnbNQAEPKrK3SM/postback?pp=pub-7117107916858709&de=43002&dm=728x90&ai=222632&r2=&r3=&pv=1ed7f715-2eb0-4ced-82a3-365b2f259945&ap=&sr=4&si=313062311&cr=8656906&ui=e7123bbf-acf8-c25d-0000-000000000000&c1=7650326&ti=4290140457486281309&pd=avt&di=https%3A%2F%2Fwww.urfanatik.com&ac=868158&r1=2a01%3A4f8%3A192%3A%3A&ci=619621&dt=6196211556140246740000&sid=AGHnbNQAEPKrK3SM&oz_sc=98326cb1d1f8632dcc67a40e&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/1.22.2/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 02 Mar 2021 02:39:26 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame 6C58 		42 B
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstguvsVEndudPAlwY51VghFU58oHgDkAZ-wEdTpX98mdiCKpXJu2f1r_zg7wirAq7XioVVRRj_U816YAXOBYZxYyJFPu-vhqY8iLTPZsLPeiX0jrnScYkol-4J_rg&sai=AMfl-YQuRCdQZrPepv7GWfjvT0MwpzL-8L_EHPchdhWG7vd2jQkTTulN35Yp6y3YW8ZDMC0rx47mOY8puxYI&sig=Cg0ArKJSzCXma9gD7iv7EAE&id=osdim&mcvt=1006&p=894,315,1174,1285&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20210301&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3861800019&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1614652765278&dlt=282&rpt=73&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=280&slotname=3552881753&adk=3861800019&adf=3259219877&pi=t.ma~as.3552881753&w=970&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614652765149&bpp=2&bdt=1244&idt=120&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=315&ady=894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GwEoCnVmVN&p=https%3A//www.urfanatik.com&dtd=124
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 02:39:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.update.mediamathtag.com/2/1.22.2/619621/AGHnbNQAEPKrK3SM/ Frame 2AEF 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/1.22.2/619621/AGHnbNQAEPKrK3SM/postback?pp=pub-7117107916858709&de=43002&dm=728x90&ai=222632&r2=&r3=&pv=1ed7f715-2eb0-4ced-82a3-365b2f259945&ap=&sr=4&si=313062311&cr=8656906&ui=e7123bbf-acf8-c25d-0000-000000000000&c1=7650326&ti=4290140457486281309&pd=avt&di=https%3A%2F%2Fwww.urfanatik.com&ac=868158&r1=2a01%3A4f8%3A192%3A%3A&ci=619621&dt=6196211556140246740000&sid=AGHnbNQAEPKrK3SM&oz_sc=98326cb1d1f8632dcc67a40e&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/1.22.2/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 02 Mar 2021 02:39:26 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
truncated
/ Frame CAC9 		13 B
13 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/html;charset=utf-8
postback
s.update.mediamathtag.com/2/1.22.2/619621/AGHnbNQAEPKrK3SM/ Frame 2AEF 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/1.22.2/619621/AGHnbNQAEPKrK3SM/postback?pp=pub-7117107916858709&de=43002&dm=728x90&ai=222632&r2=&r3=&pv=1ed7f715-2eb0-4ced-82a3-365b2f259945&ap=&sr=4&si=313062311&cr=8656906&ui=e7123bbf-acf8-c25d-0000-000000000000&c1=7650326&ti=4290140457486281309&pd=avt&di=https%3A%2F%2Fwww.urfanatik.com&ac=868158&r1=2a01%3A4f8%3A192%3A%3A&ci=619621&dt=6196211556140246740000&sid=AGHnbNQAEPKrK3SM&oz_sc=98326cb1d1f8632dcc67a40e&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/1.22.2/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 02 Mar 2021 02:39:27 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.mediamathtag.com/2/1.22.2/619621/AGHnbNQAEPKrK3SM/ Frame 2AEF 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/1.22.2/619621/AGHnbNQAEPKrK3SM/postback?pp=pub-7117107916858709&de=43002&dm=728x90&ai=222632&r2=&r3=&pv=1ed7f715-2eb0-4ced-82a3-365b2f259945&ap=&sr=4&si=313062311&cr=8656906&ui=e7123bbf-acf8-c25d-0000-000000000000&c1=7650326&ti=4290140457486281309&pd=avt&di=https%3A%2F%2Fwww.urfanatik.com&ac=868158&r1=2a01%3A4f8%3A192%3A%3A&ci=619621&dt=6196211556140246740000&sid=AGHnbNQAEPKrK3SM&oz_sc=98326cb1d1f8632dcc67a40e&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/1.22.2/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 