quicklookfilms.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pickwicktheater.com/
Effective URL:
http://quicklookfilms.com/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On August 15 via api (August 15th 2023, 4:07:05 am UTC) from DE — Scanned from DE

Summary HTTP 215 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 47 IPs in 8 countries across 42 domains to perform 215 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is quicklookfilms.com.

This is the only time quicklookfilms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	216.41.211.76 216.41.211.76	33570 (CLOUDPATH) (CLOUDPATH)
1 1	216.41.211.69 216.41.211.69	33570 (CLOUDPATH) (CLOUDPATH)
33	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:225e:4a00:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2.16.96.119 2.16.96.119	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
32	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	152.195.132.24 152.195.132.24	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
18	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	13.32.99.90 13.32.99.90	16509 (AMAZON-02) (AMAZON-02)
8 8	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
5 10	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
1 7	85.17.192.105 85.17.192.105	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3 3	85.17.192.106 85.17.192.106	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 6	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.99.105 13.32.99.105	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c09::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
18	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.198.19.227 18.198.19.227	16509 (AMAZON-02) (AMAZON-02)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
2 2	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1	23.56.205.163 23.56.205.163	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.56.87.167 52.56.87.167	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.98 18.66.147.98	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	35.178.127.134 35.178.127.134	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.69 65.9.66.69	16509 (AMAZON-02) (AMAZON-02)
215	47

1 216.41.211.76 (Stamford, United States) 1 redirects

ASN33570 (CLOUDPATH, US)

pickwicktheater.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.41.211.69 (Stamford, United States) 1 redirects

ASN33570 (CLOUDPATH, US)

trailers.movie-previews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

quicklookfilms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:4a00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.96.119 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-96-119.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.movienewsletters.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
movienewsletters.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.quicklookfilms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 152.195.132.24 (United States)

ASN15133 (EDGECAST, US)

cdn.tradelab.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.89.210.180 (Frankfurt am Main, Germany) 8 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.89.210.122 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 85.17.192.105 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: tradelab.fr

its.tradelab.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.17.192.106 (Netherlands) 3 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: tradelab.fr

its.tradelab.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.130 (Grosse Pointe, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.19.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-19-227.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.30 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.198 (Grosse Pointe, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Ismaning, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.205.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.56.87.167 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-87-167.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.178.127.134 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-178-127-134.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-69.fra56.r.cloudfront.net

ads.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	quicklookfilms.com quicklookfilms.com www.quicklookfilms.com	313 KB
31	movienewsletters.net www.movienewsletters.net — Cisco Umbrella Rank: 110052 movienewsletters.net — Cisco Umbrella Rank: 68950	3 MB
23	googlesyndication.com 838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 151 pagead2.googlesyndication.com — Cisco Umbrella Rank: 130	84 KB
21	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1053 syndication.twitter.com — Cisco Umbrella Rank: 1269	615 KB
20	doubleclick.net 4 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 239 stats.g.doubleclick.net — Cisco Umbrella Rank: 114 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 206 ad.doubleclick.net — Cisco Umbrella Rank: 194	186 KB
18	adnxs.com 13 redirects ib.adnxs.com — Cisco Umbrella Rank: 221	17 KB
15	tradelab.fr 4 redirects cdn.tradelab.fr — Cisco Umbrella Rank: 256666 its.tradelab.fr — Cisco Umbrella Rank: 272329	21 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 30452 ad4m.at — Cisco Umbrella Rank: 10726 assets.ad4m.at — Cisco Umbrella Rank: 40955	387 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 396	219 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67 ajax.googleapis.com — Cisco Umbrella Rank: 392	168 KB
4	googletagservices.com 1 redirects www.googletagservices.com — Cisco Umbrella Rank: 214	142 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	244 KB
4	google.com www.google.com — Cisco Umbrella Rank: 3	2 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 25120 api.webgains.io — Cisco Umbrella Rank: 56842	18 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 54 region1.google-analytics.com — Cisco Umbrella Rank: 2069	21 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 986	36 KB
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 44386	92 KB
2	ad4mat.net static-de.ad4mat.net — Cisco Umbrella Rank: 154708 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 127321	4 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 604	1 KB
2	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 425	416 B
2	scorecardresearch.com b.scorecardresearch.com — Cisco Umbrella Rank: 4933 sb.scorecardresearch.com — Cisco Umbrella Rank: 155	3 KB
2	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 930	218 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	88 KB
2	addthis.com 1 redirects s7.addthis.com — Cisco Umbrella Rank: 2798	628 B
1	gumgum.com ads.gumgum.com
1	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 725	8 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	10 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 17077	704 B
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 69872	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 64810	439 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 64401	263 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1321	213 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 354	146 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 818	717 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1190	733 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3044	104 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 857	465 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	79 KB
1	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2449
1	jwplayer.com cdn.jwplayer.com — Cisco Umbrella Rank: 2957	41 KB
1	movie-previews.com 1 redirects trailers.movie-previews.com	260 B
1	pickwicktheater.com 1 redirects pickwicktheater.com	330 B
215	42

	Domain	Requested by
33	quicklookfilms.com	quicklookfilms.com
30	www.movienewsletters.net	quicklookfilms.com
18	ib.adnxs.com	13 redirects quicklookfilms.com
18	platform.twitter.com	quicklookfilms.com platform.twitter.com syndication.twitter.com
14	tpc.googlesyndication.com	838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com quicklookfilms.com securepubads.g.doubleclick.net tpc.googlesyndication.com
11	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com quicklookfilms.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
10	its.tradelab.fr	4 redirects quicklookfilms.com
7	pagead2.googlesyndication.com	838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	assets.ad4m.at	as.ad4m.at
6	cm.g.doubleclick.net	2 redirects 838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com
5	cdn.tradelab.fr	quicklookfilms.com cdn.tradelab.fr
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com as.ad4m.at ad4m.at
4	www.googletagservices.com	1 redirects quicklookfilms.com 838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4	ajax.googleapis.com	quicklookfilms.com ajax.googleapis.com
4	www.google.com	quicklookfilms.com 838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com tpc.googlesyndication.com
3	syndication.twitter.com	platform.twitter.com syndication.twitter.com
3	fonts.gstatic.com	fonts.googleapis.com
3	maxcdn.bootstrapcdn.com	quicklookfilms.com
2	api.webgains.io	analytics.webgains.io
2	track.webgains.com	as.ad4m.at
2	ad.doubleclick.net	2 redirects
2	c1.adform.net	2 redirects
2	gum.criteo.com	1 redirects quicklookfilms.com
2	838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cdn.taboola.com	quicklookfilms.com cdn.taboola.com
2	connect.facebook.net	quicklookfilms.com connect.facebook.net
2	www.google-analytics.com	quicklookfilms.com www.google-analytics.com
2	s7.addthis.com	1 redirects quicklookfilms.com
2	fonts.googleapis.com	quicklookfilms.com securepubads.g.doubleclick.net
1	ads.gumgum.com	www.quicklookfilms.com
1	www.quicklookfilms.com	securepubads.g.doubleclick.net
1	static.xx.fbcdn.net	www.facebook.com
1	www.facebook.com	connect.facebook.net
1	analytics.webgains.io	track.webgains.com
1	www.awin1.com	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	prod-rtb.ad4mat.net	838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com
1	static-de.ad4mat.net	as.ad4m.at
1	odr.mookie1.com	838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com
1	x.bidswitch.net	838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	sync.mathtag.com	1 redirects
1	dclk-match.dotomi.com	838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com
1	cms.quantserve.com	838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	sb.scorecardresearch.com	quicklookfilms.com
1	script.crazyegg.com	quicklookfilms.com
1	b.scorecardresearch.com	quicklookfilms.com
1	movienewsletters.net	quicklookfilms.com
1	www.gstatic.com	www.google.com
1	cdn.jwplayer.com	quicklookfilms.com
1	trailers.movie-previews.com	1 redirects
1	pickwicktheater.com	1 redirects
215	59

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
company.boxoffice.com

Subject Issuer	Validity	Valid
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
jwplayer.com Amazon RSA 2048 M02	`2023-03-01` - `2023-12-25`	10 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
movienewsletters.net E1	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-24` - `2023-08-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-07-31` - `2023-10-29`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh

This page contains 16 frames:

Primary Page: http://quicklookfilms.com/
Frame ID: 31CAF01C0D5E6A92893FC7C66108C18A
Requests: 119 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fquicklookfilms.com
Frame ID: 3F803DBEEB13191F546FBB48D96F62C7
Requests: 2 HTTP requests in this frame

Frame: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FBBE99C2AD54F5F9A1D3594B7FE8E2F6
Requests: 1 HTTP requests in this frame

Frame: https://syndication.twitter.com/srv/timeline-profile/screen-name/QuicklookFilms?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=http%3A%2F%2Fquicklookfilms.com%2F&sessionId=b5a17477b84a87f3f11cdc1dcbe60934d4079176&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Frame ID: DCDC7E5C96614F50B95895E9AA68FB96
Requests: 17 HTTP requests in this frame

Frame: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 46FBBC82757B23CB2A2A54E398202EBC
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kt71fxer9gbvp4k0pj46bn8fgjvvccx4z112c8vzzyd4qm5ag61e63bfzcj3y78zhxmt47fcb4jet3bj8xvh1pnfeb5wbj8nn2bzzyk3qpds0v53arxc72y6f1var8nghtgxtyjqmn571jyes7vj26at2dv4wc9kddydtz7j3nc35fe7sef8nwh1wg3vdtkv7sfv161km2v3bs0canvt1qqn1cqxt47hnex6qk6pg8brsrgwkfjn1yt5vmbmm3h3cgn4a3ey3mqt01sxad5d15hh2ey5vn5cbmkp8f3aknpk73dgx4kkdk29jdagn4911jynjqmh7vgv4s2fk0qxgqrzghbndp5y00k2jq0e8ff9bfwt6hwd2v9aza9578da916w2925gd7wgecc4mdakzenf50z2tkw8xenkwfytrt9kcm945a4nzp07b3fn373n69chm18w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChCcD4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTvAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWPGMqGrT4etkIkU75Gm1YVX2eavTxMe_QX0Vn2NQtz2FaUGmdBCg1xyF4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1St17gwTzTdYFhEsuBRmUFJNQq_g%26client%3Dca-pub-4040799255774499%26adurl%3D
Frame ID: 485094C6DB76A8D288D771A7B21B1D50
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B3E4B70139A827E6EAB2AA921730B1D7
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 97340453254531DD9BB4420AA03CF4C5
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=764fcabfacff8dae63aa1b826826547d%2F14148517134724449064&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692072418868&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gnk3vs6k4n8cs7c6njaghrz8w2v9e0gjdgvhdcmn1rtf3z3h5n2vhsrymfyshycxhh6vx0k94n60egg0fffjj2x9fv65jpg545zpnq29c6j96811rd5kfzvfg5jt0hda003mg5aver5ks7gkv213t1y88q7v5ty9ad7f60dmmatnhddkpnaf22x1fav717y0yevc44gkcj2bqw6xsnj3t063p4ecwztp08vz57a877vz6yczjkg2ngan0dtdaqfxtzjmjz8m08x0jfj6zvwjvawzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChCcD4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTvAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWPGMqGrT4etkIkU75Gm1YVX2eavTxMe_QX0Vn2NQtz2FaUGmdBCg1xyF4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1St17gwTzTdYFhEsuBRmUFJNQq_g%2526client%253Dca-pub-4040799255774499%2526adurl%253D&y=1&s=&z=0
Frame ID: 2402B760F4CDB792B7890B482AC5F207
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022307272333000/amp4ads-v0.mjs
Frame ID: 397906D085965E2962187A4B71CF017A
Requests: 16 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a61a5398d011c%26domain%3Dquicklookfilms.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fquicklookfilms.com%252Ff14e07ddbb3e9ec%26relation%3Dparent.parent&container_width=0&header=true&height=280&href=http%3A%2F%2Fwww.facebook.com%2FQuicklookFilms&id=fb-like-box&locale=en_US&sdk=joey&show_faces=false&stream=true&width=290
Frame ID: 51918475AB24282EB314CAB1B6C92811
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 24F75A231319CF3B4DCCF94766421B4E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9A54E30565FBE0A93F02E4DE3DB108D9
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstg8gTfIgL8wg1qlESSHnL-TxPsIK7955G4hc_b3RJ5u63f-6yoIFkOjzBpG1LmmW7HfciW2yDLqFipkNRj71hoktavJXZ9ygjTVTEK6jpP07auRvTjVSlCU3-X6EVzfuKI6f-VQzP4wfLggbP5V4jhmUFB3oRjuQU3SgqDkPpDSM5EBK6Aw9FhHPr0e20hmjJu9wYtNMYlxGwvvgRXAhZmwnv6GzBeoZ8gR2kI8T8nWpPwogqDal8AcONGgVmVw0_kYHC02HORLJ4s5eOf7VC1ZP2gT0KWwrM7wwbadBVZSoCLa7UkEcYF8pS_epM-IDg&sai=AMfl-YSaWkHvx-xHQxS3brbuIzRJTyRZNVKgjuxbOqG1yhUqDKHzyK2Yj-JCqAzygnluKW6zYYuz1FH6n1FVyMcAcX6Oc_OjuUiAUSZS4o6PQZCMyTcF0PutLGbfx6E-qfc&sig=Cg0ArKJSzAeVOkQciHfVEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0C61CEF5476E018F0C13CED3A6911D54
Requests: 4 HTTP requests in this frame

Frame: http://www.quicklookfilms.com/gumgum.html?7d868f85
Frame ID: 92961DBBCB8C0FA2C62F05D7E979836C
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022307272333000/amp4ads-v0.mjs
Frame ID: C55D4ECFFD67766DECB280651B6DEF33
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

QuickLook Films

Page URL History Show full URLs

http://pickwicktheater.com/ HTTP 302
http://trailers.movie-previews.com/ HTTP 302
http://quicklookfilms.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

<(?:iframe|img)[^>]+adnxs\.(?:net|com)
adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

215
Requests

52 %
HTTPS

51 %
IPv6

42
Domains

59
Subdomains

47
IPs

8
Countries

5952 kB
Transfer

11362 kB
Size

31
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/QuicklookFilms

Search URL Search Domain Scan URL

URL: https://twitter.com/QuicklookFilms

Search URL Search Domain Scan URL

URL: https://company.boxoffice.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pickwicktheater.com/ HTTP 302
http://trailers.movie-previews.com/ HTTP 302
http://quicklookfilms.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

Request Chain 68

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 69

http://www.googletagservices.com/tag/js/gpt.js HTTP 302
https://www.googletagservices.com/tag/js/gpt.js

Request Chain 70

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 75

http://ib.adnxs.com/getuid?//its.tradelab.fr/?type=tlsync&uuid2=$UID&callback=tl_sync HTTP 307
https://ib.adnxs.com/sbounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dtlsync%26uuid2%3D%24UID%26callback%3Dtl_sync HTTP 307
https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fgetuid%253F%252F%252Fits.tradelab.fr%252F%253Ftype%253Dtlsync%2526uuid2%253D%2524UID%2526callback%253Dtl_sync HTTP 302
https://its.tradelab.fr/?type=tlsync&uuid2=2653647838545845123&callback=tl_sync

Request Chain 76

http://its.tradelab.fr/?type=tp&advid=1074463&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1692072418%2C%22page_url%22%3A%22quicklookfilms.com%2F%22%2C%22dm%22%3A%22quicklookfilms.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1692072418%2C%22prev_vis_ts%22%3A1692072418%2C%22curr_vis_ts%22%3A1692072418%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP 301
https://its.tradelab.fr/?type=tp&advid=1074463&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1692072418%2C%22page_url%22%3A%22quicklookfilms.com%2F%22%2C%22dm%22%3A%22quicklookfilms.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1692072418%2C%22prev_vis_ts%22%3A1692072418%2C%22curr_vis_ts%22%3A1692072418%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm=&google_tc= HTTP 302
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEIDaCLeKQdbvSq6U_KLR8gQ&google_cver=1

Request Chain 92

http://ib.adnxs.com/getuid?//its.tradelab.fr/?type=convr&x=1&uuid2=$UID&cdata=%7B%22a%22%3A727499%2C%22l%22%3A%5B%5D%2C%22i%22%3A7%2C%22c%22%3A30%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=1074463&xur=quicklookfilms.com%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1692072418%2C%22page_url%22%3A%22quicklookfilms.com%2F%22%2C%22dm%22%3A%22quicklookfilms.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1692072418%2C%22prev_vis_ts%22%3A1692072418%2C%22curr_vis_ts%22%3A1692072418%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP 307
https://ib.adnxs.com/sbounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dconvr%26x%3D1%26uuid2%3D%24UID%26cdata%3D%257B%2522a%2522%253A727499%252C%2522l%2522%253A%255B%255D%252C%2522i%2522%253A7%252C%2522c%2522%253A30%252C%2522t%2522%253A%2522h%2522%252C%2522m%2522%253A%2522null%2522%252C%2522vi%2522%253A0%252C%2522vc%2522%253A0%252C%2522hf%2522%253A0%252C%2522x%2522%253A%257B%257D%257D%26advid%3D1074463%26xur%3Dquicklookfilms.com%252F%26adata%3D%257B%2522c%2522%253A%257B%2522ref_url%2522%253A%2522%2522%252C%2522ref_ts%2522%253A1692072418%252C%2522page_url%2522%253A%2522quicklookfilms.com%252F%2522%252C%2522dm%2522%253A%2522quicklookfilms.com%2522%257D%252C%2522v%2522%253A%257B%2522vis_cnt%2522%253A1%252C%2522frst_vis_ts%2522%253A1692072418%252C%2522prev_vis_ts%2522%253A1692072418%252C%2522curr_vis_ts%2522%253A1692072418%252C%2522total_page_cnt%2522%253A1%252C%2522prev_page_cnt%2522%253A1%252C%2522curr_page_cnt%2522%253A1%257D%257D HTTP 307
https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fgetuid%253F%252F%252Fits.tradelab.fr%252F%253Ftype%253Dconvr%2526x%253D1%2526uuid2%253D%2524UID%2526cdata%253D%25257B%252522a%252522%25253A727499%25252C%252522l%252522%25253A%25255B%25255D%25252C%252522i%252522%25253A7%25252C%252522c%252522%25253A30%25252C%252522t%252522%25253A%252522h%252522%25252C%252522m%252522%25253A%252522null%252522%25252C%252522vi%252522%25253A0%25252C%252522vc%252522%25253A0%25252C%252522hf%252522%25253A0%25252C%252522x%252522%25253A%25257B%25257D%25257D%2526advid%253D1074463%2526xur%253Dquicklookfilms.com%25252F%2526adata%253D%25257B%252522c%252522%25253A%25257B%252522ref_url%252522%25253A%252522%252522%25252C%252522ref_ts%252522%25253A1692072418%25252C%252522page_url%252522%25253A%252522quicklookfilms.com%25252F%252522%25252C%252522dm%252522%25253A%252522quicklookfilms.com%252522%25257D%25252C%252522v%252522%25253A%25257B%252522vis_cnt%252522%25253A1%25252C%252522frst_vis_ts%252522%25253A1692072418%25252C%252522prev_vis_ts%252522%25253A1692072418%25252C%252522curr_vis_ts%252522%25253A1692072418%25252C%252522total_page_cnt%252522%25253A1%25252C%252522prev_page_cnt%252522%25253A1%25252C%252522curr_page_cnt%252522%25253A1%25257D%25257D HTTP 302
https://its.tradelab.fr/?type=convr&x=1&uuid2=9125339332459230009&cdata={%22a%22:727499,%22l%22:[],%22i%22:7,%22c%22:30,%22t%22:%22h%22,%22m%22:%22null%22,%22vi%22:0,%22vc%22:0,%22hf%22:0,%22x%22:{}}&advid=1074463&xur=quicklookfilms.com/&adata={%22c%22:{%22ref_url%22:%22%22,%22ref_ts%22:1692072418,%22page_url%22:%22quicklookfilms.com/%22,%22dm%22:%22quicklookfilms.com%22},%22v%22:{%22vis_cnt%22:1,%22frst_vis_ts%22:1692072418,%22prev_vis_ts%22:1692072418,%22curr_vis_ts%22:1692072418,%22total_page_cnt%22:1,%22prev_page_cnt%22:1,%22curr_page_cnt%22:1}}

Request Chain 93

http://ib.adnxs.com/px?id=727499&t=2 HTTP 307
https://ib.adnxs.com/sbounce?%2Fpx%3Fid%3D727499%26t%3D2

Request Chain 94

http://ib.adnxs.com/seg?add=5415926&t=2 HTTP 307
https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D5415926%26t%3D2

Request Chain 95

http://ib.adnxs.com/getuid?//its.tradelab.fr/?type=fseg&uuid2=$UID&sid=5415926&val=undefined&fun=1036&step=1&siev=5415922&fp=0&advid=1074463&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F115.0.5790.170%2520Safari%252F537.36&ur=http%253A%252F%252Fquicklookfilms.com%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1692072418%2C%22page_url%22%3A%22quicklookfilms.com%2F%22%2C%22dm%22%3A%22quicklookfilms.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1692072418%2C%22prev_vis_ts%22%3A1692072418%2C%22curr_vis_ts%22%3A1692072418%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP 307
https://ib.adnxs.com/sbounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dfseg%26uuid2%3D%24UID%26sid%3D5415926%26val%3Dundefined%26fun%3D1036%26step%3D1%26siev%3D5415922%26fp%3D0%26advid%3D1074463%26isregen%3D0%26ua%3DMozilla%25252F5.0%252520%28Windows%252520NT%25252010.0%25253B%252520Win64%25253B%252520x64%29%252520AppleWebKit%25252F537.36%252520%28KHTML%25252C%252520like%252520Gecko%29%252520Chrome%25252F115.0.5790.170%252520Safari%25252F537.36%26ur%3Dhttp%25253A%25252F%25252Fquicklookfilms.com%25252F%26adata%3D%257B%2522c%2522%253A%257B%2522ref_url%2522%253A%2522%2522%252C%2522ref_ts%2522%253A1692072418%252C%2522page_url%2522%253A%2522quicklookfilms.com%252F%2522%252C%2522dm%2522%253A%2522quicklookfilms.com%2522%257D%252C%2522v%2522%253A%257B%2522vis_cnt%2522%253A1%252C%2522frst_vis_ts%2522%253A1692072418%252C%2522prev_vis_ts%2522%253A1692072418%252C%2522curr_vis_ts%2522%253A1692072418%252C%2522total_page_cnt%2522%253A1%252C%2522prev_page_cnt%2522%253A1%252C%2522curr_page_cnt%2522%253A1%257D%257D HTTP 302
https://its.tradelab.fr/?type=fseg&uuid2=9125339332459230009&sid=5415926&val=undefined&fun=1036&step=1&siev=5415922&fp=0&advid=1074463&isregen=0&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36&ur=http%3A%2F%2Fquicklookfilms.com%2F&adata={%22c%22:{%22ref_url%22:%22%22,%22ref_ts%22:1692072418,%22page_url%22:%22quicklookfilms.com/%22,%22dm%22:%22quicklookfilms.com%22},%22v%22:{%22vis_cnt%22:1,%22frst_vis_ts%22:1692072418,%22prev_vis_ts%22:1692072418,%22curr_vis_ts%22:1692072418,%22total_page_cnt%22:1,%22prev_page_cnt%22:1,%22curr_page_cnt%22:1}}

Request Chain 99

http://ib.adnxs.com/seg?add=2491894:23&t=2 HTTP 307
https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D2491894%3A23%26t%3D2

Request Chain 108

http://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS HTTP 302
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Request Chain 139

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJ93PcUht0qtcWO__2nDgpk&google_cver=1&google_push=AXcoOmQ-DkJCKoV2n7ER7rVGEUUixry09k1t5PNx_08kyq6OC-Vq8LhrBoiFsH0wqHwWWnMxH02OVPCJ7pP-NgLxtaGi-wvHOAwiWVUd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQ-DkJCKoV2n7ER7rVGEUUixry09k1t5PNx_08kyq6OC-Vq8LhrBoiFsH0wqHwWWnMxH02OVPCJ7pP-NgLxtaGi-wvHOAwiWVUd

Request Chain 140

https://um.simpli.fi/gp_match?google_gid=CAESEP5L0wLBeW0h62wW1cPbaWw&google_cver=1&google_push=AXcoOmRymoWRUkJa5agL_oCUCKhpjee7zUrTKEpvgjX3yGRwqKJSshhi7wS9stzlqY9zrLxaU7uLm6OOIoSZ6IiK81mhTTLhLM_k1o6i HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1CE53BEEE9DD41478189E655A1E1C327&google_push=AXcoOmRymoWRUkJa5agL_oCUCKhpjee7zUrTKEpvgjX3yGRwqKJSshhi7wS9stzlqY9zrLxaU7uLm6OOIoSZ6IiK81mhTTLhLM_k1o6i

Request Chain 143

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ7avXR2EZwjy309Pc2DFYk&google_cver=1&google_push=AXcoOmRwxw5roHj7lhiOGs3NWdEKa53Big5cEwpYH3lSsWl6IHIzBjOriPPHZoEX59zW00ip24qNfcoTVXZNpksGE1VfudXRfdNbSKyE HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJ7avXR2EZwjy309Pc2DFYk&google_cver=1&google_push=AXcoOmRwxw5roHj7lhiOGs3NWdEKa53Big5cEwpYH3lSsWl6IHIzBjOriPPHZoEX59zW00ip24qNfcoTVXZNpksGE1VfudXRfdNbSKyE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk1MTY5ODQ3MTQ1MzYxMDAyNw&google_push=AXcoOmRwxw5roHj7lhiOGs3NWdEKa53Big5cEwpYH3lSsWl6IHIzBjOriPPHZoEX59zW00ip24qNfcoTVXZNpksGE1VfudXRfdNbSKyE

Request Chain 160

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKSF4vvk3YADFU3IuwgdYGMMAA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023081506065987904174443X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023081506065987904174443X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218

Request Chain 213

http://its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A727500%2C%22l%22%3A%5B%5D%2C%22i%22%3A7%2C%22c%22%3A30%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=1074463&xur=quicklookfilms.com%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1692072418%2C%22page_url%22%3A%22quicklookfilms.com%2F%22%2C%22dm%22%3A%22quicklookfilms.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1692072418%2C%22prev_vis_ts%22%3A1692072418%2C%22curr_vis_ts%22%3A1692072418%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP 301
https://its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A727500%2C%22l%22%3A%5B%5D%2C%22i%22%3A7%2C%22c%22%3A30%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=1074463&xur=quicklookfilms.com%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1692072418%2C%22page_url%22%3A%22quicklookfilms.com%2F%22%2C%22dm%22%3A%22quicklookfilms.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1692072418%2C%22prev_vis_ts%22%3A1692072418%2C%22curr_vis_ts%22%3A1692072418%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D

Request Chain 214

http://ib.adnxs.com/px?id=727500&t=2 HTTP 307
https://ib.adnxs.com/sbounce?%2Fpx%3Fid%3D727500%26t%3D2

Request Chain 215

http://ib.adnxs.com/seg?add=5415927&t=2 HTTP 307
https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D5415927%26t%3D2

Request Chain 216

http://its.tradelab.fr/?type=fseg&uuid2=2653647838545845123&sid=5415927&val=undefined&fun=1036&step=2&siev=5415923&fp=0&advid=1074463&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F115.0.5790.170%2520Safari%252F537.36&ur=http%253A%252F%252Fquicklookfilms.com%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1692072418%2C%22page_url%22%3A%22quicklookfilms.com%2F%22%2C%22dm%22%3A%22quicklookfilms.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1692072418%2C%22prev_vis_ts%22%3A1692072418%2C%22curr_vis_ts%22%3A1692072418%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP 301
https://its.tradelab.fr/?type=fseg&uuid2=2653647838545845123&sid=5415927&val=undefined&fun=1036&step=2&siev=5415923&fp=0&advid=1074463&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F115.0.5790.170%2520Safari%252F537.36&ur=http%253A%252F%252Fquicklookfilms.com%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1692072418%2C%22page_url%22%3A%22quicklookfilms.com%2F%22%2C%22dm%22%3A%22quicklookfilms.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1692072418%2C%22prev_vis_ts%22%3A1692072418%2C%22curr_vis_ts%22%3A1692072418%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D

215 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
quicklookfilms.com/
Redirect Chain

http://pickwicktheater.com/
http://trailers.movie-previews.com/
http://quicklookfilms.com/

44 KB
9 KB

316ms
262ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1b4bec50c054991769c1b419934f0a03eb8c52439aad4befafddc1afbdcb8e40

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7f6e915aeb852c6a-FRA
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Aug 2023 04:06:56 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma: no-cache
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvn%2Btd%2BU8575m4GIIGbi5F1%2BxzAgTj3tHd4iG71U1oWb8qhAckKqiESORb3c5TVsvL2AoXCF5ZYzJLCcQSWw2dm9mVjx6jqaHbQMcHSRzuT%2BMxZ1eKJZ7ZzKuDAPMCnoo7HOii59fmMdqnVdypsb5ts%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
alt-svc: h3=":443"; ma=86400

Redirect headers

Cache-Control: private
Content-Length: 142
Content-Type: text/html; charset=utf-8
Date: Tue, 15 Aug 2023 04:06:56 GMT
Location: http://quicklookfilms.com
Server: Microsoft-IIS/8.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET

GET
H/1.1 200
OK css
fonts.googleapis.com/ 6 KB
1 KB 24ms
16ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Raleway

Requested by

Host: quicklookfilms.com
URL: http://quicklookfilms.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

92fb8e8b0813f4baec3a5429fbd0befcda4b10f0736b500fdcdde583d487981b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Tue, 15 Aug 2023 04:06:56 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 15 Aug 2023 04:06:56 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 42ms
15ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: quicklookfilms.com
URL: http://quicklookfilms.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d9e88e50017aa3bdee310cf9b081cc729d10851438070983ee041e508ea84d2d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 834
x-xss-protection: 1; mode=block
expires: Tue, 15 Aug 2023 04:06:56 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
92 KB 17ms
8ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js?

