urlscan.io logo urlscan.io
SecurityTrails logo

www.lebanonfiles.com Open in urlscan Pro
2606:4700:20::681a:a47  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lebanonfiles.com/
Effective URL: http://www.lebanonfiles.com/
Submission: On September 01 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 149 IPs in 19 countries across 130 domains to perform 672 HTTP transactions. The main IP is 2606:4700:20::681a:a47, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.lebanonfiles.com.
This is the only time www.lebanonfiles.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 91 2606:4700:20:... 13335 (CLOUDFLAR...)
2 9 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 35.157.179.180 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 52.216.60.56 16509 (AMAZON-02)
4 2a03:2880:f08... 32934 (FACEBOOK)
2 34 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
38 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
14 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 158.69.254.144 16276 (OVH)
1 2600:9000:225... 16509 (AMAZON-02)
1 18.196.91.239 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
7 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:21f... 16509 (AMAZON-02)
54 2a00:1450:400... 15169 (GOOGLE)
9 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a06:8640:764::2 55081 (24SHELLS)
2 212.36.83.246 15699 (AS_ADAM A...)
1 145.40.97.66 54825 (PACKET)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
8 15 185.89.210.122 29990 (ASN-APPNEX)
1 185.106.140.18 7979 (SERVERS-COM)
1 8 193.3.178.4 399668 (E-PLANNING-)
2 3 185.184.8.90 204995 (RTB-HOUSE...)
3 81.17.55.99 60781 (LEASEWEB-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.240.50.85 396982 (GOOGLE-CL...)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
16 185.165.240.175 49981 (WORLDSTREAM)
11 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:310... 20940 (AKAMAI-ASN1)
6 2a00:1450:400... 15169 (GOOGLE)
1 8 2a02:2638:3::c 44788 (ASN-CRITE...)
2 2a02:26f0:310... 20940 (AKAMAI-ASN1)
10 212.8.250.83 49981 (WORLDSTREAM)
3 2a00:1450:400... 15169 (GOOGLE)
1 178.250.7.13 44788 (ASN-CRITE...)
1 7 51.89.9.254 16276 (OVH)
5 2a00:1450:400... 15169 (GOOGLE)
1 1 137.74.6.209 16276 (OVH)
1 2 3.126.69.45 16509 (AMAZON-02)
5 172.217.22.35 15169 (GOOGLE)
5 23.32.184.192 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
4 142.250.186.98 15169 (GOOGLE)
1 1 104.79.25.60 16625 (AKAMAI-AS)
2 23.218.210.30 16625 (AKAMAI-AS)
1 2a02:26f0:780... 20940 (AKAMAI-ASN1)
7 162.19.138.119 16276 (OVH)
2 5 52.213.174.162 16509 (AMAZON-02)
2 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 81.17.55.161 60781 (LEASEWEB-...)
3 185.86.138.124 201081 (SMARTADSE...)
3 185.132.133.133 49981 (WORLDSTREAM)
1 185.64.189.226 62713 (AS-PUBMATIC)
8 13 69.173.144.165 26667 (RUBICONPR...)
2 2 52.222.214.88 16509 (AMAZON-02)
2 52.222.214.35 16509 (AMAZON-02)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
2 35.157.81.77 16509 (AMAZON-02)
2 6 104.18.39.155 13335 (CLOUDFLAR...)
1 37.157.6.233 198622 (ADFORM)
2 6 34.98.64.218 396982 (GOOGLE-CL...)
2 2602:803:c003... 26667 (RUBICONPR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 18.197.118.54 16509 (AMAZON-02)
13 25 142.250.185.98 15169 (GOOGLE)
1 1 193.135.9.129 48314 (IP-PROJECTS)
1 1 217.79.178.221 24961 (MYLOC-AS ...)
7 35.71.131.137 16509 (AMAZON-02)
1 69.173.144.138 26667 (RUBICONPR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 142.250.185.194 15169 (GOOGLE)