02 Mar 2021 02:39:27 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.mediamathtag.com/2/1.22.2/619621/AGHnbNQAEPKrK3SM/ Frame 2AEF 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/1.22.2/619621/AGHnbNQAEPKrK3SM/postback?pp=pub-7117107916858709&de=43002&dm=728x90&ai=222632&r2=&r3=&pv=1ed7f715-2eb0-4ced-82a3-365b2f259945&ap=&sr=4&si=313062311&cr=8656906&ui=e7123bbf-acf8-c25d-0000-000000000000&c1=7650326&ti=4290140457486281309&pd=avt&di=https%3A%2F%2Fwww.urfanatik.com&ac=868158&r1=2a01%3A4f8%3A192%3A%3A&ci=619621&dt=6196211556140246740000&sid=AGHnbNQAEPKrK3SM&oz_sc=98326cb1d1f8632dcc67a40e&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/1.22.2/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 02 Mar 2021 02:39:27 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.mediamathtag.com/2/1.22.2/619621/AGHnbNQAEPKrK3SM/ Frame 2AEF 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/1.22.2/619621/AGHnbNQAEPKrK3SM/postback?pp=pub-7117107916858709&de=43002&dm=728x90&ai=222632&r2=&r3=&pv=1ed7f715-2eb0-4ced-82a3-365b2f259945&ap=&sr=4&si=313062311&cr=8656906&ui=e7123bbf-acf8-c25d-0000-000000000000&c1=7650326&ti=4290140457486281309&pd=avt&di=https%3A%2F%2Fwww.urfanatik.com&ac=868158&r1=2a01%3A4f8%3A192%3A%3A&ci=619621&dt=6196211556140246740000&sid=AGHnbNQAEPKrK3SM&oz_sc=98326cb1d1f8632dcc67a40e&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/1.22.2/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 02 Mar 2021 02:39:27 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
9c0d3d54-62cb-4b36-9131-b749cf3e5cf4
https://googleads.g.doubleclick.net/ Frame 2AEF 		476 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://googleads.g.doubleclick.net/9c0d3d54-62cb-4b36-9131-b749cf3e5cf4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
573dd332efcaf9ab1ae7f7e72bbbd65aa0c6b9223c4bcead7be3aa25685cba4e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
476
postback
s.update.mediamathtag.com/2/1.22.2/619621/AGHnbNQAEPKrK3SM/ Frame 2AEF 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/1.22.2/619621/AGHnbNQAEPKrK3SM/postback?pp=pub-7117107916858709&de=43002&dm=728x90&ai=222632&r2=&r3=&pv=1ed7f715-2eb0-4ced-82a3-365b2f259945&ap=&sr=4&si=313062311&cr=8656906&ui=e7123bbf-acf8-c25d-0000-000000000000&c1=7650326&ti=4290140457486281309&pd=avt&di=https%3A%2F%2Fwww.urfanatik.com&ac=868158&r1=2a01%3A4f8%3A192%3A%3A&ci=619621&dt=6196211556140246740000&sid=AGHnbNQAEPKrK3SM&oz_sc=98326cb1d1f8632dcc67a40e&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/1.22.2/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 02 Mar 2021 02:39:27 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.mediamathtag.com/2/1.22.2/619621/AGHnbNQAEPKrK3SM/ Frame 2AEF 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/1.22.2/619621/AGHnbNQAEPKrK3SM/postback?pp=pub-7117107916858709&de=43002&dm=728x90&ai=222632&r2=&r3=&pv=1ed7f715-2eb0-4ced-82a3-365b2f259945&ap=&sr=4&si=313062311&cr=8656906&ui=e7123bbf-acf8-c25d-0000-000000000000&c1=7650326&ti=4290140457486281309&pd=avt&di=https%3A%2F%2Fwww.urfanatik.com&ac=868158&r1=2a01%3A4f8%3A192%3A%3A&ci=619621&dt=6196211556140246740000&sid=AGHnbNQAEPKrK3SM&oz_sc=98326cb1d1f8632dcc67a40e&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/1.22.2/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 02 Mar 2021 02:39:31 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.mediamathtag.com/2/1.22.2/619621/AGHnbNQAEPKrK3SM/ Frame 2AEF 