Requested by

Host: quicklookfilms.com
URL: http://quicklookfilms.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Thu, 10 Aug 2023 21:26:13 GMT
X-Content-Type-Options: nosniff
Age: 369643
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 93636
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 09 Aug 2024 21:26:13 GMT

GET
H/1.1 200
OK jquery.mobile.customzied.min.js Show response
quicklookfilms.com/js/ 33 KB
8 KB 415ms
200ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://quicklookfilms.com/js/jquery.mobile.customzied.min.js
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 632f78fa4efd78873ab837b56d910fc8264856f6d34fe6ca5bb4b18f8e7ef632

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 7730
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:52 GMT
Server: cloudflare
ETag: "0b86348aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWxpH9rANkfeKwv%2BAkYz%2FU0fJ%2Fz8z%2FHsQ%2Byb%2Bfk4eXn7edD3UeYC3%2BvPZywHHpCNWUYWmhrRI7kseArMpdQvovzM9ecj04bEnTkK%2F5X3VGQ8tHZJgDsR8nFLGbNcrmpKH4Tn%2FksvjYZADU1L7LR8MM8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 7f6e915de8dd4da0-FRA

GET
H/1.1 200
OK jquery.touchSwipe.min.js Show response
quicklookfilms.com/js/ 11 KB
5 KB 421ms
205ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://quicklookfilms.com/js/jquery.touchSwipe.min.js
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0ab340987711378e8cb5582b1f97f6938037712213396d8e7c7f8fa7b1ab4e5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:52 GMT
Server: cloudflare
ETag: W/"0b86348aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2By520eZ6N%2FT0%2F1FNNq9gQFoIt8OwNk7MbJCWbhLZ5jM0UEYxJRg50Qozd2WYfeivuDvcJ7NwPnH6zOzuhI8rKxtx5RMrZ1jGvFfBMS717SLasnwOl7%2FyvnjIqD5vT1d8V2sSxGQHIvB8pZDzkAPfOA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
CF-RAY: 7f6e915defc1995a-FRA

GET
H/1.1 200
OK jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/themes/smoothness/ 34 KB
9 KB 15ms
7ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/themes/smoothness/jquery-ui.css

Requested by

Host: quicklookfilms.com
URL: http://quicklookfilms.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b725056b2fe2b144719e8120457f251eb85b9a8c776753cbadef3c0deb6dd05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 12 Aug 2023 04:31:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 257729
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 8060
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sun, 11 Aug 2024 04:31:27 GMT

GET
H/1.1 200
OK jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/ 233 KB
63 KB 15ms
7ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/jquery-ui.min.js

Requested by

Host: quicklookfilms.com
URL: http://quicklookfilms.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 14:13:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 49991
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 63865
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Tue, 13 Aug 2024 14:13:45 GMT

GET
H/1.1 200
OK bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/ 107 KB
22 KB 21ms
12ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css

Requested by

Host: quicklookfilms.com
URL: http://quicklookfilms.com/

Protocol

HTTP/1.1

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:56 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
CF-Cache-Status: HIT
CDN-EdgeStorageId: 752, 617, 617
Age: 18228857
Transfer-Encoding: chunked
CDN-CachedAt: 2021-08-02 15:14:19
CDN-PullZone: 252412
cross-origin-resource-policy: cross-origin
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Mon, 25 Jan 2021 22:03:57 GMT
Server: cloudflare
CDN-RequestPullCode: 200
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
access-control-allow-origin: *
CDN-Cache: HIT
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
Cache-Control: public, max-age=31919000
CDN-RequestId: 1660cb5d59e09a84acd67052dfe2b7c5
timing-allow-origin: *
CDN-RequestCountryCode: DE
CDN-Status: 200
CF-RAY: 7f6e915caf421c1c-FRA
CDN-RequestPullSuccess: True

GET
H/1.1 200
OK bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/ 18 KB
3 KB 22ms
13ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap-theme.min.css

Requested by

Host: quicklookfilms.com
URL: http://quicklookfilms.com/

Protocol

HTTP/1.1

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34b102cb7689409fd1c3c180aeb1fd3f0b8bf0b47ab25c74c42eaff574e661a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:56 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
CF-Cache-Status: HIT
CDN-EdgeStorageId: 617, 617
Age: 19269865
Transfer-Encoding: chunked
CDN-CachedAt: 2021-04-11 01:44:21
CDN-PullZone: 252412
cross-origin-resource-policy: cross-origin
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Mon, 25 Jan 2021 22:03:57 GMT
Server: cloudflare
CDN-RequestPullCode: 200
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
access-control-allow-origin: *
CDN-Cache: HIT
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
Cache-Control: public, max-age=31919000
CDN-RequestId: 572c34222507870ae6080ca74b981ec5
timing-allow-origin: *
CDN-RequestCountryCode: US
CF-RAY: 7f6e915cadc32c76-FRA
CDN-RequestPullSuccess: True

GET
H/1.1 200
OK bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/ 31 KB
10 KB 21ms
12ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js

Requested by

Host: quicklookfilms.com
URL: http://quicklookfilms.com/

Protocol

HTTP/1.1

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
CDN-EdgeStorageId: 722
Age: 17438648
Transfer-Encoding: chunked
CDN-CachedAt: 11/03/2021 03:23:08
CDN-PullZone: 252412
cross-origin-resource-policy: cross-origin
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Mon, 25 Jan 2021 22:03:57 GMT
CDN-ProxyVer: 1.0
CDN-RequestPullCode: 200
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
CDN-Cache: HIT
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
Cache-Control: public, max-age=31919000
CDN-RequestId: e885ee69c288bb9cabd0660b291cac0f
timing-allow-origin: *
CDN-RequestCountryCode: DE
CDN-Status: 200
CF-RAY: 7f6e915cac936934-FRA
CDN-RequestPullSuccess: True

GET
H/1.1 200
OK reset.css
quicklookfilms.com/css/ 1 KB
1 KB 211ms
204ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://quicklookfilms.com/css/reset.css
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ed555a279183c054222c873e78d92c40b512498e49359b6abfda36048f141988

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:56 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:53 GMT
Server: cloudflare
ETag: W/"804efc48aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpGt%2F92Eh9RSac9Mk0DivfTQwZvQLlkczvvlY0siPvVa%2FELPEyX6YkqtvofRCwmxLkAYNqtDWWNi7nQeA%2Bqeuvmyt8yBJDd%2Fh7%2FFcTT%2FFr0DWeaSG2r5W1qP0kxT4EybhdNb4mZLCgUcSvqdyxG0R2Q%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
CF-RAY: 7f6e915c9cf41909-FRA

GET
H/1.1 200
OK main.css
quicklookfilms.com/css/ 27 KB
7 KB 214ms
207ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://quicklookfilms.com/css/main.css?v=2.5
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cb656daa5ff85c76c7e937c6224671b2cb3b8a6b97da623a77450e8a288d45c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:56 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:53 GMT
Server: cloudflare
ETag: W/"804efc48aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FXhCpbMGZXxDSWUIGgdNOGKbcfLYvxHXyzUAUROGxdAhISjt2Khsv8CWvJ41RYwvw9NYKep%2F%2BYSl%2Bm08o8K3BuUPtP%2BOkaa%2F%2FqYGf5Q2WUIVXtIMy86WRiy6wEcGb8iiI%2FNmt3pAH%2FBZJBIkTv7JTw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
CF-RAY: 7f6e915c9ffa4da0-FRA

GET
H/1.1 200
OK loading.css
quicklookfilms.com/css/ 6 KB
2 KB 223ms
215ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://quicklookfilms.com/css/loading.css
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: df7daa6c10057b114a356f62a08063db854417b44195f64af8fd07a6efd89b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:56 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:53 GMT
Server: cloudflare
ETag: W/"804efc48aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYVvGJpp8l29VIGxQeY3y3R0eZq9GN5QlAUkv3f7WOWGw8GohoXBog7d22%2F2tqSVit%2BblsGUvugMhqSClBVUD01LtsRKfHxoQSXXykR3RV0QUZgsUC2YlzP0AIcXIg50ZyrpkcclJvfPnXGu1COFyYg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
CF-RAY: 7f6e915cae3b3632-FRA

GET
H2 200 8Jh6mdQp.js Show response
cdn.jwplayer.com/libraries/ 109 KB
41 KB 196ms
146ms Script
text/javascript 2600:9000:225e:4a00:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/libraries/8Jh6mdQp.js
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:4a00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: a770d8a34b2c504fef5775d60575a045b80bf33724f67c95d6fd903f0c05c831

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:56 GMT
content-encoding: gzip
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180
x-robots-tag: noindex, indexifembedded
content-length: 41755
x-amz-cf-id: YvogzkaOiWkDP_4DOzg-31cNhflpY46ZAkbO0luoQE17WlwG_57Dmw==

GET
H/1.1 200
OK jquery.fancybox.css
quicklookfilms.com/js/fancybox/ 5 KB
2 KB 214ms
206ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://quicklookfilms.com/js/fancybox/jquery.fancybox.css
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:56 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 1426
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:52 GMT
Server: cloudflare
ETag: "0b86348aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yfE2NIPYjFMB1oSuNtzXOWN%2BoqJ4EE2m9zdLxc3zu2N3XHEpIpJCzMT7M97nK8dn71zZ%2Fa23QQU6o329e5ZGGs2G4skub%2B5%2Fh34YdmhwCB0Pojd9fJ9vEcy2bTBqD67u2EViSIr2nPJNviNy9N9CgIM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 7f6e915cae69995a-FRA

GET
H/1.1 200
OK jquery.fancybox.pack.js Show response
quicklookfilms.com/js/fancybox/ 23 KB
9 KB 417ms
202ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://quicklookfilms.com/js/fancybox/jquery.fancybox.pack.js
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:52 GMT
Server: cloudflare
ETag: W/"0b86348aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DccLzpGeVphKoNuhDH5pd81QrOaINjxzN%2FO6Cc3OFL9xZaklfxvb4kHT4nkansEK92i%2FZ6%2FRdcU0iFQ8XV92a3AHs6%2FwfbZjUefdTDg8lNnuu%2BgAzagM01JoE%2B61vxkmt9gjI%2FNIcWbPo8OA0lTBIs4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
CF-RAY: 7f6e915dee6718cd-FRA

GET
H/1.1 200
OK functions.js Show response
quicklookfilms.com/js/ 10 KB
4 KB 435ms
212ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://quicklookfilms.com/js/functions.js?v=2.5
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6e2f26a50e7c26c399e5a964f69d1beac4803ebddaf4e3b946c7207a30d0033b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
X-Powered-By-Plesk: PleskWin
Last-Modified: Wed, 06 Mar 2019 15:51:28 GMT
Server: cloudflare
ETag: W/"8060d07534d4d41:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x490rnVwh2XxHLh1%2Byy8lB0cRcJllvegVL2ymulFNdCwAzpr81qFemcYRLfzoCFl3xWyRMVCePGipF49%2FfPyb%2BcVQXfX5JdvL8qpn699KxXKf9Y3hV7OI155amoTrGY7ynXdg0xWhzrIwgSh5dYuZiA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
CF-RAY: 7f6e915dff103632-FRA

GET
H/1.1 200
OK addtohomescreen.css
quicklookfilms.com/js/homescreen/style/ 10 KB
7 KB 215ms
208ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://quicklookfilms.com/js/homescreen/style/addtohomescreen.css
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: db5ca4358269ac48a571ae480d3608aa8af1db6c1143fc00d00de28c6b7de46a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:56 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:52 GMT
Server: cloudflare
ETag: W/"0b86348aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gw%2Fza7lJnp2SAxOWUN%2Focxy09p31ogJaBJMOy2wQL8SE8JHhP5JSZV28yIwJeXKjwjTmR9FV3bdo%2FGRYC2EDBY3SQFpRC5ds8eNnARZNUGAbuCUcgESdga32sFfkN8orHXsCgFvd2S7M76wi8oM6IJ4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
CF-RAY: 7f6e915cad3a18cd-FRA

GET
H/1.1 200
OK addtohomescreen.js Show response
quicklookfilms.com/js/homescreen/src/ 20 KB
7 KB 476ms
205ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://quicklookfilms.com/js/homescreen/src/addtohomescreen.js
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e2ed6759ecef104b7df154a21ea4b5943b06fd19806f00b861f5fe53061b6400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:52 GMT
Server: cloudflare
ETag: W/"0b86348aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMEh9Zhb8R6wZfGYXyBMAxeomlQp5z5kKhUxkElkhq0luHf1aDf5TAEetZb%2BDPXn6dSSkntHw997axky8VC%2FcQ39TWIzDijOQ2CUAHcTSVSK1nk4uymmwFF%2FIdwN%2FIDj%2BiYFGysqidGezcZhF0DtXOE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
CF-RAY: 7f6e915e4de32c6a-FRA

GET
H/1.1 200
OK analytics.js Show response
quicklookfilms.com/js/ 449 B
1 KB 616ms
202ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://quicklookfilms.com/js/analytics.js
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ece3d90fa14a5ed71fa5dd1c217416749cb35e146de8acd1da37ea75db4a11a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:52 GMT
Server: cloudflare
ETag: W/"0b86348aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qy9ZQwUolqcRZKFDwd%2FJelgsh4Or%2FHf%2Bw4lrqFrkV2G6nUArWjceU8XxIrO5pMhMIGtd%2B4b9CW6yas3KFlM7%2BThwe%2BlMTEerUfPhuKv9CtsFAttSne5MGSgxA3GeeXwcBLCJPNz1As1SMoYUUSZQb3k%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
CF-RAY: 7f6e915f29c04da0-FRA

GET
H/1.1 200
OK doubleclick.js Show response
quicklookfilms.com/js/ 2 KB
1 KB 429ms
12ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://quicklookfilms.com/js/doubleclick.js
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3dc015eb92c3cfb217bf08306b8e68bae9b41cde0b4100deb59f17cd81b45c78

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3523
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:52 GMT
Server: cloudflare
ETag: W/"0b86348aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QEHUPMonuz8f74JmZUW3l%2BYeZnKdZsAdpb%2FxwEScosi%2BpSynjnRd8azwxRd8JRShsZWsAvSVEjfS6yso%2BgdUjvPbKBSRgXoSqy%2ByOOM5oXUsJZZzVEfir5eCFNMNFVT8RvXngIM7X0%2FPWdpFTq9H6uY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
CF-RAY: 7f6e915f3f4d18cd-FRA

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

56 B
361 B

31ms
9ms

Script
text/javascript

2.16.96.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: quicklookfilms.com
URL: http://quicklookfilms.com/

Protocol

Server

2.16.96.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-96-119.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 15 Aug 2023 04:06:57 GMT
server: Oracle API Gateway
opc-request-id: /AD93E053FB90A6F81E3F348AF7269F29/3B4C8611301AA6E5DAA9F67EDAFCCC35
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

Redirect headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H/1.1 200
OK slider.css
quicklookfilms.com/css/ 26 KB
4 KB 602ms
393ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://quicklookfilms.com/css/slider.css
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: db690d7236877ba9f0db11c61c3bec4292c4ea29167f53739640e56e02254772

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:53 GMT
Server: cloudflare
ETag: W/"804efc48aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MM244TutaOOTZkyOKmuZoRgn0QAx9gq5CumF3B0IKj8NKCH2jTMAmlakTEKZK%2B37m%2FJbLZMIYAK4N5ax1LLT9dKUnTdCKcouBSyBwc7hzll9fli4yBV7uiexXBLdEu9gXsLrBwyHAb9c6n6NAiuVY2s%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
CF-RAY: 7f6e915dedd61909-FRA

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ 441 KB
178 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d005e54c557c7b45e4dbbe2abb05bf33bb52631faed17189da60940b07c25ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://quicklookfilms.com/
Origin: http://quicklookfilms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:18:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 181564
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 12:02:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Aug 2024 00:18:41 GMT

GET
H/1.1 200
OK camera.min.js Show response
quicklookfilms.com/js/ 67 KB
13 KB 920ms
585ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://quicklookfilms.com/js/camera.min.js
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5007dddd8321dc02952eaf9be83c7ffec73ebf4fdefcbfb8968d9f2b853a702c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:52 GMT
Server: cloudflare
ETag: W/"0b86348aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HqijDhQdAPhslpcZwwegXyCLGoEfURyErjl0zB43o1ZSljhrxmerDNNRhcEhl4g45nz1NQ%2FZAH%2FOpaVwwIMsrEDjbLbhqStDVI4ceDrrSzGI%2B3%2BbyllX0ffvsQ9AEvzOihEoauMf6540KNFMqSSgBBM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
CF-RAY: 7f6e915f38e7995a-FRA

GET
H/1.1 200
OK jquery.easing.1.3.js Show response
quicklookfilms.com/js/ 8 KB
3 KB 649ms
305ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://quicklookfilms.com/js/jquery.easing.1.3.js
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cda4b38b39e069aa2813486847385336d428d24a0c67734594116100328774e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:52 GMT
Server: cloudflare
ETag: W/"0b86348aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PEEuL4UQqlRPWlTjpE2hPoHETpUSX2aQykfj5x8MMKNi2s6HuWTt722%2BqHPyIxCIObaMQmt9plUEPkWfk%2FbDcKE9TtlZLEtKQIQiJ3VLpIg1nH2syq89GD52cWDCyfgzc%2BKjyc6ORHF8vjflXN57EnI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
CF-RAY: 7f6e915f4f5718cd-FRA

GET
H/1.1 200
OK jquery.carouFredSel-6.2.1.js Show response
quicklookfilms.com/js/ 53 KB
14 KB 553ms
204ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://quicklookfilms.com/js/jquery.carouFredSel-6.2.1.js
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e9cdbebb93c076de37e208742a252641c50a5a527efcee16fd18dff10f237e36

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:52 GMT
Server: cloudflare
ETag: W/"0b86348aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvqpUB9dKdS2ovjvyTrdqOhREPEaif4Ave1Ho2JSmG%2FeA0gjbFNrtvyIBuJwA5d%2BydIpoAMU%2F1rmt0U5G5mt56Xfn0f4ydwRFekJmo%2BqITSZxt1zzdmG4IFkykefqFAzTw9vGD426gOECCNmqp767nQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
CF-RAY: 7f6e915f48063632-FRA

GET
H/1.1 200
OK logo_qlf.png
quicklookfilms.com/img/ 4 KB
5 KB 207ms
207ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://quicklookfilms.com/img/logo_qlf.png?v=2.5
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c7e9518c0a603d1bdf794fc71eb0b9fe3fda32f1916023ced131ec4f2e2cc24c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 3835
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:53 GMT
Server: cloudflare
ETag: "804efc48aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zBH9kjR%2BYNUWGPfDXrmMyP1s6IY7SRt3%2FbBApoCpUmgosHBwS5J6b2r3l%2F0jYf%2FfPkOVdu25V68re8BAD2gQuESlT1UBQ4nF5tzjpN499LYZNeeWm8wzxsydYOZElHkC2UysAtemrFIPWwJ2xqcwEo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 7f6e9162ebff995a-FRA

GET
H/1.1 200
OK logo_qlf.png
quicklookfilms.com/img/ 4 KB
5 KB 201ms
201ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://quicklookfilms.com/img/logo_qlf.png
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c7e9518c0a603d1bdf794fc71eb0b9fe3fda32f1916023ced131ec4f2e2cc24c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 3835
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:53 GMT
Server: cloudflare
ETag: "804efc48aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oqg2UUHzuNoWa7%2FQfjAOljSQsqgKhL4fHxtdvcD%2BCwwQR2cQXNFiAmgm5DtBVpns2oXUHgvpowktiCdBvRbD6zlCdmOfUyfMYREALUqRXkGUZdyPwYyQ69qdMnFoe9AHG0V0L3W%2BuOSHQfSGNq60hoE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 7f6e9162ea1018cd-FRA

GET
H/1.1 200
OK ajax-loader.gif
quicklookfilms.com/img/ 847 B
2 KB 207ms
202ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://quicklookfilms.com/img/ajax-loader.gif
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 399cfac34c50950373ef31afdf1b09cbdc731c3c072a3ab27f5b8c3cc17b3098

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 847
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:53 GMT
Server: cloudflare
ETag: "804efc48aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrdtLAK945YXBDxcmmBlT5m1HAj1tVQs%2FmE0rVYJY9TrObFIHdlBVzwktSYJejcc4K3lNuPfoZtnHgLI%2BbXwv2kU0OgMs1g0ZgFiyDHISFq4Y9hGkPwqYR9zOvdBnVYkbh32ug3hbAddV0HMgUk%2FTe8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 7f6e9162eb133632-FRA

GET
H/1.1 200
OK logo_qlf_r2.png
quicklookfilms.com/img/ 7 KB
8 KB 217ms
212ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://quicklookfilms.com/img/logo_qlf_r2.png
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7545aa14eecb86922da7d862be33d1b06ca00667d051a7b2fab808de34340ca9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 7439
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:53 GMT
Server: cloudflare
ETag: "804efc48aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1g52B%2B8KkyGnGawBv0E6%2BrzIrirc5t2k%2BJ2R1rygsC0DMGaQ%2Fyf0d9nmdn3MgVeqLEEYcKPwNOwl6DaKpGAiBCooC%2F6oMdgZSdXMI32bmaIqA39BGftXjHedb%2BHTHP68K26oOdL%2F8%2BgLjAOaDoP%2BVs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 7f6e9162ecff4da0-FRA

GET
H/1.1 200
OK icoFacebook.png
quicklookfilms.com/img/ 5 KB
6 KB 205ms
200ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://quicklookfilms.com/img/icoFacebook.png
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5e1eecc92a892bfb471410f40fd44efa0aed2436b9abebfaa91a5ddfae456412

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 4914
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:53 GMT
Server: cloudflare
ETag: "804efc48aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7H8dVB2kIbuuT%2BianVzF3D4C2gRnBLahkDI2SpY62dANfYtzBGN9ahM5%2FqNZg0rlaWaRgL8%2FCsBhqzgdL213eKk%2FT7ekvn18ykM07KVQU%2Fn9QjU0wdKToLZvSGprOAjGOVBESdfAdZ5cODGSR%2F8qXo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 7f6e9162e9e81909-FRA

GET
H/1.1 200
OK icoTwitter.png
quicklookfilms.com/img/ 5 KB
6 KB 230ms
225ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://quicklookfilms.com/img/icoTwitter.png
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dfaee2323709489095c5daa4d9bd219f667265e928513884ed5988ef3f2a414c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 5316
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:53 GMT
Server: cloudflare
ETag: "804efc48aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJokZ%2BfqNeu4UQIQSMM%2BxJDJkh%2F%2BjSi6gKec%2FPqBW4GPZyfkgLRDvUorQaUlbCAEXrK4iz2hC6AAUiEMmR16KEv3g89zflbaS%2B%2F0Ae5SeFau0KDkLjJ3yjoO8Gp8gPxf96nILUz4zKQyiSh9gScvEM0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 7f6e9162e9562c6a-FRA

GET
H/1.1 200
OK 215333H1.jpg
www.movienewsletters.net/photos/ 57 KB
57 KB 1245ms
205ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/215333H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 872ecbfe4bc926363100290fceb390fcba72e29102e0c0720ef511a396095f13

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 57990
X-Powered-By-Plesk: PleskWin
Last-Modified: Wed, 14 Jun 2023 01:11:46 GMT
Server: cloudflare
ETag: "275173305d9ed91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfPfTsgdsALFz9zLwi%2Bj2Vil9NPIvC4h1UVzRDC7Vr7glSQu4bko4KXQ%2BXoHnvFSyK1vIpqMVHM8C3cSZp9JDhXBrmMr3MDs%2Fl9C2LgsbmSS5qkh8VWFjZj8LK8ulO5DW7Q%2BRph3VxLLbc%2FPjdYGc5hbzed%2FX3Q%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e91696b9d18dd-FRA

GET
H/1.1 200
OK 323982H1.jpg
www.movienewsletters.net/photos/ 73 KB
74 KB 1244ms
202ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/323982H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: be3aa030dc7bf5db14638aaf4a9d93b2447bf461fce2cfa5b142d2f50748bad7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 75120
X-Powered-By-Plesk: PleskWin
Last-Modified: Thu, 06 Jul 2023 20:23:08 GMT
Server: cloudflare
ETag: "cdc1baad47b0d91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqgAsvjnjA2e%2F759O5Zs9Lzh3MGH0gcW0BTlLmZVHnbY0UTt4Qij5XkbgmMfKyHUaHwtOFF7tvWHXLSgRwl%2FxAPpHtNhCAtrSMKNVaqHLc3SdPNx2cwe848yO8S7U%2FRPH%2Fl77pk5ebhweA7ko07gqenmBHzvJeE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e91696b30365f-FRA

GET
H/1.1 200
OK 330007H1.jpg
www.movienewsletters.net/photos/ 65 KB
66 KB 1599ms
486ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/330007H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 648976a80e9a7b52bf60b724b5f4c3570e9279f07d9c02ed111694895ec99fdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:59 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 66884
X-Powered-By-Plesk: PleskWin
Last-Modified: Wed, 26 Jul 2023 02:09:28 GMT
Server: cloudflare
ETag: "911a263566bfd91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qVtXxmE2RP8Oewlm%2F0WLIkHWICoq7ScK%2FId6McmebgHF4oKTXSTRKOAs9KhkMXe5PALMXSkGII8t7bK77iDEZN66DbDKHSAJI9G9qBEmQ6AKvP68tdVYBzY122hTJFb10G0cxaQ2%2Bm0KR5tRPbXfnmwe9pSj84%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e9169daed18ed-FRA

GET
H/1.1 200
OK 319124H1.jpg
www.movienewsletters.net/photos/ 78 KB
78 KB 1008ms
496ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/319124H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 12ef509e3b166de568e88799d8ac9fa337f2af6c7460fbc60f0b96e01d254356

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 79421
X-Powered-By-Plesk: PleskWin
Last-Modified: Wed, 26 Jul 2023 18:51:19 GMT
Server: cloudflare
ETag: "e7682af2bfd91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kWo96w9BViQiTcSBuXIzor0yS5twPyqY3bMXGJ5hbpEW9yfkehhtPU3JJlH2Rr0z0Cvphzv3VvRFavKUNiBZxv9dPazehaeBRsbm6zD%2Bw75D27ae40q3YZD1Gur5ZGEE56IedBjIXxn5wG%2B9qfEN3Mr%2FMoosrs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e9166494c18dd-FRA