2 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 2a05:d018:d29... 16509 (AMAZON-02)
2 4 209.54.182.161 16509 (AMAZON-02)
3 6 52.95.126.138 16509 (AMAZON-02)
1 3 37.157.6.243 198622 (ADFORM)
13 2606:4700:10:... 13335 (CLOUDFLAR...)
1 67.202.105.33 32748 (STEADFAST)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 23.213.168.226 16625 (AKAMAI-AS)
2 4 3.71.149.231 16509 (AMAZON-02)
3 8 18.185.210.119 16509 (AMAZON-02)
3 3 178.250.7.11 44788 (ASN-CRITE...)
3 7 185.86.139.101 201081 (SMARTADSE...)
2 212.36.83.245 15699 (AS_ADAM A...)
6 8 37.157.2.229 198622 (ADFORM)
2 98.98.134.241 21859 (ZEN-ECN)
3 4 34.111.113.62 396982 (GOOGLE-CL...)
1 2a04:4e42:600... 54113 (FASTLY)
1 2600:1f16:e61... 16509 (AMAZON-02)
2 7 198.47.127.19 62713 (AS-PUBMATIC)
1 2a05:d018:24:... 16509 (AMAZON-02)
2 2 34.254.109.178 16509 (AMAZON-02)
1 54.78.254.47 16509 (AMAZON-02)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
2 3 34.111.131.239 396982 (GOOGLE-CL...)
1 1 54.154.110.236 16509 (AMAZON-02)
1 34.160.236.64 15169 (GOOGLE)
2 18.202.14.156 16509 (AMAZON-02)
1 168.119.146.39 24940 (HETZNER-AS)
3 4 151.101.66.49 54113 (FASTLY)
1 1 34.199.23.6 14618 (AMAZON-AES)
1 2.23.197.190 16625 (AKAMAI-AS)
8 2a00:1450:400... 15169 (GOOGLE)
3 3 54.204.16.44 14618 (AMAZON-AES)
2 2 188.42.196.115 7979 (SERVERS-COM)
1 3.77.18.147 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
2 209.191.163.152 14744 (INTERNAP-...)
1 44.193.104.224 14618 (AMAZON-AES)
5 5 46.228.174.117 56396 (AMOBEE)
3 12 76.223.111.18 16509 (AMAZON-02)
1 1 8.2.110.113 46636 (NATCOWEB)
6 209.192.201.180 7979 (SERVERS-COM)
1 1 35.210.239.72 15169 (GOOGLE)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 7 172.64.148.101 13335 (CLOUDFLAR...)
1 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 54.160.39.45 14618 (AMAZON-AES)
3 3 2001:678:cb4:... 56396 (AMOBEE)
12 198.47.127.205 3257 (GTT-BACKB...)
1 1 2620:116:800d... 16509 (AMAZON-02)
9 185.64.191.210 62713 (AS-PUBMATIC)
1 1 34.111.129.221 396982 (GOOGLE-CL...)
3 4 54.147.123.103 14618 (AMAZON-AES)
1 2 35.204.74.118 396982 (GOOGLE-CL...)
6 2404:6800:400... 15169 (GOOGLE)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 35.186.193.173 15169 (GOOGLE)
3 3 213.155.156.166 1299 (TWELVE99 ...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:1901:0:7... 15169 (GOOGLE)
1 167.71.9.19 14061 (DIGITALOC...)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 185.80.39.216 27381 (CASALE-MEDIA)
1 1 23.197.149.186 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 4 142.250.184.230 15169 (GOOGLE)
4 4 84.200.5.215 44066 (DE-FIRSTC...)
2 167.233.13.224 24940 (HETZNER-AS)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
4 185.64.190.81 62713 (AS-PUBMATIC)
2 98.98.134.243 21859 (ZEN-ECN)
1 3 35.186.253.211 15169 (GOOGLE)
2 8.2.110.24 46636 (NATCOWEB)
1 1 82.145.213.8 39832 (NO-OPERA)
5 5 52.17.126.53 16509 (AMAZON-02)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
1 2 77.243.51.121 42697 (NETIC-AS)
1 1 141.94.170.77 16276 (OVH)
2 2 3.122.33.245 16509 (AMAZON-02)
1 1 134.122.57.34 14061 (DIGITALOC...)
2 72.251.241.204 32475 (SINGLEHOP...)
1 1 35.214.155.7 15169 (GOOGLE)
1 1 193.0.160.131 54312 (ROCKETFUEL)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 1 35.186.154.107 396982 (GOOGLE-CL...)
1 195.5.165.20 44968 (IPROM-AS)
1 1 141.95.171.141 16276 (OVH)
2 2 141.94.171.214 16276 (OVH)
1 162.55.120.196 24940 (HETZNER-AS)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
672 149
91    2606:4700:20::ac43:441e (United States)