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/1.22.2/619621/AGHnbNQAEPKrK3SM/postback?pp=pub-7117107916858709&de=43002&dm=728x90&ai=222632&r2=&r3=&pv=1ed7f715-2eb0-4ced-82a3-365b2f259945&ap=&sr=4&si=313062311&cr=8656906&ui=e7123bbf-acf8-c25d-0000-000000000000&c1=7650326&ti=4290140457486281309&pd=avt&di=https%3A%2F%2Fwww.urfanatik.com&ac=868158&r1=2a01%3A4f8%3A192%3A%3A&ci=619621&dt=6196211556140246740000&sid=AGHnbNQAEPKrK3SM&oz_sc=98326cb1d1f8632dcc67a40e&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/1.22.2/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7117107916858709&output=html&h=90&adk=1738659094&adf=918079177&pi=t.aa~a.1181726518~rp.4&w=974&fwrn=4&fwrnh=100&lmt=1614652765&rafmt=1&to=qs&pwprc=8721816769&psa=0&format=974x90&url=https%3A%2F%2Fwww.urfanatik.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614652765500&bpp=1&bdt=1595&idt=-M&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0b37734f3c069b97-22372c82dca60072%3AT%3D1614652765%3ART%3D1614652765%3AS%3DALNI_Ma959OO3HZK--BllRuhSvHm_MspZg&prev_fmts=300x600%2C300x600%2C970x280%2C970x280%2C970x280%2C0x0&nras=1&correlator=5817649660161&frm=20&pv=1&ga_vid=1602574259.1614652764&ga_sid=1614652765&ga_hid=885757471&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_nplug=0&u_nmime=0&adx=313&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736377&oid=3&pvsid=2912353265427547&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C%2C%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=3Cagxuk87j&p=https%3A//www.urfanatik.com&dtd=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 02 Mar 2021 02:39:33 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
2588219186
bam.eu01.nr-data.net/events/1/ 		24 B
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.eu01.nr-data.net/events/1/2588219186?a=141047623&v=1198.fe6ec20&to=MhBSZQoZXkoAVEwMDAtacVIMEV9XTl9XCAYVFFdU&rst=10572&ck=1&ref=https://www.urfanatik.com/
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1198.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.221.86.34 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.urfanatik.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.urfanatik.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame F9D4 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=340.0000&a1=https&f1=layout_html&s1=0&d1=8.0000&i=500930449858&t=419&c=p&lp=%2Fsadbundle%2F%24csp%253Der3%24%2F15763118691896762517%2Findex.html&gqi=XaU9YOKJIYqx-wbHk7OwAw&qqi=CMT5mqTKkO8CFRFV0wod7sUIBA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 02:39:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

242 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| __cfQR object| NREUM object| newrelic function| __nr_require object| fs object| fn object| adChannelsUsed object| adsUsed object| adStats function| pushfn object| set object| _atrk_opts string| uygulamaid string| endp function| getRegToken function| setTokenSentToServer function| setSormaDurum function| isTokenSentToServer function| saveToken function| BildirtsetCookie function| BildirtgetCookie object| core object| __core-js_shared__ object| firebase function| gtag object| dataLayer object| google_tag_manager object| cssua object| hasdefer function| $ function| jQuery function| Blazy object| bLazy function| slick_lzy_before function| ad_ac function| ad_ac_close object| channels object| elements boolean| isMobile object| entryId object| categoryId function| fetchAds function| _tema_ads_intro_close object| site function| defer function| disableselect function| reEnable boolean| __cfRLUnblockHandlers object| google_tag_data string| GoogleAnalyticsObject function| ga function| atrk boolean| _atrk_fired function| _main_theme function| tema object| provinceSlug function| _tema_dasboard function| dashboardLinkClick