GET
H/1.1 200
OK 287397H1.jpg
www.movienewsletters.net/photos/ 69 KB
70 KB 506ms
500ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/287397H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 58d668a9d1eebf9c884fad67cdeb9893f7d8d4ed12cf102b897ac21ad140f5d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 70510
X-Powered-By-Plesk: PleskWin
Last-Modified: Thu, 18 May 2023 19:57:46 GMT
Server: cloudflare
ETag: "cfb94b4c389d91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4tdjvRP5P3EXNFl9mywvl%2BW8OlvMlIMirDU%2FVrSHE9p8WyAc%2F%2BPUyf2fF262b0M%2Bw%2BzRKGH2%2FJ1IUGknzAT55BgwlqPhN8NYH7awM4P6YKSLHnSdHgQiLZ5oAuu%2BvnxMIHFFQW7wivBdJPlXIa1QGxhc%2Bd%2FQBqQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e91631eb718dd-FRA

GET
H/1.1 200
OK 338135H1.jpg
www.movienewsletters.net/photos/ 59 KB
60 KB 430ms
204ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/338135H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0378ab4d35436e3488b455ec8edce4c7ef96cc56cdef63e42e0ad306d37548b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 60863
X-Powered-By-Plesk: PleskWin
Last-Modified: Fri, 28 Jul 2023 20:06:29 GMT
Server: cloudflare
ETag: "17e74cff8ec1d91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3Ms6eCT6X7K4VLaZ4OGT5BnfW3JPogSTrMVlK%2FfT5ZYk7bpoSCf6G2vDhPS3xQNadnfRAXdyREmU39WBLRJmbzxLoo4on8gamR269%2FIlw8%2FCmurvbqJHDLSMAoELMZ2Je%2BCzMFXGtVFiiCXy7cKiAaf0D3PCeM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e91647acd0476-FRA

GET
H/1.1 200
OK 332735H1.jpg
www.movienewsletters.net/photos/ 75 KB
76 KB 597ms
589ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/332735H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 43d0f20a050d600d37b87e2eadca3a964c204a2b7cc78008853c95dac4d0d9fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 76884
X-Powered-By-Plesk: PleskWin
Last-Modified: Fri, 02 Jun 2023 20:04:32 GMT
Server: cloudflare
ETag: "41f343728d95d91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJoTbbykVJoYal0Tnh8P0CkaobhpW20Tbmaa9rtsYWkkzCtZAIUWNqYSAzzwcJcwUzzIQCcnYEn4Pa1iKd0UqtSkdNGwFGT3HEHshoSaok2KkvkbdLZLIZnSSB%2Fu%2F37CPxB8Zz%2FR9u%2F00iP0GmVr9v5Jg5dtwkg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e91631dee18ed-FRA

GET
H/1.1 200
OK 320625H1.jpg
www.movienewsletters.net/photos/ 47 KB
48 KB 227ms
221ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/320625H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2bb0e70d013d7a0d2b841aed68b8690e77a66322823d2d4c427a68c8db3039bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 48491
X-Powered-By-Plesk: PleskWin
Last-Modified: Thu, 20 Jul 2023 01:56:03 GMT
Server: cloudflare
ETag: "58522c57adbad91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oenDw1wjU8i5DmcqOgHxQodYsitfu0dKwNXOXBcFGEx6TNeTqNlqSaaXUPQWMy7JVnKZ8QO02lViOycY6J0AIQaVZdab4zrMOx%2FKkAWnSqxhLEHXGH43eglSVuuhSpAEdhMRpE%2BDJCMBujJrxaK7uq0poRcRjjs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e916319f80418-FRA

GET
H/1.1 200
OK 337713H1.jpg
www.movienewsletters.net/photos/ 59 KB
60 KB 514ms
508ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/337713H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 020f299b8941a9e9e364af5a985a77dfa0e300a30f22bfe78b1fd03a7a37a72f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 60302
X-Powered-By-Plesk: PleskWin
Last-Modified: Thu, 18 May 2023 19:55:59 GMT
Server: cloudflare
ETag: "df915ec4c289d91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ln%2F5w6xaupoKZYPUgHNTKmaZjXAL7Afe7ZntixzPJodZA0HWbGWlHCccvTUEb5SMjCsv4g8FxrTg31%2B9cZVyqmXK7K5bGz6lmdl0gBLOr8XtI9nrcnM4DzhvaFMOp7kKoCRW26A%2Fq1Y%2BChvXMG1KsXLHqT4dPM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e91631ec3365f-FRA

GET
H/1.1 200
OK 335198H1.jpg
www.movienewsletters.net/photos/ 43 KB
43 KB 1085ms
480ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/335198H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6f85fd31f5c57c7d36de63e3c83ad32fce34b5865689e1a096816aa29964e929

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 43559
X-Powered-By-Plesk: PleskWin
Last-Modified: Thu, 22 Jun 2023 19:33:38 GMT
Server: cloudflare
ETag: "4b5eb77140a5d91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuX4BHXD4YxQqOLILfXVxakyULg6YI78l%2BKSTWV1Ctoz9zoKU0Ql4N%2BB00qTCv7TvWfSAsT7Wle6wZeh2BIcxOi5fARlKYdlP4OsHNpfAH93%2FAB9eZsoMNEJvS8txAftuCXzORpxpOu4UcBUq6%2BfoWp4GXot2iQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e9166d8e718ed-FRA

GET
H/1.1 200
OK 240885H1.jpg
www.movienewsletters.net/photos/ 71 KB
72 KB 1014ms
493ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/240885H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 01417f6a12673d8cca8b8254812ee9e13352adc6e63029f88e04a554e6189a2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 72882
X-Powered-By-Plesk: PleskWin
Last-Modified: Tue, 06 Jun 2023 19:52:42 GMT
Server: cloudflare
ETag: "f91b474b098d91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5gcYj17yf2kSvL1bJSgGeLkxnPX79o0V8gJgMvdIKCFAmst2339QYSUZOLZ2AqGLFQKVZSQ2XQw68Xmf9N%2FOtLkrGlBp73OQ3J3dieUZ7A6TyJ5IAaQz3ayoiuChenTZ0DGu235fEKIvpZIO7zbvMggJqeTd%2Fs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e91664901365f-FRA

GET
H/1.1 200
OK 339741H1.jpg
www.movienewsletters.net/photos/ 84 KB
85 KB 1171ms
507ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/339741H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 155f7cf453d9cc2e003d0ccc540b2694914f1318942bdb26fd2dd1c752e11f89

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 86376
X-Powered-By-Plesk: PleskWin
Last-Modified: Thu, 06 Jul 2023 22:17:50 GMT
Server: cloudflare
ETag: "bfeeb2b357b0d91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rT0zrFvZ%2BEVVzU6q7saPBiDtrXkOQFBi1EKpbbp0zuumUPRcfXfL0B2vfR8Tk0dz3ifAnRiMNqhfrNr1VGHYKLxqFc7OgqlwI5%2BGnvgYlvAQUSLyC2uYaIQj%2BPSGPdV77l2iTJcjCwg7r4M%2FcFyZm9r%2BUh17sl8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e91673db80476-FRA

GET
H/1.1 200
OK 309732H1.jpg
www.movienewsletters.net/photos/ 71 KB
72 KB 202ms
202ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/309732H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ec7472b427acf3defeca6cc77fb6e72019339a9d5c076c7c1c4255722dfb1438

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:59 GMT
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 73125
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 08 May 2023 15:24:15 GMT
Server: cloudflare
ETag: "21111426c181d91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHwi52RopoDdK1e0cF3kJfY27UOrEhZNKMfcobf78t5Y%2FsnIeNOso6YVjBm0ZGqolf1UKvxAQ6U%2BHtFasew2%2BXawqPSbSKUUvnw2AVVNJ2MdxtxSAksu%2B09fWR5evOsZ3v1zl%2BXKYwcqhG7IsI8hE8FLSGa%2FcFE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e916a2fc10418-FRA

GET
H/1.1 200
OK 323168H1.jpg
www.movienewsletters.net/photos/ 79 KB
79 KB 203ms
203ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/323168H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 074db9746bcdd36aa0b58213908b8651049a5f5911f9e8872c2fb94300b82fbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:59 GMT
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 80464
X-Powered-By-Plesk: PleskWin
Last-Modified: Tue, 14 Mar 2023 19:49:02 GMT
Server: cloudflare
ETag: "3b51fa6ae56d91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpCvizELr3isymwkbXKhsGNK8XFqu5HpqNUBgNWz27H9qlfk4C6UsuoppKvW%2BTP0p6HFTSmrQYR8Viqo1LPXiMgmIZzbB8UDPirRytYPt7wAmI8uc3AZPATPJnWzM8BNPa0Pw6hEz8nzyVHPVZyrGSE3hzQzcck%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e916a3b034d49-FRA

GET
H/1.1 200
OK 324884H1.jpg
www.movienewsletters.net/photos/ 68 KB
68 KB 494ms
493ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/324884H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6e263d41c9e9d77e6770c2a58cc94f20394d02f3d3b69559b569a30fc73857eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:59 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 69170
X-Powered-By-Plesk: PleskWin
Last-Modified: Wed, 03 May 2023 19:13:50 GMT
Server: cloudflare
ETag: "dd7a9c64f37dd91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVPDd%2FIC%2FWtAmKZcTmce41Q0GSiVWgLy5y4P3FTR1ZYRSCfPc1FPpCnj9Dr8WsPb2jEJGfc2UVKcHj%2BtAHQh%2Fh1RsJKalxB0JoXVjwF8IJVygmQEawbmk7rcwojxK8fmEY3dnIxpcjNkAnAdQQ%2Ba8jSNnAv25PI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e916abc08365f-FRA

GET
H/1.1 200
OK 344933H1.jpg
www.movienewsletters.net/photos/ 78 KB
79 KB 493ms
493ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/344933H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 65d2bc51024978b3dfb6cf6d8497e689251e857107ac4e19fb32cb11b6dd3796

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:59 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 79722
X-Powered-By-Plesk: PleskWin
Last-Modified: Tue, 13 Jun 2023 01:13:50 GMT
Server: cloudflare
ETag: "89882450949dd91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAGIM%2F541hTgeBcmabKp2xP8o0WJQpMDncocajjPF3%2BimtThRwtWZHVjJagbhfylQ1Svofg%2FVr7WOMNiRGJA93mvOfrPoLqpS5vkBzrU9PALEmhKwqv5HAGapx93VrZAo5JvTVaE3AFGdqKacyWo%2BbajNHLAJp8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e916abc8018dd-FRA

GET
H/1.1 200
OK 343370H1.jpg
www.movienewsletters.net/photos/ 68 KB
68 KB 486ms
486ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/343370H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6bb36559e0c2ed129529ede7b488c3ffbea0618712d65a0bb9600e795947f44e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:59 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 69322
X-Powered-By-Plesk: PleskWin
Last-Modified: Fri, 17 Mar 2023 19:58:59 GMT
Server: cloudflare
ETag: "2730e8e9a59d91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAIfzKerkysa%2F6e27tjnWfFa7JvO1xyn%2FKSgwNt%2BWT%2Frq5OOTNLP5DVKa1cQfDXoGISkQbdrZW2syzdz7J2EMMHddoNPkodUFEJiOK9LdtztkyWq99GK3SAdcggT4zEiwZ3IGbHhzlp0yl1DZiRUCRw3pJexKQQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e916af9160476-FRA

GET
H/1.1 200
OK 337937H1.jpg
www.movienewsletters.net/photos/ 46 KB
47 KB 537ms
537ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/337937H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ad232e826d2e8632b094ded70aa2a91655fc5dfbb860741a71788ab5f149e803

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:59 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 47299
X-Powered-By-Plesk: PleskWin
Last-Modified: Wed, 10 May 2023 18:47:11 GMT
Server: cloudflare
ETag: "9e3db7d46f83d91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUzdrixP3Ob6SImhDlDVQaXlC8l1BFDePAjBqyU1z3dFo5r1X2%2BZHX0kizWkc5PMNh5%2FO4r1krugbxDe5EJ0vm3H%2FJSu5lwwXcqTnTEXMs0fMnXobViotnAaiB7cfe73kmqWB46obRsMoHVk9Rd2RHZoh3vBGhg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e916b78ff0418-FRA

GET
H/1.1 200
OK 339860H1.jpg
www.movienewsletters.net/photos/ 59 KB
60 KB 519ms
519ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/339860H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c8ddbe4166c81f83e536dc3418b12f5975d9c6a3d8bc5c11e4e1aa9c4f7c5d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:59 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 60155
X-Powered-By-Plesk: PleskWin
Last-Modified: Wed, 08 Mar 2023 03:13:43 GMT
Server: cloudflare
ETag: "6d2b53fd6b51d91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V30xJs3VkdVdJnNt4pbjk2dwRv%2BK%2BcXG%2F%2Bl%2FjxCucmRTwR%2FLupdf7kBbSJeeojXX5a72cyClpg6AKE%2Fbe%2BAH6upNAqrozab29ENUwUdx2LZkDzHd6meAcAiuJSuDaSzE3SGU9W0n7Dfz6Pi5deK%2FBBXp6nI%2Fkz0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e916b8bc14d49-FRA

GET
H/1.1 200
OK 319123H1.jpg
www.movienewsletters.net/photos/ 58 KB
59 KB 117ms
117ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/319123H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: effc9624fd64d670ca3a9d946e8c5d2c0957c7549dca021f9cc3060ebc2e6815

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:59 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 59391
X-Powered-By-Plesk: PleskWin
Last-Modified: Tue, 02 May 2023 19:29:19 GMT
Server: cloudflare
ETag: "db7ae642c7dd91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1SNwpqEgAj5tcqsZChFMaWoPaQIoMmIBOyQdu3QtGdaEzooxYhOWfEEmQW4MxKPJc7s0K%2B%2BTBXRjsfE85%2BOu3pV3vJrIqsN7U7%2B9OoQEc1KPU03siMJ7SQPJmhyBmgW0YvW1FkO9v6QLSCCaj6jzE5O4YeiIIA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e916ced0a18ed-FRA

GET
H/1.1 200
OK 327209H1.jpg
www.movienewsletters.net/photos/ 64 KB
65 KB 664ms
231ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/327209H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 421211c61f741d85da3a8c808b158c0cadb52ea6b7c714e22624e8b1e322c2c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 65380
X-Powered-By-Plesk: PleskWin
Last-Modified: Thu, 08 Jun 2023 17:16:42 GMT
Server: cloudflare
ETag: "8b6bd3fe2c9ad91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hB7QaoMsew5UZGy3csCIaZVmwL7wXDpFR3JZGpnSNbF6%2BxZHMaFoc0dOnTYXv%2BMr5LKp06yQ6QGMdkS3S8aIJnVj9oudRo%2BYo8aYf81FKtXOP6jcGfwA0lQOf6ONAr%2Bf7rlyX%2F4hxi3vwU5OvvP4fL2%2FToHQPjc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e9165cc980476-FRA

GET
H/1.1 200
OK 329160H1.jpg
www.movienewsletters.net/photos/ 70 KB
70 KB 737ms
502ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/329160H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b6d292cbd0ce1bd350e48db38c1e8ac66d0b31f5ebc11217cefc8dda01d3478c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 71336
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 24 Jul 2023 16:33:39 GMT
Server: cloudflare
ETag: "6d2409a4cbed91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79hAcRwKGFR%2FXZHZCHKNijx01uGFtHdPLWvwudBhMYvGNhTLrf2OwFTP9L44P%2B5jYQq5dUpCWPeZ0oyrRgQ75fVnS7V%2F0y%2Bx72MlnO%2F1ebeY4CxBlME8r2nRU4PmA0WIWxLLyHw9gFkDWXlS6d3qTqqAJ9IXjUw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e91648b390418-FRA

GET
H/1.1 200
OK 334011H1.jpg
www.movienewsletters.net/photos/ 64 KB
65 KB 217ms
210ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/334011H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5947718a3d3aff9abaa74cf205ff2a663bf897621783c41486bf19fad5d8f619

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 65711
X-Powered-By-Plesk: PleskWin
Last-Modified: Wed, 02 Aug 2023 01:53:14 GMT
Server: cloudflare
ETag: "e9a38719e4c4d91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUM2Yxi5yHQFhmWYFiodVp5DmbML1m5IhUFNx05KJYLA5Taqrcev2gQ2LJpQMesnCnCfV5a1LFVtYwhPB4a98PZbSRqEfRaAO0DA6hLRALGRl5ljYRnvlZB1CsdjCJhrTYbFZ7OS3zcpWNyHxvr78gOlx%2F0RVrU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e91631dae4d49-FRA

GET
H/1.1 200
OK 342475H1.jpg
www.movienewsletters.net/photos/ 45 KB
46 KB 219ms
211ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/342475H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3f1415b649457113ddf57c4b1b9877cecaa55812f2c48e35871f6ae797713415

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 45823
X-Powered-By-Plesk: PleskWin
Last-Modified: Tue, 11 Jul 2023 01:11:18 GMT
Server: cloudflare
ETag: "7bf6f79894b3d91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5UOCq%2FwueU%2By0yGMPFh5c%2FU4jsxGlQYqWIMjkxEOBu8yAGA03dM09lVbtzG%2FMQXH3LC9ULudXIZ2G3I3JksVJ%2BCh9oPxaYf9BFunFRrMsq5k5KG5baZiHS3DjFC%2FHdMNJGzwfZcSvH3j1CQ6%2B1a8I%2Bsd9W9vXlI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e916319a40476-FRA

GET
H/1.1 200
OK 344399H1.jpg
www.movienewsletters.net/photos/ 55 KB
56 KB 939ms
507ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/344399H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4f4996a11cea37ed11a61cb87ca9e08d4e86c304fae4cd544945b5c0c7f9ea40

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 56711
X-Powered-By-Plesk: PleskWin
Last-Modified: Wed, 28 Jun 2023 18:58:53 GMT
Server: cloudflare
ETag: "d477895f2a9d91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fJgxxPG9Id%2BpwUk0Xq9R3UEfT3qKiJDsLvJ3OHuQXbatvXZJtqyc%2FT9IIqGnM8hahWDuMY8ajwSE30iUlp%2FSXApKskxp4APmTm71JmnLJ23EdIhcL%2FX3SFDDAQxzmXqOyPoN%2Bj3ovHFtkXTUCLb4DYzA1l9%2FwE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e9165bfb54d49-FRA

GET
H/1.1 200
OK 331707H1.jpg
www.movienewsletters.net/photos/ 28 KB
28 KB 432ms
208ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/331707H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ea9a6623d05c1e2433786c3c0a9857e8dc53bd55a511755d93727f3c3e739396

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 28183
X-Powered-By-Plesk: PleskWin
Last-Modified: Fri, 28 Jul 2023 20:05:18 GMT
Server: cloudflare
ETag: "2179ead48ec1d91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8a8lcSC9bHXuBHaHQO%2FD9cXVNWDv0pm2bptRMRr%2BdzReXiXlQXNgp6oCsSwiDxtuniW5WDIgwquRrcRDlztvfaINWFoyBVhxcfpAfr2TBYh%2BxVfMQZtw0sANXjoeskWCJc1xWSq6AxwYuyV%2FIAgcbjCEYIa5DnY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e91647ea84d49-FRA

GET
H/1.1 200
OK 342560H1.jpg
www.movienewsletters.net/photos/ 68 KB
69 KB 1093ms
207ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/342560H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f39159bf7db2f0a379ed9de4d877e25feada0e2dc57bd86c53a0df5c1370709f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 69840
X-Powered-By-Plesk: PleskWin
Last-Modified: Fri, 14 Jul 2023 02:24:10 GMT
Server: cloudflare
ETag: "d2791646fab5d91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aa%2B4nrW%2BvA7L8W0uZ8prRZs43uQYq8RuN9GV%2FfL2zuHqfMZAJVcmuB4pTbTBw%2FT8OaWS%2B9t55msKJKMpHgYt1y7v5T2a6bsXrzaz7SxyFYbLm5rXyWtWMJGpEvrSCYRx5PRMZHSheL%2FEN7s4e0RZz6qtROi8q8M%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e9168ea1a4d49-FRA

GET
H/1.1 200
OK 336686H1.jpg
www.movienewsletters.net/photos/ 33 KB
34 KB 1082ms
398ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.movienewsletters.net/photos/336686H1.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 249d3f782895ab1fa4b7b403c51e1daa1bd3def9e6ba4476e4517d776e62f37d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 33906
X-Powered-By-Plesk: PleskWin
Last-Modified: Thu, 06 Jul 2023 20:17:00 GMT
Server: cloudflare
ETag: "3b6b43d246b0d91:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39BDnjSxPKuYkK%2FOG1k4617UBL%2BrEcaYhJw0iyNPn1ddWh2npHj%2Bccrv4XmspMXY9Yi21vP%2B6TUocL5E2jt0GyiclX52KRNjDsZAroWXctj20dXU3VOvfjYpxaFd22xEM%2B0lU7RLG0mY7eQ14XEEuoCTY5rYybs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=18000
Accept-Ranges: bytes
CF-RAY: 7f6e9167adfe0418-FRA

GET
H/1.1 200
OK icoCarouselLeft.png
quicklookfilms.com/img/ 4 KB
4 KB 396ms
217ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://quicklookfilms.com/img/icoCarouselLeft.png?v=2.5
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a460c346f2f67ba91b91cc217745371f313fd097dee8fd728729042a914f060c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 3799
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:53 GMT
Server: cloudflare
ETag: "804efc48aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2amTmehIsf1%2BS6JV3JxJ%2F8OfiXnDQWi%2FWNWYgrvTVTGrAHl%2BiGalETb7Hn3qV8pOxGezMPJBhnLcXRNehOhh8nAvXhKt1tJvAJ7jWJ7r0ymN%2B9C8WZKhYwbLHmcDthkeDGxBy5hhyqlpkjdfdZgl33M%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 7f6e91642ae21909-FRA

GET
H/1.1 200
OK icoCarouselRight.png
quicklookfilms.com/img/ 4 KB
4 KB 406ms
215ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://quicklookfilms.com/img/icoCarouselRight.png?v=2.5
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fc5ab5e78e6defc471c440f6056bf0d3be1c7c792fd585a1aa88f9e18a2fac88

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 3806
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:53 GMT
Server: cloudflare
ETag: "804efc48aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fO8zt149z8DEAu%2BRDn%2F88j4AzY2BIKn7REb5fRmrGN32ZMOiXnA1mG1gkvG2q%2BXZGEB8Jz7ETXK%2F2w4hgYIIGNiLhSZ8uJ48zB2yRPOvNWSPT%2F88%2FR7rcWmdL2gbBYQichtoW4aS04%2FZvUtfrVyAUnQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 7f6e91643dcc4da0-FRA

GET
H/1.1 200
OK butFacebook.png
quicklookfilms.com/img/ 9 KB
10 KB 498ms
300ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://quicklookfilms.com/img/butFacebook.png
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6bc42477ca6cf8db8a46254cb6cac167056ff433853ebe21d0def3c246d39e01

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 9263
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:53 GMT
Server: cloudflare
ETag: "804efc48aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDQMfK67dHFQpK3CRwiP83eiDlQlSO7DzMhDe1Rz3XZ8qIvSniLSwkAwXAFk80mMGKfmUnpPWUpgB2TE1uG28Po3lwt29Qxim95UCDBPR3ixK5rHk17hJ7RWZGqC5CtutFIPtWjZlP3MpJQK%2Bk5aygs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 7f6e91644afc18cd-FRA

GET
H/1.1 200
OK butTwitter.png
quicklookfilms.com/img/ 9 KB
9 KB 490ms
309ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://quicklookfilms.com/img/butTwitter.png
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0017f73e43d09649abe61c8b2316f73e06bf107cec3f42f29accd94ebba07c12

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 8882
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:53 GMT
Server: cloudflare
ETag: "804efc48aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpT1ymgWxd0MMPHVX1Q3Du1%2FuFoyTbliXcTMWWxlJa75mkEgu264XnZ18W9e2PGstS7ndLQSx91%2B7UejvkX2rl01ooHmKH%2BXaTAyCp3B4Q8cQrwbYOnvL9qgHF%2BbA4esJzdo62WpslNrC67VOBRhkjI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 7f6e91642c163632-FRA

GET
H/1.1 200
OK logo_footer.png
quicklookfilms.com/img/ 8 KB
8 KB 489ms
310ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://quicklookfilms.com/img/logo_footer.png
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 13b500b0c7e8e1d25b6740ec2cdd6c3c55c78d8355499780b1395c3dcc3dd519

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 7724
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:53 GMT
Server: cloudflare
ETag: "804efc48aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJzMIvMlMEO3O7EKKUdiis5gZWiff%2BGUv4FqOe2fVV49mVO41aUVcMr8klea4yedBOMQTXE3ZCFm1n9brVLOJsO98pkqc%2B51qYl0Hny%2BRKXBtA0DqHYyVYGN%2FmUxZNPfRS0aSIVME7tSMgyaV%2FuSP9w%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 7f6e91642d34995a-FRA

GET
H/1.1 200
OK light.svg
movienewsletters.net/poweredby/boxoffice/ 27 KB
18 KB 430ms
403ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://movienewsletters.net/poweredby/boxoffice/light.svg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1abae03685f3c4ca8f33a90a649fd09d397f626245298123004efa7b4e3da28c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
X-Powered-By-Plesk: PleskWin
Last-Modified: Fri, 01 Nov 2019 16:48:05 GMT
Server: cloudflare
ETag: W/"7661ea21d490d51:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUcck21mUDdACLqmw%2FJ29HgRt9MTvTIMaKOjRqng8MJIh7gB7Yc%2Fr2gKoI1SU%2BMEvDrGyQXW30xetGDp4YrN%2BccksjDsj1BfO6fhBhlFPI9gwqm%2FMOK1%2BebTwlnQvJrn41jhhlVPynxTsN5S6dRw7JRnog%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
Cache-Control: max-age=18000
CF-RAY: 7f6e916339352c4e-FRA

GET
H/1.1 200
OK bed62a50a3.js Show response
cdn.tradelab.fr/tag/ 9 KB
4 KB 64ms
20ms Script
application/javascript 152.195.132.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.tradelab.fr/tag/bed62a50a3.js
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 152.195.132.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lhb/6387) /
Resource Hash: e29e39f6d04b2d507ee2b0e46e8d0e6d8d38031ce743904604b26806a5138496

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Jun 2016 14:37:49 GMT
Server: ECAcc (lhb/6387)
Age: 590
Etag: "251b-53460aabbe868-gzip"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1800
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 3277
Expires: Tue, 15 Aug 2023 04:36:57 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

52 KB
21 KB

29ms
6ms

Script
text/javascript

2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: quicklookfilms.com
URL: http://quicklookfilms.com/

Protocol

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 15 Aug 2023 03:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1034
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 15 Aug 2023 05:49:43 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

gpt.js Show response
www.googletagservices.com/tag/js/
Redirect Chain

http://www.googletagservices.com/tag/js/gpt.js
https://www.googletagservices.com/tag/js/gpt.js

83 KB
28 KB

75ms
52ms

Script
text/javascript

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: quicklookfilms.com
URL: http://quicklookfilms.com/

Protocol

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a258a52248ab55c4f9c1d8561aea95ceb2da16789b8dafd1bc81ef896e5c4eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28113
x-xss-protection: 0
server: cafe
etag: 468 / 19584 / m202308080102 / config-hash: 14771428451550081825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 04:06:57 GMT

Redirect headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
X-Content-Type-Options: nosniff
Server: cafe
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Location: https://www.googletagservices.com/tag/js/gpt.js
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Tue, 15 Aug 2023 04:06:57 GMT

GET
H2

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

29ms
7ms

Script
application/x-javascript

2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: quicklookfilms.com
URL: http://quicklookfilms.com/