ASN13335 (CLOUDFLARENET, US)
lebanonfiles.com
www.lebanonfiles.com
backend.lebanonfiles.com
9    2606:4700:20::681a:a47 (United States)

ASN13335 (CLOUDFLARENET, US)
www.lebanonfiles.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    35.157.179.180 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-179-180.eu-central-1.compute.amazonaws.com
tpx.tesseradigital.com
3    2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
5    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    52.216.60.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
4    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
34    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2600:9000:2156:5000:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
1    2600:9000:225e:5e00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
htagpa.tech
2    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
38    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700:10::6814:81f (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
14    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2606:4700:3033::6815:5ea5 (United States)

ASN13335 (CLOUDFLARENET, US)
palibzh.tech
1    2606:4700:3037::ac43:8a15 (United States)

ASN13335 (CLOUDFLARENET, US)
palibzh.tech
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    158.69.254.144 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns548341.ip-158-69-254.net
s4.histats.com
1    2600:9000:225e:3000:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
1    18.196.91.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-91-239.eu-central-1.compute.amazonaws.com
fd.tesseradigital.com
4    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
7    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
c34d8e1ae512c01cdaf6d8af50b8937d.safeframe.googlesyndication.com
cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2606:4700:3037::ac43:c1e6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.exitbee.com
4    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2600:9000:21f3:a000:f:a31d:75c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.optad360.net
54    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
9    2606:4700:10::6816:2560 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
1    2a06:8640:764::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
2    212.36.83.246 (Terrassa, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: lb2.vdmy.dtic.es
d.vidoomy.com
p.vidoomy.com
1    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
15    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)
rtb.adxpremium.services
8    193.3.178.4 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
u-ams03.e-planning.net
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
3    81.17.55.99 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
1    2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    35.240.50.85 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 85.50.240.35.bc.googleusercontent.com
s.exitbee.com
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
16    185.165.240.175 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-165-240-175.hosted-by-worldstream.net
ad.vidverto.io
11    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
16    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
4    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a02:26f0:3100::1735:2899 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ads.projectagoraservices.com
6    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    2a02:26f0:3100::1735:287b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.projectagora-adtag-library.com
10    212.8.250.83 (Rotterdam, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl
ad.vidverto.io
3    2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
7    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
5    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    137.74.6.209 (Warsaw, Poland)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-02.adpartner.pro
a4p.adpartner.pro
2    3.126.69.45 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-69-45.eu-central-1.compute.amazonaws.com
x.bidswitch.net
5    172.217.22.35 (United States)

ASN15169 (GOOGLE, US)
PTR: tlv04s04-in-f3.1e100.net
csi.gstatic.com
5    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2a00:1450:400e:9::7 (Ireland)

ASN15169 (GOOGLE, US)
rr2---sn-5hne6nzs.googlevideo.com
4    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
www.googleadservices.com
1    104.79.25.60 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-25-60.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    23.218.210.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2a02:26f0:780::210:ca80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
7    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
lb.eu-1-id5-sync.com
5    52.213.174.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-174-162.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
bcp.crwdcntrl.net
sync.crwdcntrl.net
2    2a02:26f0:3100::1735:2883 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.projectagora-adtag-library.com
1    2a02:26f0:480:e::210:f104 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
apps.sascdn.com
1    81.17.55.161 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
euw1.smartadserver.com
3    185.86.138.124 (France)