function| dashboardProvinceChange function| dashboardProvinceNamaz function| fetchNamaz function| _tema_yazarbant function| themes_scroll_calls number| pageTrackTrashold boolean| pageTracking object| pageTrackTimeout number| pageTrackMaxDataSize undefined| entryRatings undefined| entryViews undefined| entryClicks function| track function| track_on_scroll function| track_visibility function| trackVisibilty function| setTrackData function| storeRatings function| ratingFifo function| ratingExists function| sendRatings function| _load function| display function| doc_update function| mediasizemod function| _page_album function| _page_eczane function| _page_ilan function| calculateBulletinPrice function| priceInputPlaceholder function| _page_info function| _page_lig function| _page_post function| _page_rehber function| rehber_sticky function| createUriFromGuideFilter function| gotoCategory function| _tema_ads function| ad_after function| online_visitors function| _tema_embed_resize function| _tema_footer boolean| status_tre function| _tema_form_mask function| _tema_link_load function| _tema_menu_case function| _tema_menu_case_close function| _tema_menu_mobil function| _t_mmf_close function| _tema_menu_mobil_close function| _tema_mobil_stick_header function| _tmsh_run function| _tema_slide function| slick_each function| slick_response function| slick_view function| slick_lzy function| slick_native function| slick_track_slide function| slick_rating function| _tema_sticky function| _tema_sub_info function| _tema_subnav function| subnav_scroll function| subnav_open function| subnav_exit function| _tema_tab function| htmcss function| RemoveScroll function| aspect_ratio function| boslink function| checkTime function| common_scroll_calls function| css_value function| device_actions function| exis function| getCookie function| goBack function| gridpreview function| jumpMenu function| mediakur undefined| hidden undefined| state undefined| visibilityChange function| check_refresh function| meta_refresh function| popup function| scroll_calls function| throttle function| scrollableElement function| setCookie function| showValues function| startTime function| stats function| str_pos function| _swip_gallery_fix function| topGo function| topGo_on_scroll function| valid_links undefined| waitForFinalEvent function| wait_task function| zindex function| css_index function| on_index undefined| form function| form_send function| form_send_after function| form_send_before function| form_send_before_more function| form_type function| provinceSelected function| _bootstrap_modal undefined| newmodal function| _bootstrap_new_modal function| validate_email function| ad_yan function| ad_yan_after function| _toogle function| _tg_audio function| _modal_fan object| gaplugins object| gaGlobal object| gaData object| span undefined| outer_s object| adsbygoogle string| str object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_image_requests

1 Cookies

Domain/Path Name / Value
.urfanatik.com/ Name: __cfduid
Value: dbe12db35a56e9ac0d31a8be752afb4e41614652763

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-server.eu
adservice.google.com
adservice.google.de
ajax.cloudflare.com
ajax.googleapis.com
bam.eu01.nr-data.net
cdn2.bildirt.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
cms.quantserve.com
file.daktilo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900019.redintelligence.net
image6.pubmatic.com
js-agent.newrelic.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pixel.everesttech.net
pixel.mathtag.com
pixel.rubiconproject.com
pv.medialead.de
rtb.openx.net
s.update.mediamathtag.com
s0.2mdn.net
ssum-sec.casalemedia.com
static.daktilo.com
statistics.daktilo.com