Protocol

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f17e290ff96f369cd54d033177249d1038c508872ff8a76fe92540d7da190ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 15 Aug 2023 04:06:57 GMT
content-md5: i9IESY5jjyCz/lqUUqyeBA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-debug: HxWmMxyee24GbXRTd+C2UA3EQ9/OrvtalHf90CO485gmOg1dehBs6uA5ieMEYlTpJ4MQ2I299vjabK7FdfoJ/A==
x-fb-content-md5: 13779d32f7d3bf01d134f489e91f04e2
cross-origin-opener-policy: same-origin-allow-popups
etag: "324f3bfc6c6ba2030e38903e74989295"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 15 Aug 2023 04:26:26 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js#xfbml=1
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 54ms
12ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (via/F33B) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
Content-Encoding: gzip
Age: 183
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (via/F33B)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H/1.1 200
OK loader.js Show response
cdn.taboola.com/libtrc/westworldmedia-quicklookfilms/ 471 KB
53 KB 216ms
200ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/westworldmedia-quicklookfilms/loader.js
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6c57e3349477c34044156dbd5d0c4821b5cf5f097ce64a1c1b5160a9117e4c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: bnR0qHz2vwj9oSUbyOPOmwND9mHy61B3
Content-Encoding: gzip
Via: 1.1 varnish
Date: Tue, 15 Aug 2023 04:06:57 GMT
x-amz-request-id: 0PQMT23N38FEE4YB
Age: 0
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-amz-replication-status: FAILED
Connection: keep-alive
Content-Length: 53146
x-amz-id-2: 64oN5CCR/TEuk48YuJvZSHFidvPOZrp3rVbN0a49OmVhpWI4YpusN4FoJI+l0tKpWdNzY1eZ6eQ=
X-Served-By: cache-fra-etou8220043-FRA
Last-Modified: Mon, 14 Aug 2023 10:11:33 GMT
Server: AmazonS3
X-TBL-DEBUG: bestatus=200,beresp=OK
X-Timer: S1692072418.785038,VS0,VE194
ETag: "87c992a7b9498aa42035cd943cb62525"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
abp: 43
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=14401
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 4 KB
3 KB 35ms
7ms Script
application/javascript 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:04:12 GMT
Content-Encoding: gzip
Via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P3
Age: 166
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 21 Jul 2023 22:21:17 GMT
Server: AmazonS3
ETag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
X-Amz-Cf-Id: ZiLSZDdhnjEwRXiETCCdbC3iPS-f8jLv-EJzaMGs25vYxGYuzCdLQQ==

GET
H/1.1 200
OK 1036.js Show response
cdn.tradelab.fr/fseg/ 7 KB
3 KB 20ms
20ms Script
application/javascript 152.195.132.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.tradelab.fr/fseg/1036.js?add=5415926
Requested by: Host: cdn.tradelab.fr
URL: http://cdn.tradelab.fr/tag/bed62a50a3.js
Protocol: HTTP/1.1
Server: 152.195.132.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lhb/6290) /
Resource Hash: 4b0d2a5f52d1c4378af912df1a9f3b770c158c7435e8b74276e5debf27015a1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2016 10:12:40 GMT
Server: ECAcc (lhb/6290)
Age: 590
Etag: "1c3f-536e0b16dcbe3-gzip"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1800
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 2621
Expires: Tue, 15 Aug 2023 04:36:57 GMT

GET
H/1.1

200
OK

/ Show response
its.tradelab.fr/
Redirect Chain

http://ib.adnxs.com/getuid?//its.tradelab.fr/?type=tlsync&uuid2=$UID&callback=tl_sync
https://ib.adnxs.com/sbounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dtlsync%26uuid2%3D%24UID%26callback%3Dtl_sync
https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fgetuid%253F%252F%252Fits.tradelab.fr%252F%253Ftype%253Dtlsync%2526uuid2%253D%2524UID%2526callback%253Dtl_sync
https://its.tradelab.fr/?type=tlsync&uuid2=2653647838545845123&callback=tl_sync

53 B
540 B

14ms
14ms

Script
application/javascript

85.17.192.105
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://its.tradelab.fr/?type=tlsync&uuid2=2653647838545845123&callback=tl_sync
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 85.17.192.105 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.20.1 /
Resource Hash: a0fc6dc4d8d275c833bf9b389ffa75ad29c226104301d521738caa05f9df3715

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 04:06:57 GMT
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
P3p: CP="CAO PSA OUR"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0,post-check=0,pre-check=0
Connection: keep-alive

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 04:06:57 GMT
an-x-request-uuid: 43556587-fe0e-4798-9142-32b9fdcc3c67
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: //its.tradelab.fr/?type=tlsync&uuid2=2653647838545845123&callback=tl_sync
x-proxy-origin: 81.95.5.38; 81.95.5.38; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

/
its.tradelab.fr/
Redirect Chain

http://its.tradelab.fr/?type=tp&advid=1074463&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1692072418%2C%22page_url%22%3A%22quicklookfilms.com%2F%22%2C%22dm%22%3A%22quicklookfilms....
https://its.tradelab.fr/?type=tp&advid=1074463&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1692072418%2C%22page_url%22%3A%22quicklookfilms.com%2F%22%2C%22dm%22%3A%22quicklookfilms...
https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm=&google_tc=
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEIDaCLeKQdbvSq6U_KLR8gQ&google_cver=1

43 B
578 B

14ms
14ms

Image
image/gif

85.17.192.105
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEIDaCLeKQdbvSq6U_KLR8gQ&google_cver=1
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 85.17.192.105 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.20.1 / Tradelab ITS / node4.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 04:06:58 GMT
Server: nginx/1.20.1
X-Powered-By: Tradelab ITS / node4.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 04:06:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEIDaCLeKQdbvSq6U_KLR8gQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Raleway-Regular.ttf
quicklookfilms.com/fonts/ 127 KB
128 KB 203ms
12ms Font
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://quicklookfilms.com/fonts/Raleway-Regular.ttf
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/css/main.css?v=2.5
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 169dfb506b814bd50fd1876b301c78ce8213af7e5dcbbb1f5da713f9d67fd909

Request headers

Referer: http://quicklookfilms.com/css/main.css?v=2.5
Origin: http://quicklookfilms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3523
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 130128
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:51 GMT
Server: cloudflare
ETag: "8021cb47aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZK0eqeZBfJE1whAQg8%2B1a2AP04Hi1pFxCFMYGaiHblIr%2FHitR%2BauZfQHRFzPhX%2BRoysBWqcHzJZBhuQ7QX8du7DOawQmdKRTjJpgds9W1sn7O8vibJ06L5Jp42OEYlmAtiynBDhJYzVk688AgN2zV4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/octet-stream
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 7f6e91642ae818cd-FRA

GET
H/1.1 200
OK ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
16 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Raleway

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://quicklookfilms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 03:56:13 GMT
X-Content-Type-Options: nosniff
Age: 519044
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15700
X-XSS-Protection: 0
Last-Modified: Tue, 19 Apr 2022 18:51:55 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 08 Aug 2024 03:56:13 GMT

GET
H/1.1 200
OK ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
16 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Raleway

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://quicklookfilms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 11:46:17 GMT
X-Content-Type-Options: nosniff
Age: 577240
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15660
X-XSS-Protection: 0
Last-Modified: Tue, 19 Apr 2022 18:42:42 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 07 Aug 2024 11:46:17 GMT

GET
H/1.1 410
Gone 7338.js
script.crazyegg.com/pages/scripts/0031/ 0
0 174ms
140ms Script
application/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://script.crazyegg.com/pages/scripts/0031/7338.js?470020
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
CF-Cache-Status: EXPIRED
Last-Modified: Tue, 15 Aug 2023 04:06:57 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400, s-maxage=86400
Connection: keep-alive
CF-RAY: 7f6e91639fb49b1b-FRA
Content-Length: 0

GET
H/1.1 200
OK ui-bg_flat_75_ffffff_40x100.png
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/themes/smoothness/images/ 247 B
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/themes/smoothness/images/ui-bg_flat_75_ffffff_40x100.png

Requested by

Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/themes/smoothness/jquery-ui.css

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

959af9fb0ad51d0ddc87609f764eb301065454a440c2528a9501b2e25b1b7409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/themes/smoothness/jquery-ui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 06:30:17 GMT
X-Content-Type-Options: nosniff
Age: 509800
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 247
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 08 Aug 2024 06:30:17 GMT

GET
H/1.1 200
OK icoArrowLeft.png
quicklookfilms.com/img/ 4 KB
5 KB 391ms
209ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://quicklookfilms.com/img/icoArrowLeft.png?v=1
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/css/slider.css
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 13f41b2adb85d872da382b45c68f9d1a69d9c63861bd7a42f69008fbf512f509

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/css/slider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 4175
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:53 GMT
Server: cloudflare
ETag: "804efc48aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuCl73jnoLIDSaRjP3tQAegMBuaHElx0qEeXEzS%2FSsC0q0eyPF68aVxfhvhCy9wgB2C2%2FybBkeLakF1hTSI7JHmC8h7%2FwQSvXlieIGMkE%2BTxCZGV0BYxH515%2FAv%2Foj%2FUIn4kwXlDMcTlaWAJo2q6SjU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 7f6e91645a632c6a-FRA

GET
H/1.1 200
OK icoArrowRight.png
quicklookfilms.com/img/ 4 KB
5 KB 593ms
209ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://quicklookfilms.com/img/icoArrowRight.png?v=1
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/css/slider.css
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cf6bcb9a434df957d8328130e844d3a1c14a97fe0989c4bb0893371f5f8c447c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/css/slider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 4141
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:53 GMT
Server: cloudflare
ETag: "804efc48aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rogk%2B332QrxotaLKVsi%2FPVBTeudeFyrwOecgUwOBRoHsOhBLNfgkX7vB7%2FsedLvQhjMqNjsTfPn802tn7cVuRafhgZxq4M6WvbB8sD%2BucZgkB3X5i1MFyx366MUUpce0INl4S6ffCWlHxI5KkpyTgz4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 7f6e91659ed64da0-FRA

GET
H/1.1 200
OK camera-loader.gif
quicklookfilms.com/img/ 9 KB
10 KB 670ms
296ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://quicklookfilms.com/img/camera-loader.gif
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/css/slider.css
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 54ecb255faaf5ef40b325def1fe3ed203589d761ddaacc784fd9401c651156d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/css/slider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 9289
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:53 GMT
Server: cloudflare
ETag: "804efc48aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTEbW1ZNNMxt3PPONyyzwDMrDNOUFh%2BB0csDgFV9ZdnDS3gv%2BhSA7IFkVENaRKZeu0sLy4k82RoqvtYPQ87jysvdutK0pYJQZ58pE4PF0PQjddVwT4vJ6lYNKEFlsAsIwfgpRqnaUlPqPH9V4cxdZ5s%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 7f6e91658c271909-FRA

GET
H2 200 330007.jpg
www.movienewsletters.net/media/slider/1200x444/ 494 KB
495 KB 422ms
403ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.movienewsletters.net/media/slider/1200x444/330007.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4953713508b5ac4dc874f1cd23c1926b3bfa11056bff502ca07942863ff1044c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:58 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 505822
x-powered-by-plesk: PleskWin
last-modified: Thu, 27 Jul 2023 20:29:45 GMT
server: cloudflare
etag: "786cc914c9c0d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BHj8taOQdUxWkxw3ZQMZGx7qV15TSNYvUL3Iepd9SJoYGX3CkMbOzWM206DCihMYDCGNsMvQx7wxheCfpKHXXDt3WqGp9KFEkgfzpK6xCEEv3xLB8qmrKLOa0iNNFZhNVFUCbJ0nfl3uN%2Fz7%2B6h4JJNVXflZ%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=18000
accept-ranges: bytes
cf-ray: 7f6e91638d1d2be4-FRA

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 50ms
9ms Image
text/plain 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=16580712&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1692072417826&ns_c=UTF-8&c7=http%3A%2F%2Fquicklookfilms.com%2F&c8=QuickLook%20Films&c9=
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:57 GMT
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: 9ZvaCut1Xiq6nAsTHVObwAfbhdDXAzPvYyGRE0eUUxe3Wv4xgC7cHQ==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK 727499.js Show response
cdn.tradelab.fr/conv/ 5 KB
2 KB 22ms
22ms Script
application/javascript 152.195.132.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.tradelab.fr/conv/727499.js
Requested by: Host: cdn.tradelab.fr
URL: http://cdn.tradelab.fr/fseg/1036.js?add=5415926
Protocol: HTTP/1.1
Server: 152.195.132.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lhb/63D6) /
Resource Hash: 6831b61f057e76a158f30d1ed121779395dd7c23f50240aa183292086f469551

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 May 2018 11:14:03 GMT
Server: ECAcc (lhb/63D6)
Age: 589
Etag: "1283-56d6a72c5083e-gzip"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1800
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 1627
Expires: Tue, 15 Aug 2023 04:36:57 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 3F80 320 KB
104 KB 50ms
12ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fquicklookfilms.com
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (via/F334) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: http://quicklookfilms.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 26237
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Tue, 15 Aug 2023 04:06:57 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (via/F334)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 303 KB
85 KB 18ms
10ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=02695c3417ef0c4a6afbdb8407748a22

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e4fb526a90c00538f57fabb7896d68ea2a83eff03a2090f59b894df071bb20a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://quicklookfilms.com/
Origin: http://quicklookfilms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 15 Aug 2023 04:06:57 GMT
content-md5: V+6KsaXYVo3kH1KNxBPPOQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87041
x-fb-debug: +npGTHfgIgsIctCpRyQHK5yn4y5udXEdFcG/ryvjpORZ/KgXeJh90CP/42kypho9ygtzlANX7DWo6QBIGXo2iw==
x-fb-content-md5: 7445f33dc7493a20584e2e682e753195
cross-origin-opener-policy: same-origin-allow-popups
etag: "4d151dc092a8b259e05fa84f9a781d04"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 14 Aug 2024 00:48:58 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
222 B 16ms
15ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=143891509&t=pageview&_s=1&dl=http%3A%2F%2Fquicklookfilms.com%2F&ul=en-us&de=UTF-8&dt=QuickLook%20Films&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEABAAAAACAAI~&jid=472090813&gjid=2083111320&cid=1278033552.1692072418&tid=UA-48837060-1&_gid=1585259465.1692072418&_slc=1&z=1112083114

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

27abaf9ac46473867f36fe71c0a8b0c68e5dd45278df8caccd9d6a024cbf8b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://quicklookfilms.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 04:06:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://quicklookfilms.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
347 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-48837060-1&cid=1278033552.1692072418&jid=472090813&gjid=2083111320&_gid=1585259465.1692072418&_u=IGBAgEABAAAAAGAAI~&z=1422141033

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://quicklookfilms.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 15 Aug 2023 04:06:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://quicklookfilms.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/
its.tradelab.fr/
Redirect Chain

http://ib.adnxs.com/getuid?//its.tradelab.fr/?type=convr&x=1&uuid2=$UID&cdata=%7B%22a%22%3A727499%2C%22l%22%3A%5B%5D%2C%22i%22%3A7%2C%22c%22%3A30%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%...
https://ib.adnxs.com/sbounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dconvr%26x%3D1%26uuid2%3D%24UID%26cdata%3D%257B%2522a%2522%253A727499%252C%2522l%2522%253A%255B%255D%252C%2522i%2522%253A7%...
https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fgetuid%253F%252F%252Fits.tradelab.fr%252F%253Ftype%253Dconvr%2526x%253D1%2526uuid2%253D%2524UID%2526cdata%253D%25257B%252522a%252522%25253A727499%25252...
https://its.tradelab.fr/?type=convr&x=1&uuid2=9125339332459230009&cdata={%22a%22:727499,%22l%22:[],%22i%22:7,%22c%22:30,%22t%22:%22h%22,%22m%22:%22null%22,%22vi%22:0,%22vc%22:0,%22hf%22:0,%22x%22:{...

43 B
570 B

28ms
14ms

Image
image/gif

85.17.192.105
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=convr&x=1&uuid2=9125339332459230009&cdata={%22a%22:727499,%22l%22:[],%22i%22:7,%22c%22:30,%22t%22:%22h%22,%22m%22:%22null%22,%22vi%22:0,%22vc%22:0,%22hf%22:0,%22x%22:{}}&advid=1074463&xur=quicklookfilms.com/&adata={%22c%22:{%22ref_url%22:%22%22,%22ref_ts%22:1692072418,%22page_url%22:%22quicklookfilms.com/%22,%22dm%22:%22quicklookfilms.com%22},%22v%22:{%22vis_cnt%22:1,%22frst_vis_ts%22:1692072418,%22prev_vis_ts%22:1692072418,%22curr_vis_ts%22:1692072418,%22total_page_cnt%22:1,%22prev_page_cnt%22:1,%22curr_page_cnt%22:1}}
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 85.17.192.105 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.20.1 / Tradelab ITS / node3.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 04:06:57 GMT
Server: nginx/1.20.1
X-Powered-By: Tradelab ITS / node3.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 04:06:57 GMT
an-x-request-uuid: 6846af42-0923-4258-8f26-32cc664ce9c6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: //its.tradelab.fr/?type=convr&x=1&uuid2=9125339332459230009&cdata={"a":727499,"l":[],"i":7,"c":30,"t":"h","m":"null","vi":0,"vc":0,"hf":0,"x":{}}&advid=1074463&xur=quicklookfilms.com/&adata={"c":{"ref_url":"","ref_ts":1692072418,"page_url":"quicklookfilms.com/","dm":"quicklookfilms.com"},"v":{"vis_cnt":1,"frst_vis_ts":1692072418,"prev_vis_ts":1692072418,"curr_vis_ts":1692072418,"total_page_cnt":1,"prev_page_cnt":1,"curr_page_cnt":1}}
x-proxy-origin: 81.95.5.38; 81.95.5.38; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sbounce
ib.adnxs.com/
Redirect Chain

http://ib.adnxs.com/px?id=727499&t=2
https://ib.adnxs.com/sbounce?%2Fpx%3Fid%3D727499%26t%3D2

43 B
837 B

19ms
19ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/sbounce?%2Fpx%3Fid%3D727499%26t%3D2

Requested by

Host: quicklookfilms.com
URL: http://quicklookfilms.com/

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 04:06:57 GMT
an-x-request-uuid: a777ea32-8b73-4b92-a944-196a1f6f0960
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.38; 81.95.5.38; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 04:06:57 GMT
AN-X-Request-Uuid: 380d4b75-38e7-4a5c-af47-3934154cb3af
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/sbounce?%2Fpx%3Fid%3D727499%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.38; 81.95.5.38; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sbounce
ib.adnxs.com/
Redirect Chain

http://ib.adnxs.com/seg?add=5415926&t=2
https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D5415926%26t%3D2

43 B
835 B

32ms
31ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D5415926%26t%3D2

Requested by

Host: quicklookfilms.com
URL: http://quicklookfilms.com/

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 04:06:58 GMT
an-x-request-uuid: 2b424f28-5419-4c09-8b41-4619c3430de4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.38; 81.95.5.38; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Tue, 15 Aug 2023 04:06:57 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.38; 81.95.5.38; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f63e3bff-3f7a-4454-b3c7-1792faf52f4e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D5415926%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

/
its.tradelab.fr/
Redirect Chain

http://ib.adnxs.com/getuid?//its.tradelab.fr/?type=fseg&uuid2=$UID&sid=5415926&val=undefined&fun=1036&step=1&siev=5415922&fp=0&advid=1074463&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010....
https://ib.adnxs.com/sbounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dfseg%26uuid2%3D%24UID%26sid%3D5415926%26val%3Dundefined%26fun%3D1036%26step%3D1%26siev%3D5415922%26fp%3D0%26advid%3D107446...
https://its.tradelab.fr/?type=fseg&uuid2=9125339332459230009&sid=5415926&val=undefined&fun=1036&step=1&siev=5415922&fp=0&advid=1074463&isregen=0&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3...

43 B
873 B

16ms
15ms

Image
image/gif

85.17.192.105
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=fseg&uuid2=9125339332459230009&sid=5415926&val=undefined&fun=1036&step=1&siev=5415922&fp=0&advid=1074463&isregen=0&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36&ur=http%3A%2F%2Fquicklookfilms.com%2F&adata={%22c%22:{%22ref_url%22:%22%22,%22ref_ts%22:1692072418,%22page_url%22:%22quicklookfilms.com/%22,%22dm%22:%22quicklookfilms.com%22},%22v%22:{%22vis_cnt%22:1,%22frst_vis_ts%22:1692072418,%22prev_vis_ts%22:1692072418,%22curr_vis_ts%22:1692072418,%22total_page_cnt%22:1,%22prev_page_cnt%22:1,%22curr_page_cnt%22:1}}
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 85.17.192.105 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.20.1 / Tradelab ITS / node4.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 04:06:58 GMT
Server: nginx/1.20.1
X-Powered-By: Tradelab ITS / node4.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 04:06:57 GMT
an-x-request-uuid: 2c2a3a52-9a7a-4bfc-ae99-1cbac6d432e8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: //its.tradelab.fr/?type=fseg&uuid2=9125339332459230009&sid=5415926&val=undefined&fun=1036&step=1&siev=5415922&fp=0&advid=1074463&isregen=0&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36&ur=http%3A%2F%2Fquicklookfilms.com%2F&adata={"c":{"ref_url":"","ref_ts":1692072418,"page_url":"quicklookfilms.com/","dm":"quicklookfilms.com"},"v":{"vis_cnt":1,"frst_vis_ts":1692072418,"prev_vis_ts":1692072418,"curr_vis_ts":1692072418,"total_page_cnt":1,"prev_page_cnt":1,"curr_page_cnt":1}}
x-proxy-origin: 81.95.5.38; 81.95.5.38; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
79 KB 45ms
22ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HN4K57RHDY&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7fdf37b4aeb89696aef1c1367c6d6ee2c1ec30649412f8add066fb69768540aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80586
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 15 Aug 2023 04:06:57 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 3F80 869 B
658 B 147ms
116ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=b5a17477b84a87f3f11cdc1dcbe60934d4079176

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fquicklookfilms.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-response-time: 109
date: Tue, 15 Aug 2023 04:06:57 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Tue, 15 Aug 2023 04:06:58 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 21c035f6ff534863
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: f16d900db26cd006ec63f0233fabe1f298b19a11ab2f9825da7a7fa666182ea4
content-length: 337

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/ 400 KB
127 KB 68ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e1d11e09ae5619685a66e50267d80bc6b716e2a3d9377b922ead3c32cba527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 23:26:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16839
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129236
x-xss-protection: 0
server: cafe
etag: 3196626984536983108
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 13 Aug 2024 23:26:19 GMT

GET
H2

200

sbounce
ib.adnxs.com/
Redirect Chain

http://ib.adnxs.com/seg?add=2491894:23&t=2
https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D2491894%3A23%26t%3D2

43 B
838 B

20ms
20ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D2491894%3A23%26t%3D2

Requested by

Host: quicklookfilms.com
URL: http://quicklookfilms.com/

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 04:06:58 GMT
an-x-request-uuid: c7d99cc5-ceb5-4045-9efd-ed095bdb26a5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.38; 81.95.5.38; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.38; 81.95.5.38; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e83c62e6-7bf7-4a87-9592-e426a83d39e2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D2491894%3A23%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 impl.20230814-2-RELEASE.js Show response
cdn.taboola.com/libtrc/ 799 KB
166 KB 24ms
6ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230814-2-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/westworldmedia-quicklookfilms/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 0d1cb4b0238ec323a99cb8f9f53371f65403f15d700d0b439c63e55dd500e9b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: qNuTXeo5afW_RmIYO47oxPsajPNu7EXi
content-encoding: br
via: 1.1 varnish
date: Tue, 15 Aug 2023 04:06:58 GMT
x-amz-request-id: F0RTGJK91RPAC6HV
age: 9122
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 169124
x-amz-id-2: 7HdCjond6cBzwM4zLEtJk1g5WDc5fM6U2PixSYAA1HAEAQmU2AcTxs4D5fqviMoFFHxWZSxopJg=
x-served-by: cache-fra-eddf8230030-FRA
last-modified: Mon, 14 Aug 2023 09:34:56 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692072418.048152,VS0,VE0
etag: "6675b33efe6d09617005e09bb61f34c0"
vary: Accept-Encoding
content-type: application/javascript
abp: 93
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 9001

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 38ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HN4K57RHDY&gtm=45je3890&_p=143891509&ul=en-us&sr=1600x1200&cid=1278033552.1692072418&ir=1&_eu=EBAI&_s=1&dl=http%3A%2F%2Fquicklookfilms.com%2F&dt=QuickLook%20Films&sid=1692072418&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HN4K57RHDY&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 04:06:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://quicklookfilms.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 685 B
606 B 57ms
56ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1634471582799380&correlator=2008170942580916&eid=31076398%2C31076768&output=ldjh&gdfp_req=1&vrg=202308080102&ptt=17&impl=fif&iu_parts=9518146%2CSkin&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=0&cookie_enabled=1&abxe=1&dt=1692072418109&lmt=1692065218&adxs=288&adys=50&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&bc=23&nvt=1&url=http%3A%2F%2Fquicklookfilms.com%2F&frm=20&vis=1&psz=1024x202&msz=1x-1&fws=0&ohw=0&ga_vid=1278033552.1692072418&ga_sid=1692072418&ga_hid=143891509&ga_fc=true&dlt=1692072416726&idt=1343&adks=2706720404

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c1290525a657b4ecded05fa6353f2bd355a256e017c41363e04dbf8a702981e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 335
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://quicklookfilms.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
15 KB 1165ms
1164ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1634471582799380&correlator=2008170942580916&eid=31076398%2C31076768&output=ldjh&gdfp_req=1&vrg=202308080102&ptt=17&impl=fif&iu_parts=9518146%2CQuicklook_Films&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&sfv=1-0-40&sc=0&cookie_enabled=1&abxe=1&dt=1692072418119&lmt=1692065218&adxs=436&adys=66&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&bc=23&nvt=1&url=http%3A%2F%2Fquicklookfilms.com%2F&frm=20&vis=1&psz=1024x90&msz=728x90&fws=0&ohw=0&ga_vid=1278033552.1692072418&ga_sid=1692072418&ga_hid=143891509&ga_fc=true&dlt=1692072416726&idt=1343&adks=2391630858

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66122fb16f80444b6ba7aebe0fdffe0322e77474d72f7bc5cc23cb36fcb73673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:59 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15444
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://quicklookfilms.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
14 KB 2415ms
2414ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1634471582799380&correlator=2008170942580916&eid=31076398%2C31076768&output=ldjh&gdfp_req=1&vrg=202308080102&ptt=17&impl=fif&iu_parts=9518146%2CQuicklook_Films_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&sfv=1-0-40&sc=0&cookie_enabled=1&abxe=1&dt=1692072418127&lmt=1692065218&adxs=1001&adys=698&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&bc=23&nvt=1&url=http%3A%2F%2Fquicklookfilms.com%2F&frm=20&vis=1&psz=351x584&msz=300x250&fws=0&ohw=0&ga_vid=1278033552.1692072418&ga_sid=1692072418&ga_hid=143891509&ga_fc=true&dlt=1692072416726&idt=1343&adks=3032067773

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9593840b3f6515729ef624ba0ce327079e5bb525c1baa2471e3d950957750294

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14126
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://quicklookfilms.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
15 KB 545ms
544ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1634471582799380&correlator=2008170942580916&eid=31076398%2C31076768&output=ldjh&gdfp_req=1&vrg=202308080102&ptt=17&impl=fif&iu_parts=9518146%2CQuicklook_Films_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&sfv=1-0-40&sc=0&cookie_enabled=1&abxe=1&dt=1692072418131&lmt=1692065218&adxs=436&adys=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&bc=23&nvt=1&url=http%3A%2F%2Fquicklookfilms.com%2F&frm=20&vis=1&psz=1054x135&msz=728x90&fws=0&ohw=0&ga_vid=1278033552.1692072418&ga_sid=1692072418&ga_hid=143891509&ga_fc=true&dlt=1692072416726&idt=1343&adks=1467667085