ASN201081 (SMARTADSERVER, FR)
www8.smartadserver.com
3    185.132.133.133 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-132-133-133.hosted-by-worldstream.net
cdn.vidverto.io
1    185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
13    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
2    52.222.214.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-88.fra56.r.cloudfront.net
cdn.kdaimo.com
2    52.222.214.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-35.fra56.r.cloudfront.net
cdn.kdaimo.com
4    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    35.157.81.77 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-81-77.eu-central-1.compute.amazonaws.com
tlx.3lift.com
6    104.18.39.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
6    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
projectagora-d.openx.net
eu-u.openx.net
u.openx.net
2    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
2    18.197.118.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-118-54.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
25    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
1    193.135.9.129 (Germany)

ASN48314 (IP-PROJECTS, DE)
ads.smartstream.tv
1    217.79.178.221 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm49.as.net
cm.adsafety.net
7    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
1    2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
2    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    2a05:d018:d29:3601:94c2:7e1f:39b:9367 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
6    52.95.126.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
13    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
ic.tynt.com
1    2606:4700:e6::ac40:c509 (United States)

ASN13335 (CLOUDFLARENET, US)
adxbid.info
1    23.213.168.226 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-168-226.deploy.static.akamaitechnologies.com
acdn.adnxs.com
4    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
cms.analytics.yahoo.com
8    18.185.210.119 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-210-119.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
7    185.86.139.101 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    212.36.83.245 (Terrassa, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: lb1.vdmy.dtic.es
a-prebid.vidoomy.com
a.vidoomy.com
8    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
2    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f16:e61:3f02:77d9:b48f:f0d0:e412 (Columbus, United States)

ASN16509 (AMAZON-02, US)
dmp.v.fwmrm.net
7    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2a05:d018:24:b002:d052:5c52:5326:4d26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    34.254.109.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-109-178.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
2    85.114.159.118 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    54.154.110.236 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-110-236.eu-west-1.compute.amazonaws.com
aa.agkn.com
1    34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
2    18.202.14.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-14-156.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    168.119.146.39 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.39.146.119.168.clients.your-server.de
sync.richaudience.com
4    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    34.199.23.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-23-6.compute-1.amazonaws.com
usermatch.krxd.net
1    2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com
tags.bluekai.com
8    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
3    54.204.16.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-16-44.compute-1.amazonaws.com
ssp.disqus.com
2    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    3.77.18.147 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-18-147.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2600:9000:211e:da00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    209.191.163.152 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ap.lijit.com
1    44.193.104.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-104-224.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
5    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
12    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    8.2.110.113 (United States)

ASN46636 (NATCOWEB, US)
as.ck-ie.com
6    209.192.201.180 (United States)

ASN7979 (SERVERS-COM, US)
user-sync.adxpremium.services
1    35.210.239.72 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
7    172.64.148.101 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
2    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
pubmatic-match.dotomi.com
2    54.160.39.45 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-39-45.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
12    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
1    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
9    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    54.147.123.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-123-103.compute-1.amazonaws.com
a.audrte.com
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
6    2404:6800:4002:806::2003 (Australia)

ASN15169 (GOOGLE, US)
csi.gstatic.com
12    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
3    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
ipac.ctnsnet.com
3    213.155.156.166 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    2a00:1450:400e:9::8 (Ireland)

ASN15169 (GOOGLE, US)
rr3---sn-5hne6nzs.googlevideo.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
1    167.71.9.19 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
bgstats.mox.tv
2    2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
2    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum.casalemedia.com
1    23.197.149.186 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-149-186.deploy.static.akamaitechnologies.com
www.awin1.com
1    2606:4700::6813:afbe (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
4    142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
ad.doubleclick.net
4    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
2    167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.o2online.de
partner.blau.de
1    2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
vpaid.vidoomy.com
4    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
2    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel.sitescout.com
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    8.2.110.24 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
5    52.17.126.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-126-53.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
2    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel.onaudience.com
2    3.122.33.245 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-33-245.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    72.251.241.204 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    35.214.155.7 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 7.155.214.35.bc.googleusercontent.com
csync.loopme.me
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    35.186.154.107 (Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.154.186.35.bc.googleusercontent.com
cm-supply-web.gammaplatform.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    141.95.171.141 (France)