stats.g.doubleclick.net
tags.mathtag.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.urfanatik.com
138.201.63.145
142.250.185.98
142.250.186.34
143.204.89.28
143.204.89.55
151.101.114.110
157.90.162.130
185.221.86.34
185.29.133.224
185.64.189.115
23.210.249.113
23.210.249.164
2606:4700:20::681a:fb6
2606:4700:20::ac43:4a28
2606:4700:3033::6815:3603
2606:4700:3036::6815:1add
2606:4700::6810:a823
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::200a
2a00:1450:4001:801::2006
2a00:1450:4001:802::2001
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:827::200a
2a00:1450:4001:82b::2003
2a00:1450:400c:c0c::9a
34.243.93.43
34.246.227.69
34.98.67.61
35.227.252.103
51.38.145.136
54.76.176.197
69.173.144.165
78.46.90.238
85.10.231.199
01496ca5162c5f98d1b5dd8540a927305fab73282f54d583c8c59538bee12ee1
04107eb63aefbb8a1ded9bdfd8bb5252b0dac92a3f90638b94d9211737622859
08d4e132e8ad9e23f61a5202ff77a2595e11deb35718592c7b09bee6666da084
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
11a4dee8fdf2185586d57298a23d9a1d1433a9fef65e8453ffdb5bd9a03c595d
11aee507ab8b3c466a74a9448c5ba338d01f6e975b1416877ea538cc8a4a024c
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
17ca972433d43e87615ae0b3a53bff8a7644713829083969baa4c57be87153b5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c1dc815e0933ea7f001023a9e848da9f99c8ed071c5975312912f3928a0e38
1b89d4694686d55f87bf9576034e693406b8ed14118119b78a14bda7faa191cd
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
224c74acf18556e5f056905d827f5c6762297fdbd7519b74e24cf1c04a85437f
232a6e4747a4177b230dbcef1b31ef29d374f76e3dbf8b138bdf545339e0d19a
23521e43e4772bb55f516a8e0aa12c96d08a144ddfed5b1b4c30680aef3514cc
256e91f063ad885b7b5546382e80667d7d91ed02676eda4dc473aa968cd4748b
264c8c03540112e6632a0b231a09674edc0e28f341252bde155d71aa61bf089c
292e3b9fa7eff78d18f9f28e666f940c96696c6a2aa4dd543227f82d0c6c21c7
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2c1456292071ee33185a67f09b834f34a0a7347ad20e9d9b8349d8a99eaf10da
34aa8cbaedebf87c96cb364145ff881b81d51f4217d1de4721cb989e8bf9da78
39893061747f88b837a34d0395d05fca83e7cd5bbf2d582d181a73c5c9a174c6
41240a5c2c2292e3224584076922a475c0f4b56f9fc8fa18fe9569afe80015ae
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
47776006c557ba5b926a69ad218df1b848bcc979b78092c2714f2e174e57af26
48bbcc1ce2487936f5f8224d471cfc0b639d68abca1789fafd9f393f6bebaf76
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4c9bcf99465c0888054d2fdaebfea4fbd77508ef093c37553359b4d0cd703953
4c9d939201a9a3de1c97d6b60fd13f3c7713f60753ccadc9500041f7cade629d
4fe0455feb77a597b2aa413dac14b0cd7474f4b08057e775a7bd722c75a44b43
50f6e7ec759bf6204125f85f9b45e9af4095db7483d0a2662b69fb3ceb4d866b
5426f25a1f219a9fc4a2290ec3820c96e391ea6cb9a25f4fa28b325c49d78015
56dc8322fa99ade9ed60d50fbc22edd3984dbadcec10f212a0533e280ce09f92
573dd332efcaf9ab1ae7f7e72bbbd65aa0c6b9223c4bcead7be3aa25685cba4e
5cb6fd0524aaab4074389eb8614644b23126d29a61ac302f167d8bf82b6cfee2
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
6112ba1ac1bc81a61072c7e5283c14eadf82df9d160a14b47815efb03cd97181
61b0d8411467493b30668e5e616fcbfab8eeabdd4767e0fdae35420860be26df
631f7e99535d5205c3f40def25f6afcc37efc9de0f71e54065fb898d0316e144
65a0a8b1a01ff70ed2b745f739f4f0843a159af323c9f1df3b44d665adac209c
6713af8d901ffd40d78ecfb7d97a3d015b50542993a1dbb6b7ffc9eaeb2591b3
6d6c335f2e1edcb6c8b55446707bfbdca1238d4cf76da64df2260c32f31f56e6
6f00751fa7803819549078c8053083fde209293109bec6b5fca945d0b9de00c2
7037af85409d77b6db6dc61d45a2af07d0e58586819e0211bc91b747d3e1706b
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
722de7ce0518d32c70722665397c8bb414b1e952d7982ede0c9b5e896013d7e4
7ee35387df9a0aac6ca413e61a1e175e810892ef3c6fc3fd64fa186f84faae33