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99b13726936c336d2c1413b6dfd28f7f1503df1500909f6bc2ed873bf298add3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:58 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15699
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://quicklookfilms.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 2408ms
2407ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1634471582799380&correlator=2008170942580916&eid=31076398%2C31076768&output=ldjh&gdfp_req=1&vrg=202308080102&ptt=17&impl=fif&iu_parts=9518146%2CGumGum&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=5&sfv=1-0-40&sc=0&cookie_enabled=1&abxe=1&dt=1692072418133&lmt=1692065218&adxs=0&adys=1725&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&bc=23&nvt=1&url=http%3A%2F%2Fquicklookfilms.com%2F&frm=20&vis=1&psz=1600x1200&msz=1x-1&fws=0&ohw=0&ga_vid=1278033552.1692072418&ga_sid=1692072418&ga_hid=143891509&ga_fc=true&dlt=1692072416726&idt=1343&adks=3420472352

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e63eb6748cf55aef366ebc7983f036ad435162b132f7caf6829016c16a6e5a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11662
x-xss-protection: 0
google-lineitem-id: 31379346
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 62482652346
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://quicklookfilms.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FBBE 6 KB
3 KB 85ms
14ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://quicklookfilms.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 04:06:58 GMT
expires: Wed, 14 Aug 2024 04:06:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync Show response
gum.criteo.com/
Redirect Chain

http://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

46 B
288 B

51ms
16ms

Script
text/javascript

2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: quicklookfilms.com
URL: http://quicklookfilms.com/

Protocol

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:57 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 188802
expires: 60

Redirect headers

location: https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
cache-control: no-cache
content-length: 0

GET
H/1.1 200
OK timeline.16b53cc33aaa562f8f41a495bf720289.js Show response
platform.twitter.com/js/ 8 KB
4 KB 13ms
12ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.16b53cc33aaa562f8f41a495bf720289.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (via/F348) /
Resource Hash: 7cccd8f78bd73c79f1281052eb4c9bdf6f38386fca206da9954fdf24ab0784af

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
Content-Encoding: gzip
Age: 26234
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2964
Last-Modified: Tue, 24 Jan 2023 21:41:06 GMT
Server: ECS (via/F348)
Etag: "569768187d20181e1cdea6aa19f3a4b4+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 QuicklookFilms Show response
syndication.twitter.com/srv/timeline-profile/screen-name/ Frame DCDC 5 KB
2 KB 147ms
147ms Document
text/html 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/srv/timeline-profile/screen-name/QuicklookFilms?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=http%3A%2F%2Fquicklookfilms.com%2F&sessionId=b5a17477b84a87f3f11cdc1dcbe60934d4079176&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486

Requested by

Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

24a72f979982be644eaef37a9f764e5cf3a2cf08490b15f531161add38dfb0cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Xss-Protection	0

Request headers

Referer: http://quicklookfilms.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: must-revalidate, max-age=60
content-encoding: gzip
content-length: 1833
content-type: text/html; charset=utf-8
date: Tue, 15 Aug 2023 04:06:58 GMT
etag: "1495-13ymKdqQ8DzSqvRmzJbnZLervlI"
perf: 7626143928
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: f16d900db26cd006ec63f0233fabe1f298b19a11ab2f9825da7a7fa666182ea4
x-response-time: 140
x-transaction-id: c0c641c0bc13ba39
x-xss-protection: 0

GET
H2 200 319124.jpg
www.movienewsletters.net/media/slider/1200x444/ 682 KB
683 KB 402ms
401ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.movienewsletters.net/media/slider/1200x444/319124.jpg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 98083ffea7eb52ce6b47022ca28825d390edf3eb0319720a5f146827d7464b0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:58 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 698251
x-powered-by-plesk: PleskWin
last-modified: Fri, 14 Jul 2023 20:17:51 GMT
server: cloudflare
etag: "5e1f224490b6d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DzYKmVa4UTsa4EPuA68qAxYBEHHvDnIVFbkvv5iVwQoWArdVeRhG5QUruLWsc3EOnZERBK5h2Sd0kO7Wq0YuvNjCmQOv189dIGD7ovHyAeFIcpUP045sKv2H2jn7fHqoZXWo9g5eEwSQwoEa3OqYF%2BwkVtJ6z8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=18000
accept-ranges: bytes
cf-ray: 7f6e91664fdc2be4-FRA

GET
H/1.1 200
OK runtime-75988d973649e14b4423.js Show response
platform.twitter.com/_next/static/chunks/ Frame DCDC 4 KB
3 KB 15ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/runtime-75988d973649e14b4423.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/QuicklookFilms?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=http%3A%2F%2Fquicklookfilms.com%2F&sessionId=b5a17477b84a87f3f11cdc1dcbe60934d4079176&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (via/F344) /
Resource Hash: 1e37c18b39bde02cc0eae871e8d177c1fc8eba913257e7d8384ccbfc3efd126d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
Content-Encoding: gzip
Age: 26170
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2232
Last-Modified: Mon, 14 Aug 2023 20:48:19 GMT
Server: ECS (via/F344)
Etag: "0ae972f2263ac0910d8771fec4e384a8+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK modules.20f98d7498a59035a762.js Show response
platform.twitter.com/_next/static/chunks/ Frame DCDC 286 KB
94 KB 34ms
18ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/QuicklookFilms?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=http%3A%2F%2Fquicklookfilms.com%2F&sessionId=b5a17477b84a87f3f11cdc1dcbe60934d4079176&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (via/F343) /
Resource Hash: 9013a9ca40a672ee35978b117e54d8b342cb591e8951f599a2b6dfef9d9fa723

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
Content-Encoding: gzip
Age: 26237
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 95842
Last-Modified: Mon, 14 Aug 2023 20:48:20 GMT
Server: ECS (via/F343)
Etag: "1c54378254eefb52fea75b3c31dfe51d+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK main-fd9ef5eb169057cda26d.js Show response
platform.twitter.com/_next/static/chunks/ Frame DCDC 90 B
682 B 54ms
19ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/main-fd9ef5eb169057cda26d.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/QuicklookFilms?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=http%3A%2F%2Fquicklookfilms.com%2F&sessionId=b5a17477b84a87f3f11cdc1dcbe60934d4079176&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (via/F34A) /
Resource Hash: eefd62bfe6d0ad2f3f2b7bddb8f2c46d7c8b6ed4897e3f9309968a58dc078753

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
Age: 26238
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 90
Last-Modified: Mon, 14 Aug 2023 20:48:19 GMT
Server: ECS (via/F34A)
Etag: "1d1fa0644a94523711b2bb99a8d652bc"
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes

GET
H/1.1 200
OK _app-de607716f6c37dff4b26.js Show response
platform.twitter.com/_next/static/chunks/pages/ Frame DCDC 1 KB
1 KB 55ms
17ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/pages/_app-de607716f6c37dff4b26.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/QuicklookFilms?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=http%3A%2F%2Fquicklookfilms.com%2F&sessionId=b5a17477b84a87f3f11cdc1dcbe60934d4079176&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (via/F337) /
Resource Hash: 729cfa84928e7a87a4a4551df25c1406da86af8f0ebd2f579460546d11722326

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
Content-Encoding: gzip
Age: 26169
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 668
Last-Modified: Mon, 14 Aug 2023 20:48:19 GMT
Server: ECS (via/F337)
Etag: "2856f57c62c238a564ef576bbc50ca4a+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK %5BscreenName%5D-c33f0b02841cffc3e9b4.js Show response
platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/ Frame DCDC 13 KB
2 KB 71ms
16ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c33f0b02841cffc3e9b4.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/QuicklookFilms?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=http%3A%2F%2Fquicklookfilms.com%2F&sessionId=b5a17477b84a87f3f11cdc1dcbe60934d4079176&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (via/F342) /
Resource Hash: bd18e405cbfb6fb5c27224b38e792c8b6542d9b7eae37aa5883808b69392dcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
Content-Encoding: gzip
Age: 26238
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 1290
Last-Modified: Mon, 14 Aug 2023 20:48:19 GMT
Server: ECS (via/F342)
Etag: "e78034c651c8a81b2acd83dc7e7ad407+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK _buildManifest.js Show response
platform.twitter.com/_next/static/PoFtMrC2EnsQdaS_5zY_p/ Frame DCDC 1 KB
1 KB 70ms
15ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/PoFtMrC2EnsQdaS_5zY_p/_buildManifest.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/QuicklookFilms?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=http%3A%2F%2Fquicklookfilms.com%2F&sessionId=b5a17477b84a87f3f11cdc1dcbe60934d4079176&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (via/F340) /
Resource Hash: 7a4a63c52bdfab0ab459b1b77dad4a4ce4e1f7dfdfdba0b2013ba32f0690e15f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
Content-Encoding: gzip
Age: 26169
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 451
Last-Modified: Mon, 14 Aug 2023 20:48:19 GMT
Server: ECS (via/F340)
Etag: "bd9a3afe8a64146469f036be13628170+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK _ssgManifest.js Show response
platform.twitter.com/_next/static/PoFtMrC2EnsQdaS_5zY_p/ Frame DCDC 76 B
668 B 56ms
16ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/PoFtMrC2EnsQdaS_5zY_p/_ssgManifest.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/QuicklookFilms?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=http%3A%2F%2Fquicklookfilms.com%2F&sessionId=b5a17477b84a87f3f11cdc1dcbe60934d4079176&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (via/F340) /
Resource Hash: 653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
Age: 26169
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 76
Last-Modified: Mon, 14 Aug 2023 20:48:19 GMT
Server: ECS (via/F340)
Etag: "abee47769bf307639ace4945f9cfd4ff"
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes

GET
H/1.1 200
OK 2.691622e4391d1973cb65.js Show response
platform.twitter.com/_next/static/chunks/ Frame DCDC 23 KB
8 KB 13ms
12ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-75988d973649e14b4423.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (via/F33B) /
Resource Hash: 2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
Content-Encoding: gzip
Age: 26238
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 7674
Last-Modified: Mon, 14 Aug 2023 20:48:19 GMT
Server: ECS (via/F33B)
Etag: "942b5b928a24465d1906b4716131d896+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 16.3d8605c18391bfe2b961.js Show response
platform.twitter.com/_next/static/chunks/ Frame DCDC 37 KB
12 KB 13ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/16.3d8605c18391bfe2b961.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-75988d973649e14b4423.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (via/F345) /
Resource Hash: 2490fea191b5a798a27664468e329cc9c3d3fedf5e3c7859e9f9533dfd339d07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
Content-Encoding: gzip
Age: 26167
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 12103
Last-Modified: Mon, 14 Aug 2023 20:48:19 GMT
Server: ECS (via/F345)
Etag: "6e3053b49fc612ef9a0432ba6c10a765+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 0.94e812be49231edff958.js Show response
platform.twitter.com/_next/static/chunks/ Frame DCDC 238 KB
75 KB 13ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/0.94e812be49231edff958.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-75988d973649e14b4423.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (via/F33F) /
Resource Hash: 277dcbd87d742dfbdb42b3e53fc7c95c9fe3867ddc14464359500839cce66e6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
Content-Encoding: gzip
Age: 26167
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 75774
Last-Modified: Mon, 14 Aug 2023 20:48:20 GMT
Server: ECS (via/F33F)
Etag: "62ac95d5064b0dea377d5a399c8d49d2+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 4.19ae9b657eae0fa6ceba.js Show response
platform.twitter.com/_next/static/chunks/ Frame DCDC 242 KB
65 KB 16ms
15ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/4.19ae9b657eae0fa6ceba.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-75988d973649e14b4423.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (via/F343) /
Resource Hash: 4c795f340fd73e0232bce6bb770d7ae9388c76ca5743ed81daf3ba881898749c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
Content-Encoding: gzip
Age: 26166
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 65924
Last-Modified: Mon, 14 Aug 2023 20:48:19 GMT
Server: ECS (via/F343)
Etag: "6fd15a0f63548f3bb78425e5c7c5b0e5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 1.bfa94a0b574ca833b660.js Show response
platform.twitter.com/_next/static/chunks/ Frame DCDC 160 KB
48 KB 15ms
14ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/1.bfa94a0b574ca833b660.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-75988d973649e14b4423.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (via/F336) /
Resource Hash: da7f639dfff5d11ba9070a3b70961d1b06bf9a34a5915e9ef6047b4202850597

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
Content-Encoding: gzip
Age: 26166
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 49000
Last-Modified: Mon, 14 Aug 2023 20:48:20 GMT
Server: ECS (via/F336)
Etag: "4574603d310e9c27c0539972b1014ddc+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 3.466f028aa5d70a354b1e.js Show response
platform.twitter.com/_next/static/chunks/ Frame DCDC 655 KB
161 KB 15ms
15ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/3.466f028aa5d70a354b1e.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-75988d973649e14b4423.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (via/F337) /
Resource Hash: 6360ae9b956833f04c24380614aebe1f09861af62e3417dfebac2ca89a275740

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
Content-Encoding: gzip
Age: 26166
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 164348
Last-Modified: Mon, 14 Aug 2023 20:48:20 GMT
Server: ECS (via/F337)
Etag: "d8b9d0fe9d76842eb579884a31ff24ee+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 6.803d7ffe2f85c90c4756.js Show response
platform.twitter.com/_next/static/chunks/ Frame DCDC 2 KB
2 KB 13ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/6.803d7ffe2f85c90c4756.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-75988d973649e14b4423.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (via/F33B) /
Resource Hash: 713a5085778002ac882de664c065bc7a55a26c6091d12c39a038bac7b70dcf45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
Content-Encoding: gzip
Age: 26165
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 1276
Last-Modified: Mon, 14 Aug 2023 20:48:19 GMT
Server: ECS (via/F33B)
Etag: "0e9ca787dfdcbf5ffeb7df678ec8f6df+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK ondemand.Dropdown.f0a0bb54100442a0a0b9.js Show response
platform.twitter.com/_next/static/chunks/ Frame DCDC 7 KB
3 KB 13ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/ondemand.Dropdown.f0a0bb54100442a0a0b9.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-75988d973649e14b4423.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (via/F348) /
Resource Hash: 1c0486acafe63a074adbd08ecc9cad99ee106f3701e2b93c2a75533774f7faba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
Content-Encoding: gzip
Age: 26165
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2822
Last-Modified: Mon, 14 Aug 2023 20:48:19 GMT
Server: ECS (via/F348)
Etag: "ee85bb78f0eb1080fd5fc8c4d4cddbb8+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 jot
syndication.twitter.com/i/ Frame DCDC 43 B
104 B 112ms
111ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1692072418594%2C%22event_namespace%22%3A%7B%22action%22%3A%22no-results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22http%3A%2F%2Fquicklookfilms.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22c313639%3A1692044021933%22%2C%22widget_data_source%22%3A%22screen-name%3AQuicklookFilms%22%7D&session_id=b5a17477b84a87f3f11cdc1dcbe60934d4079176

Requested by

Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/QuicklookFilms?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=http%3A%2F%2Fquicklookfilms.com%2F&sessionId=b5a17477b84a87f3f11cdc1dcbe60934d4079176&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/srv/timeline-profile/screen-name/QuicklookFilms?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=http%3A%2F%2Fquicklookfilms.com%2F&sessionId=b5a17477b84a87f3f11cdc1dcbe60934d4079176&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-response-time: 104
date: Tue, 15 Aug 2023 04:06:58 GMT
strict-transport-security: max-age=631138519
last-modified: Tue, 15 Aug 2023 04:06:58 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 260b54c073deb0dd
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: f16d900db26cd006ec63f0233fabe1f298b19a11ab2f9825da7a7fa666182ea4
content-length: 43

GET
H2 200 container.html Show response
838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 46FB 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://quicklookfilms.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 04:06:58 GMT
expires: Wed, 14 Aug 2024 04:06:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK blank.gif
quicklookfilms.com/img/ 1 KB
2 KB 205ms
204ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://quicklookfilms.com/img/blank.gif
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/css/slider.css
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 601b0d76b7835742df77dc85298ce05864fde10002999ecf3c8cf0e1d1649cda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/css/slider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: ASP.NET
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 1093
X-Powered-By-Plesk: PleskWin
Last-Modified: Mon, 05 Feb 2018 17:53:53 GMT
Server: cloudflare
ETag: "804efc48aa9ed31:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KY%2BpcrhOMMRHogvKA7KoOFoeS%2BcKaT2%2B92UqEsz9xhkkKL55paTVe31t9yptFnXzj5zTpCi%2BN9bKT%2F7Z684NIWEkMJdNR6lu%2BW%2BDgsIJJ%2BYuBMswGixY9ypCckoPtz7RMg0RJQRioaBDZGoFkJAZl%2Fo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 7f6e9168ff8e1909-FRA

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 4850 2 KB
2 KB 55ms
36ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kt71fxer9gbvp4k0pj46bn8fgjvvccx4z112c8vzzyd4qm5ag61e63bfzcj3y78zhxmt47fcb4jet3bj8xvh1pnfeb5wbj8nn2bzzyk3qpds0v53arxc72y6f1var8nghtgxtyjqmn571jyes7vj26at2dv4wc9kddydtz7j3nc35fe7sef8nwh1wg3vdtkv7sfv161km2v3bs0canvt1qqn1cqxt47hnex6qk6pg8brsrgwkfjn1yt5vmbmm3h3cgn4a3ey3mqt01sxad5d15hh2ey5vn5cbmkp8f3aknpk73dgx4kkdk29jdagn4911jynjqmh7vgv4s2fk0qxgqrzghbndp5y00k2jq0e8ff9bfwt6hwd2v9aza9578da916w2925gd7wgecc4mdakzenf50z2tkw8xenkwfytrt9kcm945a4nzp07b3fn373n69chm18w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChCcD4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTvAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWPGMqGrT4etkIkU75Gm1YVX2eavTxMe_QX0Vn2NQtz2FaUGmdBCg1xyF4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1St17gwTzTdYFhEsuBRmUFJNQq_g%26client%3Dca-pub-4040799255774499%26adurl%3D

Requested by

Host: 838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com
URL: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50f1a9d613aa252f622a0bc97c69d868534c5397b7bdcd9b2a84a68a8766638a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7f6e9169290c2c33-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 04:06:58 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 46FB 3 KB
1 KB 42ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js

Requested by

Host: 838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com
URL: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:29:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49025
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:29:53 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B3E4 1 KB
847 B 7ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com
URL: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67071
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 09:29:07 GMT
etag: 48472445140208031
expires: Tue, 15 Aug 2023 09:29:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 46FB 20 KB
8 KB 40ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com
URL: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:29:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49025
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:29:53 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 46FB 0
0 17ms
15ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOQsPB3qN86ZiLF7hh707B6BoE4ubWQRYsqj9Ttw68dKWnS6nean_81dA0cKNtoR3J67REpxrNtSMBNeL9Q2vZd3Ly0Q
Requested by: Host: 838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com
URL: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 46FB 24 KB
6 KB 41ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com
URL: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 17:00:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40014
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 13 Aug 2024 17:00:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 46FB 180 KB
57 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com
URL: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 04:06:58 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame B3E4 35 B
465 B 46ms
8ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED-wZDsmkeRnw1u9rPsiV9w&google_cver=1&google_push=AXcoOmQtTQ6gu-ISzJXHsgzQfo1YEU_CoEIbVeUyqJwEZdzEVWiDq1sGXToh6_xfNKMoFTuV12QPTphBIl2CZKVfs05_TP_h9HPAaEfA

Requested by

Host: 838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com
URL: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 04:06:58 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame B3E4 0
104 B 74ms
22ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELk2cNrt-x6_62dDeJ9E0wU&google_cver=1&google_push=AXcoOmRNO9rlx9pHyQ_tSBFKpF6TUbXPoq-DXuFQXZ5zpWG5DZ52V50750uxvCUMrWjH5wS0qpgV6WO45yvaim2Bjrbfteihemp2i3XL
Requested by: Host: 838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com
URL: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 04:06:58 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B3E4
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJ93PcUht0qtcWO__2nDgpk&google_cver=1&google_push=AXcoOmQ-DkJCKoV2n7ER7rVGEUUixry09k1t5PNx_08kyq6OC-Vq8LhrBoiFsH0wqHwWWnMxH02OVPCJ7pP-NgLx...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQ-DkJCKoV2n7ER7rVGEUUixry09k1t5PNx_08kyq6OC-Vq8LhrBoiFsH0wqHwWWnMxH02OVPCJ7pP-NgLxtaGi-wvHOAwiWVUd

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQ-DkJCKoV2n7ER7rVGEUUixry09k1t5PNx_08kyq6OC-Vq8LhrBoiFsH0wqHwWWnMxH02OVPCJ7pP-NgLxtaGi-wvHOAwiWVUd

Requested by

Host: 838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com
URL: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 04:06:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 15 Aug 2023 04:06:58 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x28 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQ-DkJCKoV2n7ER7rVGEUUixry09k1t5PNx_08kyq6OC-Vq8LhrBoiFsH0wqHwWWnMxH02OVPCJ7pP-NgLxtaGi-wvHOAwiWVUd
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 15 Aug 2023 04:06:57 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B3E4
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEP5L0wLBeW0h62wW1cPbaWw&google_cver=1&google_push=AXcoOmRymoWRUkJa5agL_oCUCKhpjee7zUrTKEpvgjX3yGRwqKJSshhi7wS9stzlqY9zrLxaU7uLm6OOIoSZ6IiK81mhTTLhLM_k1o6i
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1CE53BEEE9DD41478189E655A1E1C327&google_push=AXcoOmRymoWRUkJa5agL_oCUCKhpjee7zUrTKEpvgjX3yGRwqKJSshhi7wS9stzlqY9zrLxaU7uLm6OOIoSZ6Ii...

170 B
188 B

20ms
20ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1CE53BEEE9DD41478189E655A1E1C327&google_push=AXcoOmRymoWRUkJa5agL_oCUCKhpjee7zUrTKEpvgjX3yGRwqKJSshhi7wS9stzlqY9zrLxaU7uLm6OOIoSZ6IiK81mhTTLhLM_k1o6i

Requested by

Host: 838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com
URL: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 04:06:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 15 Aug 2023 04:06:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1CE53BEEE9DD41478189E655A1E1C327&google_push=AXcoOmRymoWRUkJa5agL_oCUCKhpjee7zUrTKEpvgjX3yGRwqKJSshhi7wS9stzlqY9zrLxaU7uLm6OOIoSZ6IiK81mhTTLhLM_k1o6i
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 14 Aug 2023 04:06:58 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame B3E4 43 B
146 B 154ms
7ms Image
image/gif 18.198.19.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFvhFVIBMR_LO9SyfrZZ37g&google_cver=1&google_push=AXcoOmRJINAhfLWfMkx9CyW6E9rFhtP4t3VrBknKYAE1ZSjRi9DYjO8gDsqudukHs8uNy39e2jj-kPnyXPvvMTaPuwPZwNK4hQncjNqW
Requested by: Host: 838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com
URL: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.19.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-19-227.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame B3E4 42 B
213 B 53ms
15ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESECKR5yuk71TtTMaEQIWVkSM&google_push=AXcoOmSobw8c5XqEot3pieXWzzQqwgf79QA22iLUPsOVmcDky7LX8LCUwgFPRucczVm7iTJtCNkoOoyPVLFAwA0QShHySwlAYo3JoaOW&google_cver=1
Requested by: Host: 838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com
URL: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:58 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B3E4
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ7avXR2EZwjy309Pc2DFYk&google_cver=1&google_push=AXcoOmRwxw5roHj7lhiOGs3NWdEKa53Big5cEwpYH3lSsWl6IHIzBjOriPPHZoEX59zW00ip24qNfcoT...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJ7avXR2EZwjy309Pc2DFYk&google_cver=1&google_push=AXcoOmRwxw5roHj7lhiOGs3NWdEKa53Big5cEwpYH3lSsWl6IHIzBjOriPPHZoEX59zW00ip24q...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk1MTY5ODQ3MTQ1MzYxMDAyNw&google_push=AXcoOmRwxw5roHj7lhiOGs3NWdEKa53Big5cEwpYH3lSsWl6IHIzBjOriPPHZoEX59zW00ip24qNfc...

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk1MTY5ODQ3MTQ1MzYxMDAyNw&google_push=AXcoOmRwxw5roHj7lhiOGs3NWdEKa53Big5cEwpYH3lSsWl6IHIzBjOriPPHZoEX59zW00ip24qNfcoTVXZNpksGE1VfudXRfdNbSKyE

Requested by

Host: 838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com
URL: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 04:06:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 04:06:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk1MTY5ODQ3MTQ1MzYxMDAyNw&google_push=AXcoOmRwxw5roHj7lhiOGs3NWdEKa53Big5cEwpYH3lSsWl6IHIzBjOriPPHZoEX59zW00ip24qNfcoTVXZNpksGE1VfudXRfdNbSKyE
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B3E4 0
12 B 16ms
14ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KibE-w_z3nqo_TyHO7jPUjV7ULZV13qqxoffnU6MxadRvifXe-LJZWgL25A6R5q4g_3xxz

Requested by

Host: 838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com
URL: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 46FB 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4289a0cb6e10f86dfe4469aebd5699ce251b879223905d47fdac6acc6ecf54e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 4850 114 KB
14 KB 19ms
18ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kt71fxer9gbvp4k0pj46bn8fgjvvccx4z112c8vzzyd4qm5ag61e63bfzcj3y78zhxmt47fcb4jet3bj8xvh1pnfeb5wbj8nn2bzzyk3qpds0v53arxc72y6f1var8nghtgxtyjqmn571jyes7vj26at2dv4wc9kddydtz7j3nc35fe7sef8nwh1wg3vdtkv7sfv161km2v3bs0canvt1qqn1cqxt47hnex6qk6pg8brsrgwkfjn1yt5vmbmm3h3cgn4a3ey3mqt01sxad5d15hh2ey5vn5cbmkp8f3aknpk73dgx4kkdk29jdagn4911jynjqmh7vgv4s2fk0qxgqrzghbndp5y00k2jq0e8ff9bfwt6hwd2v9aza9578da916w2925gd7wgecc4mdakzenf50z2tkw8xenkwfytrt9kcm945a4nzp07b3fn373n69chm18w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChCcD4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTvAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWPGMqGrT4etkIkU75Gm1YVX2eavTxMe_QX0Vn2NQtz2FaUGmdBCg1xyF4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1St17gwTzTdYFhEsuBRmUFJNQq_g%26client%3Dca-pub-4040799255774499%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kt71fxer9gbvp4k0pj46bn8fgjvvccx4z112c8vzzyd4qm5ag61e63bfzcj3y78zhxmt47fcb4jet3bj8xvh1pnfeb5wbj8nn2bzzyk3qpds0v53arxc72y6f1var8nghtgxtyjqmn571jyes7vj26at2dv4wc9kddydtz7j3nc35fe7sef8nwh1wg3vdtkv7sfv161km2v3bs0canvt1qqn1cqxt47hnex6qk6pg8brsrgwkfjn1yt5vmbmm3h3cgn4a3ey3mqt01sxad5d15hh2ey5vn5cbmkp8f3aknpk73dgx4kkdk29jdagn4911jynjqmh7vgv4s2fk0qxgqrzghbndp5y00k2jq0e8ff9bfwt6hwd2v9aza9578da916w2925gd7wgecc4mdakzenf50z2tkw8xenkwfytrt9kcm945a4nzp07b3fn373n69chm18w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChCcD4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTvAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWPGMqGrT4etkIkU75Gm1YVX2eavTxMe_QX0Vn2NQtz2FaUGmdBCg1xyF4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1St17gwTzTdYFhEsuBRmUFJNQq_g%26client%3Dca-pub-4040799255774499%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 492829
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0v6kqnbVzS%2BjVSdCbW9dwLYv1nLMglIY7%2FT6%2BdGngmjgH0P57Qhmh6QAItr8ANsaVOUnhPSia%2B%2FvdlaDZ6MvH3lopHqQx4HHEOdqTEia5B0YZlasD6jVaQrnJpz5K0YH8safs2evPw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7f6e9169a9542c33-FRA
expires: Tue, 15 Aug 2023 05:06:58 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 4850 25 KB
10 KB 20ms
18ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kt71fxer9gbvp4k0pj46bn8fgjvvccx4z112c8vzzyd4qm5ag61e63bfzcj3y78zhxmt47fcb4jet3bj8xvh1pnfeb5wbj8nn2bzzyk3qpds0v53arxc72y6f1var8nghtgxtyjqmn571jyes7vj26at2dv4wc9kddydtz7j3nc35fe7sef8nwh1wg3vdtkv7sfv161km2v3bs0canvt1qqn1cqxt47hnex6qk6pg8brsrgwkfjn1yt5vmbmm3h3cgn4a3ey3mqt01sxad5d15hh2ey5vn5cbmkp8f3aknpk73dgx4kkdk29jdagn4911jynjqmh7vgv4s2fk0qxgqrzghbndp5y00k2jq0e8ff9bfwt6hwd2v9aza9578da916w2925gd7wgecc4mdakzenf50z2tkw8xenkwfytrt9kcm945a4nzp07b3fn373n69chm18w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChCcD4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTvAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWPGMqGrT4etkIkU75Gm1YVX2eavTxMe_QX0Vn2NQtz2FaUGmdBCg1xyF4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1St17gwTzTdYFhEsuBRmUFJNQq_g%26client%3Dca-pub-4040799255774499%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 560191
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V1rpbKcK5xC2SBOFpSz%2B2%2BYB86tiQmrZ1QiKbxQgATS52cDrDQHXL7n1dXCoOh2N%2BxdKU28yLQAbrNDGEu5IAW4tNAr%2FW0uINwYZpn1hpp%2FfMzO36AsYIPFzo1CKm1VYYQYkGIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7f6e9169a9552c33-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 08 Aug 2023 16:30:16 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 4850 3 KB
4 KB 35ms
17ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1892
x-guploader-uploadid: ADPycduTog6A2JPifmWwDYui9vUCCU5W1ZNEVFDzlBRMT9l9xNdgptaa0KpBuLLbjaWfVX7sXot7cGI-Oc2HEQNQ3r-JUA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enCm595mfpKyX5W0tvrYeiCjvtJjSdITmjD7NuJV7YocUWRKt8C4twc709SAj6cVBnDmMdUVlLd8DGY1j9WX6c9O0gVM3lbeDxnMmYaiIqw5CGzt%2BdhbbOhTj6NC9IvMgx33qVow84ET9s4sYyIt%2BPyq"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7f6e9169e80b9122-FRA
expires: Tue, 15 Aug 2023 03:56:07 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 9734 2 KB
1 KB 17ms
16ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2438616
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7f6e9169d93135f6-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 15 Aug 2023 04:06:58 GMT
expires: Sun, 09 Jul 2023 00:24:59 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4c9tyX5V7XZ4V3gzuIiJU9Blrje0abKPmklIZ%2FwzCljneA0YG0quKNRvxeAlsW7UbkAF2sC4j8ECWPfqgCCgj6kDOoux%2BTjGLoZnQYfNCPjHHm%2BcnlCzroNYzKpN3PcJbotuJ4E%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 4850 2 KB
2 KB 28ms
27ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26db08d82f9e12bf4deabaf49e223ce1078ef03d1f4810753edee13e6a1cb149