ASN16276 (OVH, FR)
PTR: bixel-7.cloudy.ovh
green.erne.co
2    141.94.171.214 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh
pixel-eu.onaudience.com
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
Apex Domain
Subdomains		 Transfer
100 lebanonfiles.com
lebanonfiles.com
www.lebanonfiles.com
backend.lebanonfiles.com
3 MB
99 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
c34d8e1ae512c01cdaf6d8af50b8937d.safeframe.googlesyndication.com
cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
1 MB
88 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
stats.g.doubleclick.net — Cisco Umbrella Rank: 87
cm.g.doubleclick.net — Cisco Umbrella Rank: 237
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371
pubads.g.doubleclick.net — Cisco Umbrella Rank: 421
ad.doubleclick.net — Cisco Umbrella Rank: 173
719 KB
38 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 513
t.pubmatic.com — Cisco Umbrella Rank: 2500
image6.pubmatic.com — Cisco Umbrella Rank: 752
simage2.pubmatic.com — Cisco Umbrella Rank: 794
image2.pubmatic.com — Cisco Umbrella Rank: 895
simage4.pubmatic.com — Cisco Umbrella Rank: 1267
195 KB
29 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 35547
cdn.vidverto.io — Cisco Umbrella Rank: 47351
369 KB
21 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
425 KB
19 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1036
eus.rubiconproject.com — Cisco Umbrella Rank: 593
token.rubiconproject.com — Cisco Umbrella Rank: 597
fastlane.rubiconproject.com — Cisco Umbrella Rank: 510
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2179
pixel.rubiconproject.com — Cisco Umbrella Rank: 366
17 KB
16 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 405
360 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 239
acdn.adnxs.com — Cisco Umbrella Rank: 578
secure.adnxs.com — Cisco Umbrella Rank: 450
27 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 34772
ad4m.at — Cisco Umbrella Rank: 12393
assets.ad4m.at — Cisco Umbrella Rank: 44002
926 KB
14 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 567
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 475
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
dsum.casalemedia.com — Cisco Umbrella Rank: 1377
ssum.casalemedia.com — Cisco Umbrella Rank: 1340
9 KB
14 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 583
eb2.3lift.com — Cisco Umbrella Rank: 388
6 KB
14 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1594
euw1.smartadserver.com — Cisco Umbrella Rank: 19407
www8.smartadserver.com — Cisco Umbrella Rank: 6547
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 682
15 KB
13 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 3192
mwzeom.zeotap.com — Cisco Umbrella Rank: 3146
4 KB
13 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 767
gum.criteo.com — Cisco Umbrella Rank: 426
mug.criteo.com — Cisco Umbrella Rank: 2631
dis.criteo.com — Cisco Umbrella Rank: 596
10 KB
12 adform.net
adx.adform.net — Cisco Umbrella Rank: 4440
cm.adform.net — Cisco Umbrella Rank: 1198
c1.adform.net — Cisco Umbrella Rank: 591
dmp.adform.net — Cisco Umbrella Rank: 3237
6 KB
11 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 214
622 KB
10 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1076
7 KB
10 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 342
3 KB
9 openx.net
projectagora-d.openx.net — Cisco Umbrella Rank: 163656
eu-u.openx.net — Cisco Umbrella Rank: 2529
u.openx.net — Cisco Umbrella Rank: 670
rtb.openx.net — Cisco Umbrella Rank: 751
2 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
imasdk.googleapis.com — Cisco Umbrella Rank: 488
715 KB
9 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 17132
sync.quantumdex.io — Cisco Umbrella Rank: 2704
2 KB
8 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 6398
u-ams03.e-planning.net — Cisco Umbrella Rank: 43014
3 KB
7 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 451
ups.analytics.yahoo.com — Cisco Umbrella Rank: 326
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1363
2 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 348
2 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 736
1 KB
7 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 11864
user-sync.adxpremium.services — Cisco Umbrella Rank: 13128
7 KB
7 vidoomy.com
d.vidoomy.com — Cisco Umbrella Rank: 10572
a-prebid.vidoomy.com — Cisco Umbrella Rank: 12895
vid.vidoomy.com — Cisco Umbrella Rank: 2188
vpaid.vidoomy.com — Cisco Umbrella Rank: 3064
a.vidoomy.com — Cisco Umbrella Rank: 2750
p.vidoomy.com — Cisco Umbrella Rank: 6523
36 KB
6 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1471
mp.4dex.io — Cisco Umbrella Rank: 2303
52 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 564
3 KB
5 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2424
bcp.crwdcntrl.net — Cisco Umbrella Rank: 776
sync.crwdcntrl.net — Cisco Umbrella Rank: 795
2 KB
5 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 400
3 KB
5 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1104