82919da95121732fcb4cc42a034d7d8410a5e8ca5072ac508441e3d2a32fad2d
836f1dfab32f0c5396a51e712bc4388ba740ec4f2158964170f3dba614d13db6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f28a147c3083b02d80fc6414943eb9bb09078f80dfcc4cb186984bd48de6a9
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
870dbf40335b39544282ec53531ca7e2ab743d993532564a9bdc9a1525033658
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a669ca5c6a5fa198da92d2d9578fc18e9f9983bda9b531aae0a64123583a988
8b8941c85880a43afc2665afb150b0b5aa4b9594831499b5e8311d30bd4f869e
8f7428db9dde76109212f3a5c43989e38bda0e0e495ead307d51664ceee12729
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
9327647771c09df82095dba3591c77cca41a9cedca948ae01e7fb70c690dcbd5
945eb3c39f354cc4693469d3b98725fe43d470645c3d16797505522b3a566183
99f85bb1561780bb367bb8f4aa78c54d69343a78f4663e1c5bc3ade9e113cdbd
9a03d3a806546e1937db6524c19e1f7d7526d703e8b4c383578bd92bb4cb4af9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5be2b4c9badfbcaf1d87db462d3d2951e7faf5562f9cc79c2c7b9a45c25bbc
9bd8c2a9f50adb607389b7da8848deaee36978135656c5d5f42b065c3f578a2c
9de4b0fa32e27c408fdfa92ca6f241a61f317b8626e96934a5c3326e585c006c
9f6db0c9dc543d58b607732bc20d1f927ea2f4509a77bde9090d5c8c30627e4d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2e350ddbf1b61dd41d8f72a823830cae435bd533105387f2c92523f38c38056
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6f89adf039054ead0676f9f333163a325eb5c04491a20e4f11eb23b3209eb06
a9427428f1a1aa7645d1b6ee3170e6e2feed6c749ae9554e75ccf397a2fa488f
abe54e36fee5a5c5fff90bbeedb0b4a6eb34a80cad9801dc019fc29d3c67860c
ac4f45c63e7192b1c9fb64be19be7a03084e16dc33b4dcfedabb44cb390c25a2
ad1409902c319df4b92ebd96f9a9fae23f0bedbfe93e0def6aa1d21414f84f4a
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2f249e1ff2ab360e1a742023121de0beae46fe0362573f0a1a5a70a0f1c1ece
b3790365d5b0407189216c48264573b4f92e50b004cce0244bbc12050a75341f
b58c11dac0fae1d40040bda04c6d4d8d5ba9f2cde7a53568f0741c973b301abb
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e
c3628da8fa7768e8c2bdb2fb0856093807a7a9a9837ac50139c4afb94cc4a20a
c4a44608a4cf8dfd8c83b7513034a4a79b3c0f48d24fab02ee0c93fc6157289f
c6439cfa3c2cf8905e0757bcb6e082cb234377fe0f4b1ab0f388c71aa1ee095f
c71e99a19048bfbef643401206c8da3dadceb417cf398b8524a0afb4dbd2743b
c74aa576824583b0f4d080fcd643b377c33cda0d83b5fd1fdf5131e38c92d3f9
cbb57eb6a037061e696afe014d0ab69a010631e326eddcd502929d41fa80ed27
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d371fe2e65767cc34cab0649b39291ca8598f3f6506963fd139375b915da3cd9
d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc
d52712f81384e09d0ec2cb1deabd7814211d14fce4376d71805f8bb4e41e61ce
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8a04ffe61a6832af353accfb7017356ff61250608fe8a009a185618ab2341f1
d931ebcabebf4e36b0e361f058a5e60305ba8cc2c0fb34e331d9b62e6eb91038
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e162909aee13c010bde493ad099224968f95d5918bb6a56e1c30cf587e8ed0c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e98a1273451d9c990f69b8e455cc3119feca8af8e0f20dc0b7c4982217550458
eaba9c1c5cc056bbc5627cdb10ce8ab55515b17f7b8ea804b244ceabcef36303
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02f8076d8a13a079d5ddb0abf89196195187d1d7bf771f01ce8e048b914f889
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
f1e68817dd28f4deed45c0454c7959072d0217ceca38384e27db851024de7a35
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5
f866a109e8db92ae71e373067c499aa1be704dfc8f33344d1ecf9b8f0e966be9
f8cabd887f64ec3be3db18a0855b527ea56c40c260bc577780cf7e08c51dcb89
f97da891736b0d9d1b5666f39c9db226662e8ee06267c7965a14dca09d4c9b1d
fa890abc5ab86ad46f94718f9447d95d3778b91c08402ff00a2cb4557341df8a