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 15 Aug 2023 04:06:58 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTX2eL6GhKS3Z%2FrrkeW3O%2Bl%2FMQLy%2B%2FagJ4VhsND4Fve2fASWosg5I6yigBMT5NjAsKMhUCdm4LP%2BrCV3pXqSL2W61oRDfVZzNTq33p2ktjUWJrDdufuZNPP8penjFf6qzD1Y%2Bq4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7f6e916a4c0d4da8-FRA
x-backend-server: aa-reachservice-group-europe-west1-4jr5
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 36ms
25ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f6e916a1bea4da8-FRA
content-length: 24
content-type: text/plain
date: Tue, 15 Aug 2023 04:06:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJ8MV%2BXKtn%2BN1HbgdBJhdikw767SBFu0wc1U9v%2FIjawE0ZTWnIkEHjKWhaNc6KXLromHVEvyHGftqkBV4PJk%2B5LqoJiK2pzoqK9PrHfIk%2FnuOjuttPHjbGmR5XrCGwwGCYPPNhE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-lhcx

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 46FB 0
0 53ms
52ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZqZP4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTsAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWLOOifgEGGwk6sJzcrP886fPbaF-zumnnP3X1vGoIyOpcZR661Bo4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQwNDA3OTkyNTU3NzQ0OTkYiqwQ&sigh=-bSscX3z9KI&uach_m=[UACH]&cid=CAQSOwBpAlJW4ZjMXz5Eq2d8VYsIDgyA2mHYvUsOTKdGiEdtfwIbj229RYAxrBkRJGRegPSguDtRV5dGD6i0GAE&cbvp=2&vis=1
Requested by: Host: 838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com
URL: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 46FB 0
103 B 34ms
17ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gvxhfeqrev9rb4r4v1m6rw17fbp3bk02c9reaqrav7h3vf7s3k2dr2pqrfkgwe9skhzdaka7babvkfcnnbkjz1d1cxdz3mgc3v2zys9763xp9wkmsqrsa2e6fxw7y97xt7sdz60wndzzekr019y6mkpahvwsn5jac9ggnw70nrar0wzky6h3m20vnr3dn206ajwn8n2tewk8n7b2njnh81smg73ahs66d2ar52eds6fs0dvwpmwdfg32mv0yvmv13v53585kzpznvba0t2a06cjv0h0b2rt24ep94e2pg7ks3dxk3ybdevyr080mfg9d7rc2xt7cz3h0fv9ya9919pcsp8sx64mazresrmsc53eh5pez4rhh9dqcpm5awx4nr8630cs1p8sft9f&b=ZNr54gAC1msK4A-GAA6qZrpBlBfWFFp5E28lFA&cbvp=2
Requested by: Host: 838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com
URL: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 15 Aug 2023 04:06:58 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 2402 11 KB
5 KB 35ms
35ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=764fcabfacff8dae63aa1b826826547d%2F14148517134724449064&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692072418868&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gnk3vs6k4n8cs7c6njaghrz8w2v9e0gjdgvhdcmn1rtf3z3h5n2vhsrymfyshycxhh6vx0k94n60egg0fffjj2x9fv65jpg545zpnq29c6j96811rd5kfzvfg5jt0hda003mg5aver5ks7gkv213t1y88q7v5ty9ad7f60dmmatnhddkpnaf22x1fav717y0yevc44gkcj2bqw6xsnj3t063p4ecwztp08vz57a877vz6yczjkg2ngan0dtdaqfxtzjmjz8m08x0jfj6zvwjvawzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChCcD4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTvAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWPGMqGrT4etkIkU75Gm1YVX2eavTxMe_QX0Vn2NQtz2FaUGmdBCg1xyF4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1St17gwTzTdYFhEsuBRmUFJNQq_g%2526client%253Dca-pub-4040799255774499%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2127d567bf0926bea0aa0fce54ccf1df723d7baabb228fa2cc97b13acd1850a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kt71fxer9gbvp4k0pj46bn8fgjvvccx4z112c8vzzyd4qm5ag61e63bfzcj3y78zhxmt47fcb4jet3bj8xvh1pnfeb5wbj8nn2bzzyk3qpds0v53arxc72y6f1var8nghtgxtyjqmn571jyes7vj26at2dv4wc9kddydtz7j3nc35fe7sef8nwh1wg3vdtkv7sfv161km2v3bs0canvt1qqn1cqxt47hnex6qk6pg8brsrgwkfjn1yt5vmbmm3h3cgn4a3ey3mqt01sxad5d15hh2ey5vn5cbmkp8f3aknpk73dgx4kkdk29jdagn4911jynjqmh7vgv4s2fk0qxgqrzghbndp5y00k2jq0e8ff9bfwt6hwd2v9aza9578da916w2925gd7wgecc4mdakzenf50z2tkw8xenkwfytrt9kcm945a4nzp07b3fn373n69chm18w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChCcD4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTvAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWPGMqGrT4etkIkU75Gm1YVX2eavTxMe_QX0Vn2NQtz2FaUGmdBCg1xyF4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1St17gwTzTdYFhEsuBRmUFJNQq_g%26client%3Dca-pub-4040799255774499%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7f6e916a79aa35f6-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 04:06:58 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 2402 114 KB
14 KB 18ms
18ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=764fcabfacff8dae63aa1b826826547d%2F14148517134724449064&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692072418868&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gnk3vs6k4n8cs7c6njaghrz8w2v9e0gjdgvhdcmn1rtf3z3h5n2vhsrymfyshycxhh6vx0k94n60egg0fffjj2x9fv65jpg545zpnq29c6j96811rd5kfzvfg5jt0hda003mg5aver5ks7gkv213t1y88q7v5ty9ad7f60dmmatnhddkpnaf22x1fav717y0yevc44gkcj2bqw6xsnj3t063p4ecwztp08vz57a877vz6yczjkg2ngan0dtdaqfxtzjmjz8m08x0jfj6zvwjvawzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChCcD4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTvAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWPGMqGrT4etkIkU75Gm1YVX2eavTxMe_QX0Vn2NQtz2FaUGmdBCg1xyF4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1St17gwTzTdYFhEsuBRmUFJNQq_g%2526client%253Dca-pub-4040799255774499%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=764fcabfacff8dae63aa1b826826547d%2F14148517134724449064&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692072418868&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gnk3vs6k4n8cs7c6njaghrz8w2v9e0gjdgvhdcmn1rtf3z3h5n2vhsrymfyshycxhh6vx0k94n60egg0fffjj2x9fv65jpg545zpnq29c6j96811rd5kfzvfg5jt0hda003mg5aver5ks7gkv213t1y88q7v5ty9ad7f60dmmatnhddkpnaf22x1fav717y0yevc44gkcj2bqw6xsnj3t063p4ecwztp08vz57a877vz6yczjkg2ngan0dtdaqfxtzjmjz8m08x0jfj6zvwjvawzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChCcD4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTvAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWPGMqGrT4etkIkU75Gm1YVX2eavTxMe_QX0Vn2NQtz2FaUGmdBCg1xyF4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1St17gwTzTdYFhEsuBRmUFJNQq_g%2526client%253Dca-pub-4040799255774499%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 492830
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYr%2FkFmuEH%2BIEqCuh2GKE4cEmIRkVAHHgi9guvqNGmM02YbtBFMAgkvMVFcQGVcCcPyHiQPUa7i4dLxoVNITYcZf4Zd%2F2Ucyrxd85yQkd9Y%2FAE%2BXcxyY9OgNiuwK2CIezYZh%2FT4dni0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7f6e916aba0135f6-FRA
expires: Tue, 15 Aug 2023 05:06:59 GMT

GET
H2 200 807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
assets.ad4m.at/logo/ Frame 2402 6 KB
6 KB 17ms
16ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=764fcabfacff8dae63aa1b826826547d%2F14148517134724449064&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692072418868&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gnk3vs6k4n8cs7c6njaghrz8w2v9e0gjdgvhdcmn1rtf3z3h5n2vhsrymfyshycxhh6vx0k94n60egg0fffjj2x9fv65jpg545zpnq29c6j96811rd5kfzvfg5jt0hda003mg5aver5ks7gkv213t1y88q7v5ty9ad7f60dmmatnhddkpnaf22x1fav717y0yevc44gkcj2bqw6xsnj3t063p4ecwztp08vz57a877vz6yczjkg2ngan0dtdaqfxtzjmjz8m08x0jfj6zvwjvawzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChCcD4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTvAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWPGMqGrT4etkIkU75Gm1YVX2eavTxMe_QX0Vn2NQtz2FaUGmdBCg1xyF4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1St17gwTzTdYFhEsuBRmUFJNQq_g%2526client%253Dca-pub-4040799255774499%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1871599
cf-polished: origFmt=png, origSize=11357
alt-svc: h3=":443"; ma=86400
content-length: 5848
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Jun 2023 08:41:46 GMT
server: cloudflare
etag: "ccfbd2e3feb27487a1f6d1f6b03866aa"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hubuz9HEkBoXRbqQKdw%2B5yYT4btcDmHvCBxUE0ooqWluzSz4dbH2dLJjm7OeTvgkDWG0Cd2UnEXMK503C5TzZB1DjjyXhub5PSDQBF5c0XO61fUYECg2qk7wWTXZIIv1tVwYqtlJd1dgmuyF"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f6e916ab9fb2c33-FRA
expires: Wed, 16 Aug 2023 04:06:59 GMT

GET
H2 200 2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
assets.ad4m.at/ Frame 2402 183 KB
184 KB 18ms
16ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=764fcabfacff8dae63aa1b826826547d%2F14148517134724449064&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692072418868&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gnk3vs6k4n8cs7c6njaghrz8w2v9e0gjdgvhdcmn1rtf3z3h5n2vhsrymfyshycxhh6vx0k94n60egg0fffjj2x9fv65jpg545zpnq29c6j96811rd5kfzvfg5jt0hda003mg5aver5ks7gkv213t1y88q7v5ty9ad7f60dmmatnhddkpnaf22x1fav717y0yevc44gkcj2bqw6xsnj3t063p4ecwztp08vz57a877vz6yczjkg2ngan0dtdaqfxtzjmjz8m08x0jfj6zvwjvawzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChCcD4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTvAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWPGMqGrT4etkIkU75Gm1YVX2eavTxMe_QX0Vn2NQtz2FaUGmdBCg1xyF4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1St17gwTzTdYFhEsuBRmUFJNQq_g%2526client%253Dca-pub-4040799255774499%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1871599
cf-polished: origFmt=png, origSize=289744
alt-svc: h3=":443"; ma=86400
content-length: 187558
cf-bgj: imgq:85,h2pri
last-modified: Fri, 23 Jun 2023 11:11:49 GMT
server: cloudflare
etag: "17decb4f4cab809ec8159433a7f13627"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qrmoPPkUJvZ0WCFGPZRHyaOeEXWZ8eMQfTR0XqPGw%2FNSe8RVejqAJ%2BEKvKsJEVRKn0lEkPpX3yxYbBOgXdtbUyXBepGIumHdzIQFYbr2CSraqC0y4VToPtV8DAalvQfFMkLXbJI1I6QPZB%2B%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f6e916ab9ff2c33-FRA
expires: Wed, 16 Aug 2023 04:06:59 GMT

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 2402 53 KB
54 KB 26ms
25ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=764fcabfacff8dae63aa1b826826547d%2F14148517134724449064&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692072418868&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gnk3vs6k4n8cs7c6njaghrz8w2v9e0gjdgvhdcmn1rtf3z3h5n2vhsrymfyshycxhh6vx0k94n60egg0fffjj2x9fv65jpg545zpnq29c6j96811rd5kfzvfg5jt0hda003mg5aver5ks7gkv213t1y88q7v5ty9ad7f60dmmatnhddkpnaf22x1fav717y0yevc44gkcj2bqw6xsnj3t063p4ecwztp08vz57a877vz6yczjkg2ngan0dtdaqfxtzjmjz8m08x0jfj6zvwjvawzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChCcD4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTvAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWPGMqGrT4etkIkU75Gm1YVX2eavTxMe_QX0Vn2NQtz2FaUGmdBCg1xyF4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1St17gwTzTdYFhEsuBRmUFJNQq_g%2526client%253Dca-pub-4040799255774499%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1077159
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XIAIf3eL5Y6puX0%2BuJTMlTtY8GSv%2FZJjB7LVJlIRFKx6ARp5hXEH2WxQ9vgjWzt5Ql38c00qtvSKtp0u%2FUNOtKDlSDZao8FP5C%2BH2IfaISn78oUf8lN5Mavk6ei%2Bq2YsrgTD02HwmImo0dE1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f6e916aba012c33-FRA
expires: Wed, 16 Aug 2023 04:06:59 GMT

GET
H2 200 C214519790640C056F434D8DDB50BCB07F64B125E2E4D5026778482090BA9FC45C4658AF375179106A92B6C2DD36789FCD39BC1923957D0DCD063E017A893CC0
assets.ad4m.at/ Frame 2402 21 KB
22 KB 28ms
27ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/C214519790640C056F434D8DDB50BCB07F64B125E2E4D5026778482090BA9FC45C4658AF375179106A92B6C2DD36789FCD39BC1923957D0DCD063E017A893CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=764fcabfacff8dae63aa1b826826547d%2F14148517134724449064&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692072418868&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gnk3vs6k4n8cs7c6njaghrz8w2v9e0gjdgvhdcmn1rtf3z3h5n2vhsrymfyshycxhh6vx0k94n60egg0fffjj2x9fv65jpg545zpnq29c6j96811rd5kfzvfg5jt0hda003mg5aver5ks7gkv213t1y88q7v5ty9ad7f60dmmatnhddkpnaf22x1fav717y0yevc44gkcj2bqw6xsnj3t063p4ecwztp08vz57a877vz6yczjkg2ngan0dtdaqfxtzjmjz8m08x0jfj6zvwjvawzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChCcD4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTvAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWPGMqGrT4etkIkU75Gm1YVX2eavTxMe_QX0Vn2NQtz2FaUGmdBCg1xyF4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1St17gwTzTdYFhEsuBRmUFJNQq_g%2526client%253Dca-pub-4040799255774499%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56bfeb4337290e6235a15bd50843785ea883b1a91888e439d86453c4b5507c71

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2439003
cf-polished: qual=85, origFmt=jpeg, origSize=50645
alt-svc: h3=":443"; ma=86400
content-length: 21720
cf-bgj: imgq:85,h2pri
last-modified: Tue, 16 May 2023 07:15:13 GMT
server: cloudflare
etag: "c73080cea7b29464f4dd0b5558645ab6"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euL7Rd4bIP7q%2F7E8jgB5JJurjkHf%2FrOc76PovilOPf2KXcobw%2Fp9l34pt%2BOkvHKF7vxYqyuhG84EYw5e%2Fve%2BGAj1%2B1NGGt%2FUUZ9MB%2Fqia5s0BBUjFdLk2Yh0nFy2zoFZHRsSN8RrjrTnB8ex"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f6e916aba022c33-FRA
expires: Wed, 16 Aug 2023 04:06:59 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 2402
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKSF4vvk3YADFU3IuwgdYGMMAA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023081506065987904174443X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite...

49 B
1 KB

74ms
27ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023081506065987904174443X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023081506065987904174443X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=764fcabfacff8dae63aa1b826826547d%2F14148517134724449064&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692072418868&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gnk3vs6k4n8cs7c6njaghrz8w2v9e0gjdgvhdcmn1rtf3z3h5n2vhsrymfyshycxhh6vx0k94n60egg0fffjj2x9fv65jpg545zpnq29c6j96811rd5kfzvfg5jt0hda003mg5aver5ks7gkv213t1y88q7v5ty9ad7f60dmmatnhddkpnaf22x1fav717y0yevc44gkcj2bqw6xsnj3t063p4ecwztp08vz57a877vz6yczjkg2ngan0dtdaqfxtzjmjz8m08x0jfj6zvwjvawzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChCcD4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTvAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWPGMqGrT4etkIkU75Gm1YVX2eavTxMe_QX0Vn2NQtz2FaUGmdBCg1xyF4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1St17gwTzTdYFhEsuBRmUFJNQq_g%2526client%253Dca-pub-4040799255774499%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:06:59 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023081506065987904174443X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023081506065987904174443X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218
date: Tue, 15 Aug 2023 04:06:59 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 2402 36 KB
36 KB 25ms
24ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=764fcabfacff8dae63aa1b826826547d%2F14148517134724449064&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692072418868&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gnk3vs6k4n8cs7c6njaghrz8w2v9e0gjdgvhdcmn1rtf3z3h5n2vhsrymfyshycxhh6vx0k94n60egg0fffjj2x9fv65jpg545zpnq29c6j96811rd5kfzvfg5jt0hda003mg5aver5ks7gkv213t1y88q7v5ty9ad7f60dmmatnhddkpnaf22x1fav717y0yevc44gkcj2bqw6xsnj3t063p4ecwztp08vz57a877vz6yczjkg2ngan0dtdaqfxtzjmjz8m08x0jfj6zvwjvawzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChCcD4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTvAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWPGMqGrT4etkIkU75Gm1YVX2eavTxMe_QX0Vn2NQtz2FaUGmdBCg1xyF4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1St17gwTzTdYFhEsuBRmUFJNQq_g%2526client%253Dca-pub-4040799255774499%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 524787
cf-polished: origFmt=png, origSize=62828
alt-svc: h3=":443"; ma=86400
content-length: 36446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gDbqWECypUSoX3%2BxPOBOwJz4TEtrOdH5nJ9eBFp5xP2qwTV3moJtBqffG7FrgX6R2%2F%2FMtgPjbQ1fQ36fQVxWDFcJ8fG6Y%2FfrbgAPjS4%2FUGcnHFMKSuASQ5tpW9bJklSqKVfYzPyOPjD4ZSS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f6e916aba032c33-FRA
expires: Wed, 16 Aug 2023 04:06:59 GMT

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 2402 38 KB
38 KB 25ms
25ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=764fcabfacff8dae63aa1b826826547d%2F14148517134724449064&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692072418868&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gnk3vs6k4n8cs7c6njaghrz8w2v9e0gjdgvhdcmn1rtf3z3h5n2vhsrymfyshycxhh6vx0k94n60egg0fffjj2x9fv65jpg545zpnq29c6j96811rd5kfzvfg5jt0hda003mg5aver5ks7gkv213t1y88q7v5ty9ad7f60dmmatnhddkpnaf22x1fav717y0yevc44gkcj2bqw6xsnj3t063p4ecwztp08vz57a877vz6yczjkg2ngan0dtdaqfxtzjmjz8m08x0jfj6zvwjvawzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChCcD4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTvAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWPGMqGrT4etkIkU75Gm1YVX2eavTxMe_QX0Vn2NQtz2FaUGmdBCg1xyF4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1St17gwTzTdYFhEsuBRmUFJNQq_g%2526client%253Dca-pub-4040799255774499%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1079708
cf-polished: degrade=85, origSize=133780, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 38661
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWOFYrR03UPzB4sVrv7iSfJe5z4ZgcliQvEtO1qOD57IgAk%2FAAEE6HEvcH%2FVpmSrT83JlUY6UCjXoZwxltHwVjXc7ZfbIohZn3yir1g3WBuckWyc%2FuDjhPe7ROjdi1alW9%2FY5paGg6tsGcbz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f6e916aba052c33-FRA
expires: Wed, 16 Aug 2023 04:06:59 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 2402 43 B
704 B 99ms
68ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=764fcabfacff8dae63aa1b826826547d%2F14148517134724449064&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692072418868&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gnk3vs6k4n8cs7c6njaghrz8w2v9e0gjdgvhdcmn1rtf3z3h5n2vhsrymfyshycxhh6vx0k94n60egg0fffjj2x9fv65jpg545zpnq29c6j96811rd5kfzvfg5jt0hda003mg5aver5ks7gkv213t1y88q7v5ty9ad7f60dmmatnhddkpnaf22x1fav717y0yevc44gkcj2bqw6xsnj3t063p4ecwztp08vz57a877vz6yczjkg2ngan0dtdaqfxtzjmjz8m08x0jfj6zvwjvawzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChCcD4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTvAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWPGMqGrT4etkIkU75Gm1YVX2eavTxMe_QX0Vn2NQtz2FaUGmdBCg1xyF4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1St17gwTzTdYFhEsuBRmUFJNQq_g%2526client%253Dca-pub-4040799255774499%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 04:06:59 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 link.html Show response
track.webgains.com/ Frame 2402 1 KB
2 KB 128ms
62ms Script
text/html 52.56.87.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hewdy4wrpjzp345zjnh5t2wne5nemxf2j6903b66c5pmhsgqk3tb2zehwpm1jp8y8swkjft5nb1jtr2bmwmv09za2q53ffsjzd02js1fvwmjqzx1w9p885e4bq2qjn8m9stb89azne1pbxpd7869ctz6qw2qq9rwpe5t6pe71zq4avcwy65zw4zpspm7swd3pbd465x09hd3ngry7z07txprykq6qm6x8r7mkyfk8p1t6pcbba9f1kpe3g7htdgasr5e%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gnk3vs6k4n8cs7c6njaghrz8w2v9e0gjdgvhdcmn1rtf3z3h5n2vhsrymfyshycxhh6vx0k94n60egg0fffjj2x9fv65jpg545zpnq29c6j96811rd5kfzvfg5jt0hda003mg5aver5ks7gkv213t1y88q7v5ty9ad7f60dmmatnhddkpnaf22x1fav717y0yevc44gkcj2bqw6xsnj3t063p4ecwztp08vz57a877vz6yczjkg2ngan0dtdaqfxtzjmjz8m08x0jfj6zvwjvawzg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChCcD4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTvAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWPGMqGrT4etkIkU75Gm1YVX2eavTxMe_QX0Vn2NQtz2FaUGmdBCg1xyF4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1St17gwTzTdYFhEsuBRmUFJNQq_g%252526client%25253Dca-pub-4040799255774499%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=764fcabfacff8dae63aa1b826826547d%2F14148517134724449064&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692072418868&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gnk3vs6k4n8cs7c6njaghrz8w2v9e0gjdgvhdcmn1rtf3z3h5n2vhsrymfyshycxhh6vx0k94n60egg0fffjj2x9fv65jpg545zpnq29c6j96811rd5kfzvfg5jt0hda003mg5aver5ks7gkv213t1y88q7v5ty9ad7f60dmmatnhddkpnaf22x1fav717y0yevc44gkcj2bqw6xsnj3t063p4ecwztp08vz57a877vz6yczjkg2ngan0dtdaqfxtzjmjz8m08x0jfj6zvwjvawzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChCcD4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTvAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWPGMqGrT4etkIkU75Gm1YVX2eavTxMe_QX0Vn2NQtz2FaUGmdBCg1xyF4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1St17gwTzTdYFhEsuBRmUFJNQq_g%2526client%253Dca-pub-4040799255774499%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.87.167 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-87-167.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 267b275469d80fcee88cb0c04a143f032c8d3012a93db9a4a054c38056456746

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:59 GMT
last-modified: Tue, 15 Aug 2023 04:06:59 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 15 Aug 2023 04:07:59 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 2402 51 KB
18 KB 60ms
8ms Script
text/javascript 18.66.147.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hewdy4wrpjzp345zjnh5t2wne5nemxf2j6903b66c5pmhsgqk3tb2zehwpm1jp8y8swkjft5nb1jtr2bmwmv09za2q53ffsjzd02js1fvwmjqzx1w9p885e4bq2qjn8m9stb89azne1pbxpd7869ctz6qw2qq9rwpe5t6pe71zq4avcwy65zw4zpspm7swd3pbd465x09hd3ngry7z07txprykq6qm6x8r7mkyfk8p1t6pcbba9f1kpe3g7htdgasr5e%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gnk3vs6k4n8cs7c6njaghrz8w2v9e0gjdgvhdcmn1rtf3z3h5n2vhsrymfyshycxhh6vx0k94n60egg0fffjj2x9fv65jpg545zpnq29c6j96811rd5kfzvfg5jt0hda003mg5aver5ks7gkv213t1y88q7v5ty9ad7f60dmmatnhddkpnaf22x1fav717y0yevc44gkcj2bqw6xsnj3t063p4ecwztp08vz57a877vz6yczjkg2ngan0dtdaqfxtzjmjz8m08x0jfj6zvwjvawzg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChCcD4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTvAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWPGMqGrT4etkIkU75Gm1YVX2eavTxMe_QX0Vn2NQtz2FaUGmdBCg1xyF4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1St17gwTzTdYFhEsuBRmUFJNQq_g%252526client%25253Dca-pub-4040799255774499%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 06:07:30 GMT
content-encoding: gzip
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
last-modified: Mon, 07 Aug 2023 14:11:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 79170
etag: W/"cb7accb6a6fc086cd831549a78a2fe42"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: ZjzRo63C2IJKdMp_RGBT2FEs1A8NI8gxamQTePrVFHG9WStcDoJGmg==