www.googleadservices.com — Cisco Umbrella Rank: 149
607 B
5 google.com
www.google.com — Cisco Umbrella Rank: 2
3 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2537
3 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 561
2 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 692
1 KB
4 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 29011
cr.frontend.weborama.fr — Cisco Umbrella Rank: 25640
1 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 473
2 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 706
pixel.sitescout.com — Cisco Umbrella Rank: 3374
748 B
4 kdaimo.com
cdn.kdaimo.com — Cisco Umbrella Rank: 103727
7 KB
4 projectagora-adtag-library.com
cdn.projectagora-adtag-library.com — Cisco Umbrella Rank: 114279
335 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320
14 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 169
176 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2967
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19653
2 KB
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4396
871 B
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 805
s.tribalfusion.com — Cisco Umbrella Rank: 1949
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 834
1 KB
3 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1334
625 B
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 654
usermatch.krxd.net — Cisco Umbrella Rank: 1604
942 B
3 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1105
match.sharethrough.com — Cisco Umbrella Rank: 558
356 B
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 311
324 KB
3 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7461
creativecdn.com — Cisco Umbrella Rank: 570
886 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
region1.google-analytics.com — Cisco Umbrella Rank: 2547
21 KB
3 optad360.io
cmp.optad360.io — Cisco Umbrella Rank: 54359
get.optad360.io — Cisco Umbrella Rank: 37809
226 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3937
onesignal.com — Cisco Umbrella Rank: 1361
73 KB
3 tesseradigital.com
tpx.tesseradigital.com — Cisco Umbrella Rank: 251767
fd.tesseradigital.com — Cisco Umbrella Rank: 260455
27 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1395
565 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4404
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1180
1 KB
2 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 3059
40 B
2 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 70829
736 B
2 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 70577
516 B
2 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 50826
ipac.ctnsnet.com — Cisco Umbrella Rank: 5694
925 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 791
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 716
2 KB
2 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2949
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3398
285 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 659
554 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1532
1 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1537
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 223
2 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 365
790 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 936
812 B
2 sascdn.com
ced-ns.sascdn.com — Cisco Umbrella Rank: 2869
apps.sascdn.com — Cisco Umbrella Rank: 8025
14 KB
2 googlevideo.com
rr2---sn-5hne6nzs.googlevideo.com — Cisco Umbrella Rank: 52590
rr3---sn-5hne6nzs.googlevideo.com — Cisco Umbrella Rank: 52612
4 MB
2 projectagoraservices.com
ads.projectagoraservices.com — Cisco Umbrella Rank: 89515
4 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 603
58 KB
2 exitbee.com
cdn.exitbee.com — Cisco Umbrella Rank: 45107
s.exitbee.com — Cisco Umbrella Rank: 51526
21 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
260 B
2 palibzh.tech
palibzh.tech — Cisco Umbrella Rank: 49884
99 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 14567
s4.histats.com — Cisco Umbrella Rank: 14598
5 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
131 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4078
471 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1239
527 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6515
1 erne.co
green.erne.co — Cisco Umbrella Rank: 31522
412 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5941
278 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 2898
644 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2773
308 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 812
795 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 890
225 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2518
555 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 551
705 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1476
553 B
1 blau.de
partner.blau.de — Cisco Umbrella Rank: 145027
1 KB
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 76377
1 KB
1 conrad.de
www.conrad.de — Cisco Umbrella Rank: 90611
495 B