GET
H2 200 link.html
track.webgains.com/ Frame 2402 90 KB
90 KB 94ms
93ms Image
image/gif 52.56.87.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=3756941
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=764fcabfacff8dae63aa1b826826547d%2F14148517134724449064&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692072418868&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gnk3vs6k4n8cs7c6njaghrz8w2v9e0gjdgvhdcmn1rtf3z3h5n2vhsrymfyshycxhh6vx0k94n60egg0fffjj2x9fv65jpg545zpnq29c6j96811rd5kfzvfg5jt0hda003mg5aver5ks7gkv213t1y88q7v5ty9ad7f60dmmatnhddkpnaf22x1fav717y0yevc44gkcj2bqw6xsnj3t063p4ecwztp08vz57a877vz6yczjkg2ngan0dtdaqfxtzjmjz8m08x0jfj6zvwjvawzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChCcD4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTvAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWPGMqGrT4etkIkU75Gm1YVX2eavTxMe_QX0Vn2NQtz2FaUGmdBCg1xyF4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1St17gwTzTdYFhEsuBRmUFJNQq_g%2526client%253Dca-pub-4040799255774499%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.87.167 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-87-167.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 4678201b0274f75c6f34a6810d09fe2e90eb9cd736c0cfd7487f1d7974569c4b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:59 GMT
last-modified: Tue, 15 Aug 2023 04:06:59 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 15 Aug 2023 04:07:59 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022307272333000/ Frame 3979 222 KB
62 KB 39ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3425e60d41fe67180950e1f4a4a44d73b0310ab68903793795460f2a5d64c5d6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Aug 2023 17:10:59 GMT
age: 39360
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62103
x-xss-protection: 0
server: sffe
etag: "6fcd5b1d9cae0bc1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Aug 2024 17:10:59 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022307272333000/v0/ Frame 3979 15 KB
5 KB 52ms
21ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Aug 2023 17:10:59 GMT
age: 39360
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Aug 2024 17:10:59 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022307272333000/v0/ Frame 3979 94 KB
28 KB 53ms
22ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 08 Aug 2023 19:51:05 GMT
age: 548154
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Aug 2024 19:51:05 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022307272333000/v0/ Frame 3979 5 KB
2 KB 56ms
25ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 08 Aug 2023 20:02:23 GMT
age: 547476
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Aug 2024 20:02:23 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022307272333000/v0/ Frame 3979 40 KB
13 KB 56ms
25ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Aug 2023 17:10:59 GMT
age: 39360
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Aug 2024 17:10:59 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3979 14 KB
2 KB 43ms
16ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Aug 2023 04:06:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 03:09:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Aug 2023 04:06:59 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3979 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: quicklookfilms.com
URL: http://quicklookfilms.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 04:40:07 GMT
x-content-type-options: nosniff
server: cafe
age: 84412
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 15 Aug 2023 04:40:07 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3979 295 B
319 B 8ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: quicklookfilms.com
URL: http://quicklookfilms.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 45940
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 15 Aug 2023 15:21:19 GMT

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame 3979 0
0 21ms
14ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaQAm6Oq2i9YqmjGY6_laB8oUj6kseMjjpkrL-R0RkUFY7fIISdysjZ7oIyijaj9Hx_lL_mQfy43BI6YJWR8BgMgHSkgyg
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11134653358284436190/ Frame 3979 4 KB
4 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11134653358284436190/14763004658117789537?w=195&h=102

Requested by

Host: quicklookfilms.com
URL: http://quicklookfilms.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c714b65b9619243dbf424acc75547206ff10b204bfa1cec7ed80ca8b7f9cb74b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 01:38:00 GMT
x-content-type-options: nosniff
age: 527339
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4050
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 07:53:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Aug 2024 01:38:00 GMT

GET
DATA 200
OK truncated
/ Frame 3979 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3979 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3979 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d86201bcc52d0dcf876787436da7fdf46f20745e87ad675e420bcecf706275c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 3979 33 KB
34 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://quicklookfilms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 255778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 05:04:01 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3979 0
0 55ms
54ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZD5f4vnaZP_RKJXl7gOD-7ugCLaj24lylfrnq5QR7OrahNweEAEg2I2tDGCVgoCAmAegAZXT1NUCyAEJqQLhtTnRgX6CPuACAKgDAcgDCqoE4gFP0GACVi2tI3cWDHUaz6PJgIxDjKDkcAgIO4A9Sd3CyfCbfxnGVexbVjNNVtdKRBs_7rJATAQN2piYVUJdCNJYcrOYYmQDhE-yLSOoODK7_kLVTwhVyhIYYuvRNBQexizzIGjcxi55qqdJ_FuX1gUD0EyeAxMdwdhLgOc_3UnC0im2J1e80tNAksxfDpxAqIIFKffBXuVOoyuXQIaqazDQNz2MIPk5ZecV7hUnUEmBdCHe6reWto9z2YZrs7zGdoMyxeiRDr97ogD9UuZu7UtZsXDgwntY9CcirlksRH_t5jMwwATAobTiuwTgBAGgBi6AB9Osq6oBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQvY8N0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJZmh0dHBzOi8vd3d3LmNyZWFsaXR5LmNvbS9kZS9wcm9kdWN0cy9jcmVhbGl0eS1lbmRlci0zLXMxLXByby1mZG0tM2QtZHJ1Y2tlcj91dG1fc291cmNlPWdvb2dsZWFkc184NF8wMYAKAcgLAaIMCCoGCgTDsLEC2BMDiBQB0BUBgBcBshceChwIABIUcHViLTQwNDA3OTkyNTU3NzQ0OTkYiqwQ&sigh=bUNxXenYbZ8&uach_m=[]&ase=2&cid=CAQSOwBpAlJWeFlxHj9b5dx3AaGyVTRrXjynbRAPfsdQQyTn19obmHgqSjwhaFnIzGC2acU2Bd_exYlP3sU5GAE&template_id=5000&cbvp=2
Requested by: Host: quicklookfilms.com
URL: http://quicklookfilms.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 like_box.php Show response
www.facebook.com/plugins/ Frame 5191 20 KB
10 KB 100ms
82ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a61a5398d011c%26domain%3Dquicklookfilms.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fquicklookfilms.com%252Ff14e07ddbb3e9ec%26relation%3Dparent.parent&container_width=0&header=true&height=280&href=http%3A%2F%2Fwww.facebook.com%2FQuicklookFilms&id=fb-like-box&locale=en_US&sdk=joey&show_faces=false&stream=true&width=290

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=02695c3417ef0c4a6afbdb8407748a22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

720e578c10601e99c2e8aeabcc85dce4992ab67beb5beafbbae2c8beda048858

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://quicklookfilms.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 04:06:59 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: awkDs7dzWFm4Z8OMXjqwD/tkkM5iLhvsJPoCjYlvLkrsXMdkKXwCP5f+qupkQsrug9WbR5IXhRy6pjN9/9ZhTg==
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 71ms
55ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308080102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c07d5605217e10c21c991da8655bc0d2c4c3fb4b282b0fb29ca63b5edc57104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11660
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 04:06:59 GMT

GET
H2 200 p_lVe8z3x7G.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame 5191 29 KB
8 KB 24ms
7ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/p_lVe8z3x7G.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a61a5398d011c%26domain%3Dquicklookfilms.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fquicklookfilms.com%252Ff14e07ddbb3e9ec%26relation%3Dparent.parent&container_width=0&header=true&height=280&href=http%3A%2F%2Fwww.facebook.com%2FQuicklookFilms&id=fb-like-box&locale=en_US&sdk=joey&show_faces=false&stream=true&width=290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

35d275bbadda61a938ffb05a36aad0f756840a0d0b04710fb6754a0ab553b12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:59 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1bZu3Ie5ad+9Fi2Y3t4AOw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7158
x-fb-debug: TYZrwIylrQ+necvpoZniJGlwPUMfJXsITtnopgc63WYTcpQvRn6lFh2i/B3XmAdjzxFlxZSuaWxeW90rpNop3w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Mon, 12 Aug 2024 16:36:49 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 2402 16 B
209 B 64ms
63ms Fetch
application/json 35.178.127.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.178.127.134 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-178-127-134.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 15 Aug 2023 04:07:00 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 223ms
72ms Preflight 35.178.127.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.178.127.134 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-178-127-134.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Tue, 15 Aug 2023 04:07:00 GMT
server: nginx

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 24F7 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://quicklookfilms.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 827
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 03:53:12 GMT
expires: Wed, 14 Aug 2024 03:53:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9A54 831 B
554 B 19ms
18ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fc2b95ca04d8f99be868a76093b09e4d5569efe1da473fbc86834c42a7f72e07

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-t5jCjoLqBqt5gMbbQvlTbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://quicklookfilms.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 532
content-security-policy: script-src 'report-sample' 'nonce-t5jCjoLqBqt5gMbbQvlTbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 04:06:59 GMT
expires: Tue, 15 Aug 2023 04:06:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 gDKveuiD6qzElJZQWCdHL_tXbW9wBzQNLi6nE-8m1ts.js Show response
pagead2.googlesyndication.com/bg/ Frame 24F7 38 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gDKveuiD6qzElJZQWCdHL_tXbW9wBzQNLi6nE-8m1ts.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8032af7ae883eaacc49496505827472ffb576d6f7007340d2e2ea713ef26d6db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 03:53:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 03:53:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9A54 0
0 40ms
40ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308080102&jk=1634471582799380&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 24F7 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Q4TKnA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:06:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3979 42 B
64 B 53ms
52ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBQAIhJRSXqv9vmp2hKjPWyaotGy8VenBGYxxWb9vwTFc_7Ddzcg-jEnb_ABFRfDOg83lYkML9abdJc6Arnwzd5j6ODJOPvxPQ6FhPEefoEGRmxSnLv-sjNKMzldXgyJ-Li01mBn9fXnBmYcBisvePHdZG1mJG7PHQwcmysiTvP-f2Yr5zXF26BLO6cv93dkkhz941TlrkeNt3rn_Mas8ooSqUyj3jeqaPwzIV95KeZ4ITawct9pDA06wx3WTuUKWQrWA5CDmmd73t8QAugKJgoEolwEGlV-PTPw9IPvo3JkGWOmjeTKGF_s0HFoQjWMLrStImRGdm5EEPJd4nmcxgkj-LYprScqvgMGrdWVejXdDkfngjxZhbImuKbrOOpdPQwlxDMol9doBD6nPhYinjjXqnqsbX8WmWBtCHhDxQn1Mfb4e7UcOTFHNCTWCtDQx-zy8Y0V3zOJ5Yy7psQmlxg6yvmYG85bfZ9BdqIPDIDY-6Xl867ZPwS7s8xXeG6zFIRUHgQHFRp-IiFimYEg5QlnX9Eoe9bb1AiiftGQSsbqBEgwb1Pb_VXzAE4YXhDkniIGfEgAy2frID1mec2FiIXd30PrHBr1ZFd4XdOwlI3tmURYuv2LZF5BrMxHDOasa3Vohx5mm_OHYArY-T0pm_IB9amQRiTA8ApgCONgIW_ZblxjLpeWRgcFtD32Z9PHmb1AtKC_K-OlqYHegrEe6lOuGM9yhK5YqKkHZnOykwnKoRXhl1hR8eNj26eCtc4e0Y0Hr1j8CK4aKVmrTefg12mlwj9hUc0Pp99nHAHdDSPw7wH31JGXNnIOTtgrPOvRFxehJw6kTVC-EZtawD93BWWtx8pKWQ-7e7tgIG3JrK6zGeDX85hc2rL7TWRei91zu21vSUbyLpnukzUkwsGghwXRmFxn_ckT0nnRz6oqvOL4kNl7tVxhfAafXVRTx4b2YH4D6sthjO2ZOdNIcPjwEUV_Nq6J4enMOwLcGuTJq5aDUuZn9BNoC1nGZ3S5Msb4EwIUw1G9sgyt86OJy1XtC11sjFTrZYrelnaNR8USXev_45lYaLuDM8TI9H9Dpp9wjmFA3SNtxSZlZeWowja7vWuuMeBw4lp1WcU8C1B0n5gJ-nabU1aAOLCYCa-mWXpHYPg53EmRpTP6jPbd0Ns4Xmw3zSnX0XTNxjla6LecZCfVO0fWq2t7RiYMIurLiCGODY-qpIMHGN1w7gDsF2pb__Lw&sai=AMfl-YTsh612vBVYOPQSVb7Sr7nh7n8AyAsveO0MKOVITlkcBJKveqH-1MqCQqdvvd2_kVYG3vGBxgTVuxa8eU_tFtF_WgAE5Soq9AcjEzeOgSG_MEYBYiSFPidUhwpWRXFdl4zzZ9giOXjg&sig=Cg0ArKJSzFcrYwfisaxxEAE&cid=CAQSOwBpAlJWeFlxHj9b5dx3AaGyVTRrXjynbRAPfsdQQyTn19obmHgqSjwhaFnIzGC2acU2Bd_exYlP3sU5GAE&id=ampim&o=436,66&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=151&tls=1151&g=100&h=100&tt=1151&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 04:07:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308080102&jk=1634471582799380&bg=!KimlKX3NAAaiGN5Pghg7ADkAdvg8Wgc_sHmYk2W9ovz8nJQRh-9VjE_f5d18kkeCK3sskU72RcbFyk1PjclsIIeWgLsQv2j-KxkCAAAAS1IAAAAJaAEHCgA7XF8rccr1YDeoGnx275WjkSsCblqBHiZyO43-OOpJnH7kyEuEc71Sc3h1-BxGFqTvKR3ltHbgb8BSL1qZAsp3bRxdt-F-QvheU2-B3VyqIDSvl-fiMsXxIooxOquczeDG5Zk-E18M-OEQJyZQYEXQ6cubLJxWV2gUMvekvgxuxwGsNv1csw1C2NhZLQr9_t68b3X7DqQOxz9l4MysmyOA-pulzw6nwPJHRi5wmDi2Jx-P2oM-5sLg2t4GSnWxYtFAvZ2lylrAAQL4h7eBu2IrSf7Wj6QQyNV4Gyzv_riy41kWQrRFwudogvtI3FDT_DC_iophgVAMPk3MAjlvh_cbghwG9zj2Nln1_C2kAyyW7DAV-2bL1eVxe8Fb9K7um4AJ7ExI_91ELM63S27kyHx67gXHo7g6MucmyN2PKAauKY8c4DuLhBHkHDV7DyNswXXRkLApz5MA3BzbvWKgYJxMCblc0lB753SdB8N-Cw7uRZM6TI2tJ2DPeu3CkohxE3Bu1fMwnVkWhUQfjdHIGzx0rPefi6JzejWT8GUDgLkjcs19GXnDDzs9u3WebfSOdpwgfGsrVqxq1nTo4618UUP6VEt5TOoyIwKBBhrspMFrBUa6ArtCiwQU2w168WQ_mGvCc3t3KH39-zzcWIp8NlpMxqbZJNNQfpQ7J0VcpQ-vT-6g8i-_rI2teuY6BDd3eoClgs07q2WJSr8J9n7TSWJzwO2uoCmAVLqbJ9dDnYFNKogj1rQB7LvwnWuh4F7alEFQZdNzoSvkVK6Zh38XTqP-gqPVyqzl-DZG8Tpq_iFipN1PUvlf2JjPJjVkbu8-2o9icDPngs3S2jIanSOeHJaflHTkUkBx7Fg4VrLxFcRRjORe_asqiIs9QIBJbX5_TgZelhCsqdtQuek84KuyJD2KWiD2DIqwgmTYX0vH3et1ajWHyDTDcP9tilbxCPoLowQF6gmgHx9gD7qFkyAbO_ztDaIK0Y2TPgvjLVuMLOQmxM20l6816dcQtM2vZb-MBXF3UA6RX2k_yRE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0C61 0
0 47ms
46ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstg8gTfIgL8wg1qlESSHnL-TxPsIK7955G4hc_b3RJ5u63f-6yoIFkOjzBpG1LmmW7HfciW2yDLqFipkNRj71hoktavJXZ9ygjTVTEK6jpP07auRvTjVSlCU3-X6EVzfuKI6f-VQzP4wfLggbP5V4jhmUFB3oRjuQU3SgqDkPpDSM5EBK6Aw9FhHPr0e20hmjJu9wYtNMYlxGwvvgRXAhZmwnv6GzBeoZ8gR2kI8T8nWpPwogqDal8AcONGgVmVw0_kYHC02HORLJ4s5eOf7VC1ZP2gT0KWwrM7wwbadBVZSoCLa7UkEcYF8pS_epM-IDg&sai=AMfl-YSaWkHvx-xHQxS3brbuIzRJTyRZNVKgjuxbOqG1yhUqDKHzyK2Yj-JCqAzygnluKW6zYYuz1FH6n1FVyMcAcX6Oc_OjuUiAUSZS4o6PQZCMyTcF0PutLGbfx6E-qfc&sig=Cg0ArKJSzAeVOkQciHfVEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: quicklookfilms.com
URL: http://quicklookfilms.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:07:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK gumgum.html Show response
www.quicklookfilms.com/ Frame 9296 86 B
817 B 262ms
225ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.quicklookfilms.com/gumgum.html?7d868f85
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bd0a0fe45669607e4e7e53750082e363c0f80266f60f55df6c8bfefdab08a2a8

Request headers

Referer: http://quicklookfilms.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7f6e9174cb6630cc-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 15 Aug 2023 04:07:00 GMT
Last-Modified: Mon, 05 Feb 2018 17:53:53 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCtW3Fzz8W7g89dh4WfucCjqwMkbCr2BtzDrPUbw9kWi5QrvkPb%2Bmb6Vm1s8z9GTSw5Xii9Nm1ukkqbkzUNPsj%2B%2Bjwo1KiZH0n%2BIlBdoL23ewZ1BgWlighbzlMYuuZ83ntQSlsxDCUFh5eJkmpRIANZfE10D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
alt-svc: h3=":443"; ma=86400

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0C61 180 KB
56 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:07:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 04:07:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022307272333000/ Frame C55D 222 KB
61 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3425e60d41fe67180950e1f4a4a44d73b0310ab68903793795460f2a5d64c5d6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Aug 2023 17:10:59 GMT
age: 39361
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62103
x-xss-protection: 0
server: sffe
etag: "6fcd5b1d9cae0bc1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Aug 2024 17:10:59 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022307272333000/v0/ Frame C55D 15 KB
5 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Aug 2023 17:10:59 GMT
age: 39361
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Aug 2024 17:10:59 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022307272333000/v0/ Frame C55D 94 KB
28 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 08 Aug 2023 19:51:05 GMT
age: 548155
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Aug 2024 19:51:05 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022307272333000/v0/ Frame C55D 5 KB
2 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 08 Aug 2023 20:02:23 GMT
age: 547477
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Aug 2024 20:02:23 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022307272333000/v0/ Frame C55D 40 KB
13 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Aug 2023 17:10:59 GMT
age: 39361
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Aug 2024 17:10:59 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C55D 2 KB
2 KB 13ms
12ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 04:40:07 GMT
x-content-type-options: nosniff
server: cafe
age: 84413
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 15 Aug 2023 04:40:07 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C55D 295 B
319 B 14ms
13ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 45941
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 15 Aug 2023 15:21:19 GMT

GET
H3 200 3936274871284878550
tpc.googlesyndication.com/daca_images/simgad/ Frame C55D 12 KB
12 KB 13ms
13ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3936274871284878550?w=300&h=250

Requested by

Host: quicklookfilms.com
URL: http://quicklookfilms.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c7ed58b6498ec5cbf64102c06a356f15d515517e13822c3e416427f8662645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 16:10:54 GMT
x-content-type-options: nosniff
age: 302166
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12122
x-xss-protection: 0
last-modified: Sat, 06 May 2023 21:54:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 18 Aug 2023 16:10:54 GMT

GET
DATA 200
OK truncated
/ Frame C55D 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f48b70165801d9db4f0919d513f1ab52d21c5b55d294052bd2bebd5723bb29e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0C61 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10abe0e3f8d3246131236189482a4a999458ef5b834f17c5f1a1127f59786813

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C55D 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 04:40:07 GMT
x-content-type-options: nosniff
server: cafe
age: 84413
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 15 Aug 2023 04:40:07 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C55D 295 B
319 B 8ms
8ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 45941
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 15 Aug 2023 15:21:19 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C55D 0
0 52ms
51ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CMQeN4_naZPeyD_KL1PIP_eammAu2o9uJcpX656uUEa6BiPqbHhABINiNrQxglYKAgJgHoAGV09TVAsgBAakC4bU50YF-gj7gAgCoAwHIAwiqBOYBT9CvbP7CmlKgvtGzGerEymNqmMPMvOKcxswm7LOeRsq7cuNrweVIxIG0zdpaBpA-naYDWXz7-Ds9-Cmc3w0NzMIwho577elRPBs7hqhRPdipz-wDAwgkAIgYYTXJbkcZQbOGGck6z0ey6CNV28_YcNSC-KehmcVVzbOSGbb0Ftdbbs38ZxCoMqFSfkZokruontxeHfLi8lm-EacQ5cftbnqF7QzPGW4XraP_VbNaEEU0b_tdYV0SvlaSBbLWzzb90OMw3t6pNpHaYUY5-kFDNZXnCJCya80m5q8vBlfXlyft61hAQBPABMChtOK7BOAEAaAGAoAH06yrqgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCaxRLSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mglmaHR0cHM6Ly93d3cuY3JlYWxpdHkuY29tL2RlL3Byb2R1Y3RzL2NyZWFsaXR5LWVuZGVyLTMtczEtcHJvLWZkbS0zZC1kcnVja2VyP3V0bV9zb3VyY2U9Z29vZ2xlYWRzXzg0XzAxgAoByAsBogwIKgYKBMOwsQLYEwOIFAHQFQGAFwGyFx4KHAgAEhRwdWItNDA0MDc5OTI1NTc3NDQ5ORiKrBA&sigh=CSzFB_BsTZA&uach_m=[]&ase=2&cid=CAQSOwBpAlJWQBlnI_zZ--y8BFNPaM9heN3gS1VJ8reBNRXStFGeZG_-fxbzd72UfM0wyly02FMR5gq8PxmYGAE&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H/1.1 200
OK 1036.js Show response
cdn.tradelab.fr/fseg/ 7 KB
3 KB 7ms
6ms Script
application/javascript 152.195.132.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.tradelab.fr/fseg/1036.js?add=5415927
Requested by: Host: cdn.tradelab.fr
URL: http://cdn.tradelab.fr/tag/bed62a50a3.js
Protocol: HTTP/1.1
Server: 152.195.132.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CE1) /
Resource Hash: 4b0d2a5f52d1c4378af912df1a9f3b770c158c7435e8b74276e5debf27015a1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:07:00 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2016 10:12:40 GMT
Server: ECAcc (frc/4CE1)
Age: 593
Etag: "1c3f-536e0b16dcbe3-gzip"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1800
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 2621
Expires: Tue, 15 Aug 2023 04:37:00 GMT

GET
H/1.1 200
OK 727500.js Show response
cdn.tradelab.fr/conv/ 5 KB
2 KB 34ms
33ms Script
application/javascript 152.195.132.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.tradelab.fr/conv/727500.js
Requested by: Host: cdn.tradelab.fr
URL: http://cdn.tradelab.fr/fseg/1036.js?add=5415927
Protocol: HTTP/1.1
Server: 152.195.132.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lhb/6389) /
Resource Hash: b17981c772c85100a43af5ee83841e48f0028651329d8e492129c3cff12dc5b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 04:07:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 May 2018 11:14:03 GMT
Server: ECAcc (lhb/6389)
Age: 590
Etag: "1283-56d6a72d033a8-gzip"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1800
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 1627
Expires: Tue, 15 Aug 2023 04:37:00 GMT

GET
H/1.1

200
OK

/
its.tradelab.fr/
Redirect Chain

http://its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A727500%2C%22l%22%3A%5B%5D%2C%22i%22%3A7%2C%22c%22%3A30%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%...
https://its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A727500%2C%22l%22%3A%5B%5D%2C%22i%22%3A7%2C%22c%22%3A30%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22...

43 B
423 B

16ms
15ms

Image
image/gif

85.17.192.105
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A727500%2C%22l%22%3A%5B%5D%2C%22i%22%3A7%2C%22c%22%3A30%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=1074463&xur=quicklookfilms.com%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1692072418%2C%22page_url%22%3A%22quicklookfilms.com%2F%22%2C%22dm%22%3A%22quicklookfilms.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1692072418%2C%22prev_vis_ts%22%3A1692072418%2C%22curr_vis_ts%22%3A1692072418%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Protocol: HTTP/1.1
Server: 85.17.192.105 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.20.1 / Tradelab ITS / node5.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 04:07:00 GMT
Server: nginx/1.20.1
X-Powered-By: Tradelab ITS / node5.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

Redirect headers

Location: https://its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A727500%2C%22l%22%3A%5B%5D%2C%22i%22%3A7%2C%22c%22%3A30%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=1074463&xur=quicklookfilms.com%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1692072418%2C%22page_url%22%3A%22quicklookfilms.com%2F%22%2C%22dm%22%3A%22quicklookfilms.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1692072418%2C%22prev_vis_ts%22%3A1692072418%2C%22curr_vis_ts%22%3A1692072418%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Date: Tue, 15 Aug 2023 04:07:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H2

200

sbounce
ib.adnxs.com/
Redirect Chain

http://ib.adnxs.com/px?id=727500&t=2
https://ib.adnxs.com/sbounce?%2Fpx%3Fid%3D727500%26t%3D2

43 B
843 B

20ms
20ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/sbounce?%2Fpx%3Fid%3D727500%26t%3D2

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 04:07:00 GMT
an-x-request-uuid: caecc28e-633f-4650-9512-b2fe285a05c6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.38; 81.95.5.38; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 04:07:00 GMT
AN-X-Request-Uuid: ce3575b1-9c21-49e4-b9a9-52a32cabceca
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/sbounce?%2Fpx%3Fid%3D727500%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.38; 81.95.5.38; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sbounce
ib.adnxs.com/
Redirect Chain

http://ib.adnxs.com/seg?add=5415927&t=2
https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D5415927%26t%3D2

43 B
845 B

20ms
20ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D5415927%26t%3D2

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 04:07:00 GMT
an-x-request-uuid: 7965b70b-4506-4d51-b4fb-8f890b0f19db
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.38; 81.95.5.38; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Tue, 15 Aug 2023 04:07:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.38; 81.95.5.38; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b508a813-e2ed-4adb-aea9-4e936ba2c437
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D5415927%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

/
its.tradelab.fr/
Redirect Chain

http://its.tradelab.fr/?type=fseg&uuid2=2653647838545845123&sid=5415927&val=undefined&fun=1036&step=2&siev=5415923&fp=0&advid=1074463&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%...
https://its.tradelab.fr/?type=fseg&uuid2=2653647838545845123&sid=5415927&val=undefined&fun=1036&step=2&siev=5415923&fp=0&advid=1074463&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B...

43 B
873 B

17ms
17ms

Image
image/gif

85.17.192.105
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=fseg&uuid2=2653647838545845123&sid=5415927&val=undefined&fun=1036&step=2&siev=5415923&fp=0&advid=1074463&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F115.0.5790.170%2520Safari%252F537.36&ur=http%253A%252F%252Fquicklookfilms.com%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1692072418%2C%22page_url%22%3A%22quicklookfilms.com%2F%22%2C%22dm%22%3A%22quicklookfilms.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1692072418%2C%22prev_vis_ts%22%3A1692072418%2C%22curr_vis_ts%22%3A1692072418%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Protocol: HTTP/1.1
Server: 85.17.192.105 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.20.1 / Tradelab ITS / node2.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 04:07:00 GMT
Server: nginx/1.20.1
X-Powered-By: Tradelab ITS / node2.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

Redirect headers

Location: https://its.tradelab.fr/?type=fseg&uuid2=2653647838545845123&sid=5415927&val=undefined&fun=1036&step=2&siev=5415923&fp=0&advid=1074463&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F115.0.5790.170%2520Safari%252F537.36&ur=http%253A%252F%252Fquicklookfilms.com%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1692072418%2C%22page_url%22%3A%22quicklookfilms.com%2F%22%2C%22dm%22%3A%22quicklookfilms.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1692072418%2C%22prev_vis_ts%22%3A1692072418%2C%22curr_vis_ts%22%3A1692072418%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Date: Tue, 15 Aug 2023 04:07:00 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1 502
Bad Gateway ib.min.js
ads.gumgum.com/com/gumgum/ib/ Frame 9296 0
0 157ms
126ms Script
text/html 65.9.66.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.gumgum.com/com/gumgum/ib/ib.min.js
Requested by: Host: www.quicklookfilms.com
URL: http://www.quicklookfilms.com/gumgum.html?7d868f85
Protocol: HTTP/1.1
Server: 65.9.66.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-69.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0C61 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZ2zgwr7-zLmdpEvgiKWOEg-ve9Zr6AMILTinx_UasNisBMwumTSWA45HzhVFxQs9N4uvH_KP45d-smTOeIAHzb89_-QF0ePp_NZenHiu4q9NrDc7_BINDKzOc7O4FyAH5Z6zZEtksRFX-3u_NTHwO2a_PTmxCuE0ezE3rsYT5_BS6elSuIMbtdv_7zVeB0LWbZyfS6wyQZeZ3d-pUCw48CJRZZcFHBts2Hkse244BrHqZLGYE_Z2qrGwDHeLYx3F0SfD0wvC865nlFikXIVNaWP9Uq405ObK_aa2EL-Bg-eN-QgbTaEPWpy3a908tj-HNrw&sai=AMfl-YTMdxQrNxvPH9p7LVDnt7krgq-SmgZmdSy3LZIoHrgFfUMM1jwn1sm_y9vf2LtVqbOnQ7MYDAQX6ViiNGCAnz0raqi3x1KZ-lCJZ4yea0Fm0gL6rXUjuGNWFysVJLM&sig=Cg0ArKJSzM-KI91VUIEpEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:07:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Aug 2023 04:07:01 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C55D 42 B
64 B 51ms
50ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgaLJLr6BhZagoLOa1TMRy9wWsOfs0bVgHrBPCHH10WftQBiduS2BfvtJN0CVKS--Ie8MEHOfleQBUv73iRYOfeS1tc2vAfMf_UbYjCQV_GIw8GfHlDenMAd40dG6TdUiAFOy2QvpgknzBMHOrgumt41vjaA-daSZz6NvTEFH_yWxKubc7o029YvZObWkp9kLA5aYAT39EGr4bCCV4DoR5EtC967c0VOLwz3V7VgDMpTN9dpNzxUAmMMXfeb8Tawkm22CcfsZCIjZuvpTUiNyScIR1IMZ5QeZpFezLCsnRBN85T9uEPQLhNN9N-3ny79RuSxD4iml3IsIjXFlxrQKyMcKiuuBHkQy9lfO97uG4Q1KfQaK-cOpT-QGxerbwkyl9tWTd4VxBTYnnZD8_5MWUS8NZWz_cmCd_DtvbXjfoFXkHg8pICJ31KEOSYEKuGgJZrX61YWDbpJBNGUZ5CUgRA7_OrqUWyTbR4VPTxYZ6mHk2yYYMIx2LrXJIW-3K6x6G_Pzzj3plHLNEM5K_in4Ho1XvB6QvI0j7PhLhLBl7hNkDD7r_NjLuJv33OP94oylN6841drY0JCfeX1kDaCk_a3DrV8la3zK9JxxmrSwIWnigryJRthdwMFoYSGdUxkui5txk-NO1amgXUs9vYsZNkzf8c__-zGhFFePCsaSA5suJvBPimROK1kfNs8VluenYIE0NZw-0n2nkuqV38axxHfPtWZoZtHRPiiPTk4afGEbGTXF5hHteYrFCrAOLjE5mQK0lbk1vdGKGVnpFrhabjWB-wIOR_tnpijRjJO2_VE0F8OdYZip7WZW1W8ngxQJIR8ILy04AJ_I9nccjt4ruT1UfZpMEvg_4D2jyiKEQ6NxFJhNAElgGEq7gM6kKiG0vmCzgUM_Obuu8hDTcrImPMD2Rv968rxA5ft_2QasZaZhDvA029RfzPdH0VyqpcEnhs_6cwd-sekwonas-BKBpp2W49ryNNVK2iKtD4lYMm-At62sJOmhWhy2NPKcx3kabILv4HbFUHl6hOsI70WwMq_yrKWpjZCf2kLY451DjuLy9viTq-U3F9-jF0kGg50kpzfANc73AzMbt1b8-DkrCJ70YVVCri3V56HDzPGcNvFiHDugnUabJq-Gw9_T7CYoQkhmGrd21o7r4yss19F8VcF64JNsnRYLKXqM5gREhndDehkJPms9bFR0pNDw8_Tt-sCYWNexTwKwPIx6oex-PxB8W0ikZlgU&sai=AMfl-YShz0852qBBwazSY9Htngf_nUT_D_TxGe52bNM-nBDkNV-4rWp8eHjfCD31t3OAMaQ_68pWg_IKcGbuSeKO9ck6541PBOBF318m_EkJAao4MkhtdcfkDc6wHRTF3JD521A_K8q1jpT7&sig=Cg0ArKJSzHuPWVUS3buVEAE&cid=CAQSOwBpAlJWQBlnI_zZ--y8BFNPaM9heN3gS1VJ8reBNRXStFGeZG_-fxbzd72UfM0wyly02FMR5gq8PxmYGAE&id=ampim&o=1001,698&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=78&tls=1078&g=100&h=100&tt=1078&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://quicklookfilms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 04:07:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pickwicktheater.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDCAQDTAQD Value: JDEOIGBBJLKOEGLNMNCDHBBM
quicklookfilms.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6v3477p26cp02vhad10pqug1s7
.quicklookfilms.com/	1970-01-20 14:02:38	Name: _tlc Value: :1692072418:quicklookfilms.com%2F:quicklookfilms.com
.quicklookfilms.com/	1970-01-20 14:02:38	Name: _tlv Value: 1.1692072418.1692072418.1692072418.1.1.1
.quicklookfilms.com/	1970-01-20 23:37:12	Name: _ga Value: GA1.2.1278033552.1692072418
.quicklookfilms.com/	1970-01-20 14:02:38	Name: _gid Value: GA1.2.1585259465.1692072418
.quicklookfilms.com/	1970-01-20 14:01:12	Name: _gat Value: 1
.tradelab.fr/	1970-01-20 16:10:48	Name: uuid Value: 7634747833405548825
.adnxs.com/	1970-01-20 16:10:48	Name: uuid2 Value: 9125339332459230009
.doubleclick.net/	1970-01-20 23:22:48	Name: IDE Value: AHWqTUntCpAqhJTeEjysy2S3PaNAn_mbzGCD5MYq9cScHKT4_3p4BnY5ECLK3sGWDPE
.tradelab.fr/	1970-01-20 14:21:22	Name: uuid3 Value: CAESEIDaCLeKQdbvSq6U_KLR8gQ
.quicklookfilms.com/	1970-01-20 23:37:12	Name: _ga_HN4K57RHDY Value: GS1.2.1692072418.1.0.1692072418.0.0.0
.quantserve.com/	1970-01-20 16:10:48	Name: d Value: EGoBCQHbKYEA
.quantserve.com/	1970-01-20 23:31:26	Name: mc Value: 64daf9e2-bfede-59696-8e45e
.simpli.fi/	1970-01-20 22:48:14	Name: suid Value: 1CE53BEEE9DD41478189E655A1E1C327
.mathtag.com/	1970-01-20 14:44:24	Name: mt_mop Value: 4:1692072418
.adform.net/	1970-01-20 14:45:50	Name: C Value: 1
.adform.net/	1970-01-20 15:27:36	Name: uid Value: 1951698471453610027
.doubleclick.net/	1970-01-20 18:20:24	Name: APC Value: AfxxVi48tjfLACOvdPYqqO9kEpuVrCO3Y3VP5bExAuSBbCc55CZW2Q
.awin1.com/	1970-01-20 14:04:05	Name: awpv14702 Value: 412871\|1692072419\|2e3aa961-3b21-11ee-b98b-2233369fc7ee
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 365825:2531885
.o2online.de/	1970-01-20 14:11:17	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMzMDAwMDAwMDA2MTY5MjA3MjQxOXZsZWExZGUyMDIzMDgxNTA2MDY1OTg3OTA0MTc0NDQzWDExNzY3OVYxMjI2MTMyNzAyTVN2aWV3b25laWR4MnFGUWZBZjN4RVNQSGRIenRRdFJSZ2M3UzZUS0QxQ0I5YnpvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTI4X1dFQkdBSU5TTU9TVExZMTE3Njc5
.o2online.de/	1970-01-20 14:11:17	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 14:11:17	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023081506065987904174443X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMzMDAwMDAwMDA2MTY5MjA3MjQxOXZsZWExZGUyMDIzMDgxNTA2MDY1OTg3OTA0MTc0NDQzWDExNzY3OVYxMjI2MTMyNzAyT
.quicklookfilms.com/	1970-01-20 23:22:48	Name: __gads Value: ID=582d8d9d8a86644e:T=1692072418:RT=1692072418:S=ALNI_MazgP0D5wh3wPW3DP23medlZdqlEg
.quicklookfilms.com/	1970-01-20 23:22:48	Name: __gpi Value: UID=00000c608e7dede6:T=1692072418:RT=1692072418:S=ALNI_MY04qT8X3qyJSR9SnfFneVc-cdGng
.quicklookfilms.com/	1970-01-20 14:02:38	Name: _tlp Value: 1036:5415927
.quicklookfilms.com/	1970-01-20 14:01:14	Name: _tls Value: *.727499,727500..2653647838545845123
.adnxs.com/	1970-01-20 16:10:48	Name: anj Value: dTM7k!M4/8D>6NRF']wIg2E?evAZ)Z!d8QSe!Lyrcd#A^e+.<Q!<!8BewL+B
.tradelab.fr/	1970-01-20 16:10:48	Name: uuid2 Value: 2653647838545845123
.tradelab.fr/	1970-01-20 16:10:48	Name: iev0 Value: eJxljksKwzAMBe/y1ln4b8dXKV01bjGUECynG5O7R6lJKHQ3GiE0DVJ4Y5xGbCiVEKUblfDKSB+CHVAec0UUDNNaOrDJnWjpu3el/Hf5XGfEW0OeEPmLdhhA6cWDNdKOyh9zTp9L6EPUtLBQX/ypUSJoye6sobOGrhrqNdt923YeWjgk

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://script.crazyegg.com/pages/scripts/0031/7338.js?470020 Message: Failed to load resource: the server responded with a status of 410 (Gone)
security	error	URL: https://as.ad4m.at/ad/dr?ed=1kt71fxer9gbvp4k0pj46bn8fgjvvccx4z112c8vzzyd4qm5ag61e63bfzcj3y78zhxmt47fcb4jet3bj8xvh1pnfeb5wbj8nn2bzzyk3qpds0v53arxc72y6f1var8nghtgxtyjqmn571jyes7vj26at2dv4wc9kddydtz7j3nc35fe7sef8nwh1wg3vdtkv7sfv161km2v3bs0canvt1qqn1cqxt47hnex6qk6pg8brsrgwkfjn1yt5vmbmm3h3cgn4a3ey3mqt01sxad5d15hh2ey5vn5cbmkp8f3aknpk73dgx4kkdk29jdagn4911jynjqmh7vgv4s2fk0qxgqrzghbndp5y00k2jq0e8ff9bfwt6hwd2v9aza9578da916w2925gd7wgecc4mdakzenf50z2tkw8xenkwfytrt9kcm945a4nzp07b3fn373n69chm18w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChCcD4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTvAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWPGMqGrT4etkIkU75Gm1YVX2eavTxMe_QX0Vn2NQtz2FaUGmdBCg1xyF4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1St17gwTzTdYFhEsuBRmUFJNQq_g%26client%3Dca-pub-4040799255774499%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=764fcabfacff8dae63aa1b826826547d%2F14148517134724449064&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692072418868&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gnk3vs6k4n8cs7c6njaghrz8w2v9e0gjdgvhdcmn1rtf3z3h5n2vhsrymfyshycxhh6vx0k94n60egg0fffjj2x9fv65jpg545zpnq29c6j96811rd5kfzvfg5jt0hda003mg5aver5ks7gkv213t1y88q7v5ty9ad7f60dmmatnhddkpnaf22x1fav717y0yevc44gkcj2bqw6xsnj3t063p4ecwztp08vz57a877vz6yczjkg2ngan0dtdaqfxtzjmjz8m08x0jfj6zvwjvawzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChCcD4vnaZOusC4afgAfm1Lq4C5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTQwNDA3OTkyNTU3NzQ0OTnIAQmpAiKZp8m8TLI-4AIAqAMByAMCqgTvAU_QYjiy3AUzAt8TjfgHCH9mj1beGdR5f5fU8uqbU6VOuD-KU4sIevRy8JguemyRgW3Tvtc5eZhiWOXul_W6O-Wbtkkzc3SVHJxLr8mjWCojK9J553N9MJi0SCg5TASFifpboGysBmH_9Hl_CMtTNVPNE0G_OfS-AVEfhxwsSfKRdTWT-RWon7kwCej6dHhfYOj8EZ3L4ZnuFwUeAj6Qc7dABufqrYIY_K__-Q3c893dSbNyYavN9VXvYHZa35hZ-pNOAvFLWPGMqGrT4etkIkU75Gm1YVX2eavTxMe_QX0Vn2NQtz2FaUGmdBCg1xyF4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1St17gwTzTdYFhEsuBRmUFJNQq_g%2526client%253Dca-pub-4040799255774499%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
network	error	URL: http://ads.gumgum.com/com/gumgum/ib/ib.min.js Message: Failed to load resource: the server responded with a status of 502 (Bad Gateway)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

838c44d4b7ea4b5be577b3b4f4810dc9.safeframe.googlesyndication.com
ad.doubleclick.net
ad4m.at
ads.gumgum.com
ajax.googleapis.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
b.scorecardresearch.com
c1.adform.net
cdn.ampproject.org
cdn.jwplayer.com
cdn.taboola.com
cdn.tradelab.fr
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
dclk-match.dotomi.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
ib.adnxs.com
its.tradelab.fr
maxcdn.bootstrapcdn.com
movienewsletters.net
odr.mookie1.com
pagead2.googlesyndication.com
partner.o2online.de
pickwicktheater.com
platform.twitter.com
prod-rtb.ad4mat.net
quicklookfilms.com
region1.google-analytics.com
s7.addthis.com
sb.scorecardresearch.com
script.crazyegg.com
securepubads.g.doubleclick.net
static-de.ad4mat.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync.mathtag.com
syndication.twitter.com
tpc.googlesyndication.com
track.webgains.com
trailers.movie-previews.com
um.simpli.fi
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.movienewsletters.net
www.quicklookfilms.com
www.telefonica-partner.de
x.bidswitch.net
104.244.42.8
13.32.99.105
13.32.99.90
142.250.185.198
142.250.186.130
151.101.1.44
151.101.65.44
152.195.132.24
167.233.13.224
18.198.19.227
18.66.147.98
185.29.134.244
185.89.210.122
185.89.210.180
2.16.96.119
2001:4860:4802:32::36
216.41.211.69
216.41.211.76
23.56.205.163
2600:1901:0:76b9::
2600:9000:225e:4a00:1:a3fa:7cc0:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700::6812:acf
2606:4700::6813:9308
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2004
2a00:1450:4001:830::200e
2a00:1450:400c:c09::9d
2a02:2638:d::d
2a02:fa8:8806:13::1400
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
34.160.236.64
35.178.127.134
35.204.74.118
37.157.3.30
52.56.87.167
65.9.66.69
84.200.5.215
85.17.192.105
85.17.192.106
0017f73e43d09649abe61c8b2316f73e06bf107cec3f42f29accd94ebba07c12
01417f6a12673d8cca8b8254812ee9e13352adc6e63029f88e04a554e6189a2c
020f299b8941a9e9e364af5a985a77dfa0e300a30f22bfe78b1fd03a7a37a72f
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
0378ab4d35436e3488b455ec8edce4c7ef96cc56cdef63e42e0ad306d37548b0
074db9746bcdd36aa0b58213908b8651049a5f5911f9e8872c2fb94300b82fbf
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0ab340987711378e8cb5582b1f97f6938037712213396d8e7c7f8fa7b1ab4e5a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d1cb4b0238ec323a99cb8f9f53371f65403f15d700d0b439c63e55dd500e9b1
0e63eb6748cf55aef366ebc7983f036ad435162b132f7caf6829016c16a6e5a6
10abe0e3f8d3246131236189482a4a999458ef5b834f17c5f1a1127f59786813
12ef509e3b166de568e88799d8ac9fa337f2af6c7460fbc60f0b96e01d254356
13b500b0c7e8e1d25b6740ec2cdd6c3c55c78d8355499780b1395c3dcc3dd519
13f41b2adb85d872da382b45c68f9d1a69d9c63861bd7a42f69008fbf512f509
155f7cf453d9cc2e003d0ccc540b2694914f1318942bdb26fd2dd1c752e11f89
169dfb506b814bd50fd1876b301c78ce8213af7e5dcbbb1f5da713f9d67fd909
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1abae03685f3c4ca8f33a90a649fd09d397f626245298123004efa7b4e3da28c
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b4bec50c054991769c1b419934f0a03eb8c52439aad4befafddc1afbdcb8e40
1c0486acafe63a074adbd08ecc9cad99ee106f3701e2b93c2a75533774f7faba
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d005e54c557c7b45e4dbbe2abb05bf33bb52631faed17189da60940b07c25ae
1e37c18b39bde02cc0eae871e8d177c1fc8eba913257e7d8384ccbfc3efd126d
2490fea191b5a798a27664468e329cc9c3d3fedf5e3c7859e9f9533dfd339d07
249d3f782895ab1fa4b7b403c51e1daa1bd3def9e6ba4476e4517d776e62f37d
24a72f979982be644eaef37a9f764e5cf3a2cf08490b15f531161add38dfb0cf
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
267b275469d80fcee88cb0c04a143f032c8d3012a93db9a4a054c38056456746
26db08d82f9e12bf4deabaf49e223ce1078ef03d1f4810753edee13e6a1cb149
277dcbd87d742dfbdb42b3e53fc7c95c9fe3867ddc14464359500839cce66e6c
27abaf9ac46473867f36fe71c0a8b0c68e5dd45278df8caccd9d6a024cbf8b1a
2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67
2bb0e70d013d7a0d2b841aed68b8690e77a66322823d2d4c427a68c8db3039bf
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
3425e60d41fe67180950e1f4a4a44d73b0310ab68903793795460f2a5d64c5d6
34b102cb7689409fd1c3c180aeb1fd3f0b8bf0b47ab25c74c42eaff574e661a9
35d275bbadda61a938ffb05a36aad0f756840a0d0b04710fb6754a0ab553b12e
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
399cfac34c50950373ef31afdf1b09cbdc731c3c072a3ab27f5b8c3cc17b3098
3dc015eb92c3cfb217bf08306b8e68bae9b41cde0b4100deb59f17cd81b45c78
3f1415b649457113ddf57c4b1b9877cecaa55812f2c48e35871f6ae797713415
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
421211c61f741d85da3a8c808b158c0cadb52ea6b7c714e22624e8b1e322c2c5
4289a0cb6e10f86dfe4469aebd5699ce251b879223905d47fdac6acc6ecf54e6
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74
43d0f20a050d600d37b87e2eadca3a964c204a2b7cc78008853c95dac4d0d9fa
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4678201b0274f75c6f34a6810d09fe2e90eb9cd736c0cfd7487f1d7974569c4b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
4953713508b5ac4dc874f1cd23c1926b3bfa11056bff502ca07942863ff1044c
4b0d2a5f52d1c4378af912df1a9f3b770c158c7435e8b74276e5debf27015a1d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c1290525a657b4ecded05fa6353f2bd355a256e017c41363e04dbf8a702981e
4c795f340fd73e0232bce6bb770d7ae9388c76ca5743ed81daf3ba881898749c
4f4996a11cea37ed11a61cb87ca9e08d4e86c304fae4cd544945b5c0c7f9ea40
5007dddd8321dc02952eaf9be83c7ffec73ebf4fdefcbfb8968d9f2b853a702c
50f1a9d613aa252f622a0bc97c69d868534c5397b7bdcd9b2a84a68a8766638a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ecb255faaf5ef40b325def1fe3ed203589d761ddaacc784fd9401c651156d2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56bfeb4337290e6235a15bd50843785ea883b1a91888e439d86453c4b5507c71
58d668a9d1eebf9c884fad67cdeb9893f7d8d4ed12cf102b897ac21ad140f5d4
5947718a3d3aff9abaa74cf205ff2a663bf897621783c41486bf19fad5d8f619
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5e1eecc92a892bfb471410f40fd44efa0aed2436b9abebfaa91a5ddfae456412
601b0d76b7835742df77dc85298ce05864fde10002999ecf3c8cf0e1d1649cda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
632f78fa4efd78873ab837b56d910fc8264856f6d34fe6ca5bb4b18f8e7ef632
6360ae9b956833f04c24380614aebe1f09861af62e3417dfebac2ca89a275740
648976a80e9a7b52bf60b724b5f4c3570e9279f07d9c02ed111694895ec99fdc
64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65d2bc51024978b3dfb6cf6d8497e689251e857107ac4e19fb32cb11b6dd3796
66122fb16f80444b6ba7aebe0fdffe0322e77474d72f7bc5cc23cb36fcb73673
6831b61f057e76a158f30d1ed121779395dd7c23f50240aa183292086f469551
6a258a52248ab55c4f9c1d8561aea95ceb2da16789b8dafd1bc81ef896e5c4eb
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb36559e0c2ed129529ede7b488c3ffbea0618712d65a0bb9600e795947f44e
6bc42477ca6cf8db8a46254cb6cac167056ff433853ebe21d0def3c246d39e01
6e263d41c9e9d77e6770c2a58cc94f20394d02f3d3b69559b569a30fc73857eb
6e2f26a50e7c26c399e5a964f69d1beac4803ebddaf4e3b946c7207a30d0033b
6f85fd31f5c57c7d36de63e3c83ad32fce34b5865689e1a096816aa29964e929
713a5085778002ac882de664c065bc7a55a26c6091d12c39a038bac7b70dcf45
720e578c10601e99c2e8aeabcc85dce4992ab67beb5beafbbae2c8beda048858
729cfa84928e7a87a4a4551df25c1406da86af8f0ebd2f579460546d11722326
7545aa14eecb86922da7d862be33d1b06ca00667d051a7b2fab808de34340ca9
75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e
7a4a63c52bdfab0ab459b1b77dad4a4ce4e1f7dfdfdba0b2013ba32f0690e15f
7cccd8f78bd73c79f1281052eb4c9bdf6f38386fca206da9954fdf24ab0784af
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fdf37b4aeb89696aef1c1367c6d6ee2c1ec30649412f8add066fb69768540aa
8032af7ae883eaacc49496505827472ffb576d6f7007340d2e2ea713ef26d6db
872ecbfe4bc926363100290fceb390fcba72e29102e0c0720ef511a396095f13
9013a9ca40a672ee35978b117e54d8b342cb591e8951f599a2b6dfef9d9fa723
92fb8e8b0813f4baec3a5429fbd0befcda4b10f0736b500fdcdde583d487981b
9593840b3f6515729ef624ba0ce327079e5bb525c1baa2471e3d950957750294
959af9fb0ad51d0ddc87609f764eb301065454a440c2528a9501b2e25b1b7409
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
98083ffea7eb52ce6b47022ca28825d390edf3eb0319720a5f146827d7464b0d
99b13726936c336d2c1413b6dfd28f7f1503df1500909f6bc2ed873bf298add3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b725056b2fe2b144719e8120457f251eb85b9a8c776753cbadef3c0deb6dd05
9c07d5605217e10c21c991da8655bc0d2c4c3fb4b282b0fb29ca63b5edc57104
9e4fb526a90c00538f57fabb7896d68ea2a83eff03a2090f59b894df071bb20a
9f17e290ff96f369cd54d033177249d1038c508872ff8a76fe92540d7da190ea
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0fc6dc4d8d275c833bf9b389ffa75ad29c226104301d521738caa05f9df3715
a2127d567bf0926bea0aa0fce54ccf1df723d7baabb228fa2cc97b13acd1850a
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a460c346f2f67ba91b91cc217745371f313fd097dee8fd728729042a914f060c
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a770d8a34b2c504fef5775d60575a045b80bf33724f67c95d6fd903f0c05c831
a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad232e826d2e8632b094ded70aa2a91655fc5dfbb860741a71788ab5f149e803
b17981c772c85100a43af5ee83841e48f0028651329d8e492129c3cff12dc5b7
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
b6d292cbd0ce1bd350e48db38c1e8ac66d0b31f5ebc11217cefc8dda01d3478c
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
bd0a0fe45669607e4e7e53750082e363c0f80266f60f55df6c8bfefdab08a2a8
bd18e405cbfb6fb5c27224b38e792c8b6542d9b7eae37aa5883808b69392dcef
be3aa030dc7bf5db14638aaf4a9d93b2447bf461fce2cfa5b142d2f50748bad7
c1c7ed58b6498ec5cbf64102c06a356f15d515517e13822c3e416427f8662645
c714b65b9619243dbf424acc75547206ff10b204bfa1cec7ed80ca8b7f9cb74b
c7e9518c0a603d1bdf794fc71eb0b9fe3fda32f1916023ced131ec4f2e2cc24c
c8ddbe4166c81f83e536dc3418b12f5975d9c6a3d8bc5c11e4e1aa9c4f7c5d80
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb656daa5ff85c76c7e937c6224671b2cb3b8a6b97da623a77450e8a288d45c9
cda4b38b39e069aa2813486847385336d428d24a0c67734594116100328774e7
cf6bcb9a434df957d8328130e844d3a1c14a97fe0989c4bb0893371f5f8c447c
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7e1d11e09ae5619685a66e50267d80bc6b716e2a3d9377b922ead3c32cba527
d86201bcc52d0dcf876787436da7fdf46f20745e87ad675e420bcecf706275c7
d9e88e50017aa3bdee310cf9b081cc729d10851438070983ee041e508ea84d2d
da7f639dfff5d11ba9070a3b70961d1b06bf9a34a5915e9ef6047b4202850597
db5ca4358269ac48a571ae480d3608aa8af1db6c1143fc00d00de28c6b7de46a
db690d7236877ba9f0db11c61c3bec4292c4ea29167f53739640e56e02254772
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df7daa6c10057b114a356f62a08063db854417b44195f64af8fd07a6efd89b5d
dfaee2323709489095c5daa4d9bd219f667265e928513884ed5988ef3f2a414c
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
e29e39f6d04b2d507ee2b0e46e8d0e6d8d38031ce743904604b26806a5138496
e2ed6759ecef104b7df154a21ea4b5943b06fd19806f00b861f5fe53061b6400
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e9cdbebb93c076de37e208742a252641c50a5a527efcee16fd18dff10f237e36
ea9a6623d05c1e2433786c3c0a9857e8dc53bd55a511755d93727f3c3e739396
ec7472b427acf3defeca6cc77fb6e72019339a9d5c076c7c1c4255722dfb1438
ece3d90fa14a5ed71fa5dd1c217416749cb35e146de8acd1da37ea75db4a11a2
ed555a279183c054222c873e78d92c40b512498e49359b6abfda36048f141988
eefd62bfe6d0ad2f3f2b7bddb8f2c46d7c8b6ed4897e3f9309968a58dc078753
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effc9624fd64d670ca3a9d946e8c5d2c0957c7549dca021f9cc3060ebc2e6815
f39159bf7db2f0a379ed9de4d877e25feada0e2dc57bd86c53a0df5c1370709f
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f48b70165801d9db4f0919d513f1ab52d21c5b55d294052bd2bebd5723bb29e8
f6c57e3349477c34044156dbd5d0c4821b5cf5f097ce64a1c1b5160a9117e4c5
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
fc2b95ca04d8f99be868a76093b09e4d5569efe1da473fbc86834c42a7f72e07
fc5ab5e78e6defc471c440f6056bf0d3be1c7c792fd585a1aa88f9e18a2fac88

quicklookfilms.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

215 Requests

52 %HTTPS

51 %IPv6

42 Domains

59 Subdomains

47 IPs

8 Countries

5952 kBTransfer

11362 kBSize

31 Cookies

3 Outgoing links

Page URL History

Redirected requests

215 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

quicklookfilms.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

215
Requests

52 %
HTTPS

51 %
IPv6

42
Domains

59
Subdomains

47
IPs

8
Countries

5952 kB
Transfer

11362 kB
Size

31
Cookies

215 HTTP transactions
6 data transactions