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 18330
694 B
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 83
1 mox.tv
bgstats.mox.tv — Cisco Umbrella Rank: 78868
66 B
1 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 137423
103 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 756
588 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 236
689 B
1 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 4628
239 B
1 ck-ie.com
as.ck-ie.com — Cisco Umbrella Rank: 8429
484 B
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2190
368 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 753
245 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 631
145 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1819
380 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1263
213 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 527
529 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 8744
324 B
1 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1851
67 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 10195
411 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 614
204 B
1 adxbid.info
adxbid.info — Cisco Umbrella Rank: 13394
3 KB
1 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 6088
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1754
435 B
1 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 21765
1 KB
1 smartstream.tv
ads.smartstream.tv — Cisco Umbrella Rank: 30737
823 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10480
258 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 880
280 B
1 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 6261
1 KB
1 optad360.net
cdn.optad360.net — Cisco Umbrella Rank: 58924
3 KB
1 htagpa.tech
htagpa.tech — Cisco Umbrella Rank: 348809
4 KB
1 amazonaws.com
s3.amazonaws.com
140 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 954
7 KB
0 widespace.com Failed
engine.widespace.com Failed
0 rlcdn.com Failed
api.rlcdn.com Failed
0 effectivemeasure.net Failed
t.effectivemeasure.net Failed
672 130
Domain Requested by
93 www.lebanonfiles.com 2 redirects www.lebanonfiles.com
static.cloudflareinsights.com
54 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.lebanonfiles.com
507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
imasdk.googleapis.com
38 pagead2.googlesyndication.com www.lebanonfiles.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
ced-ns.sascdn.com
imasdk.googleapis.com
googleads.g.doubleclick.net
www.googletagservices.com
cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
34 securepubads.g.doubleclick.net 2 redirects www.lebanonfiles.com
securepubads.g.doubleclick.net
www.googletagservices.com
507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
cdn.projectagora-adtag-library.com
cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
26 ad.vidverto.io www.lebanonfiles.com
ad.vidverto.io
imasdk.googleapis.com
25 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
eus.rubiconproject.com
spl.zeotap.com
eb2.3lift.com
cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
16 cdn.ampproject.org securepubads.g.doubleclick.net
507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
14 ib.adnxs.com 7 redirects get.optad360.io
cdn.projectagora-adtag-library.com
spl.zeotap.com
acdn.adnxs.com
14 googleads.g.doubleclick.net pagead2.googlesyndication.com
507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
ced-ns.sascdn.com
12 simage2.pubmatic.com ads.pubmatic.com
adxbid.info
12 eb2.3lift.com 3 redirects sync.quantumdex.io
adxbid.info
eb2.3lift.com
cdn.projectagora-adtag-library.com
11 mwzeom.zeotap.com spl.zeotap.com
adxbid.info
11 csi.gstatic.com www.gstatic.com
imasdk.googleapis.com
11 www.googletagservices.com securepubads.g.doubleclick.net
507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
googleads.g.doubleclick.net
cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
10 x.bidswitch.net 4 redirects eb2.3lift.com
ssum-sec.casalemedia.com
cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
adxbid.info
9 image2.pubmatic.com ads.pubmatic.com
8 pubads.g.doubleclick.net imasdk.googleapis.com
8 sync.quantumdex.io get.optad360.io
sync.quantumdex.io
ssum-sec.casalemedia.com
ads.pubmatic.com
8 pixel.rubiconproject.com 4 redirects eus.rubiconproject.com
adxbid.info
8 gum.criteo.com 1 redirects static.criteo.net
ads.pubmatic.com
get.optad360.io
7 image6.pubmatic.com 2 redirects spl.zeotap.com
ads.pubmatic.com
7 rtb-csync.smartadserver.com 3 redirects
7 match.adsrvr.org googleads.g.doubleclick.net
eus.rubiconproject.com
get.optad360.io
spl.zeotap.com
eb2.3lift.com
ssum-sec.casalemedia.com
ads.pubmatic.com
adxbid.info
7 onetag-sys.com 1 redirects ad.vidverto.io
cdn.projectagora-adtag-library.com
sync.quantumdex.io
6 assets.ad4m.at as.ad4m.at
6 user-sync.adxpremium.services adxbid.info
ads.pubmatic.com
vid.vidoomy.com
6 c1.adform.net 5 redirects ads.pubmatic.com
6 aax-eu.amazon-adsystem.com 3 redirects eus.rubiconproject.com
spl.zeotap.com
ads.pubmatic.com
6 fonts.gstatic.com fonts.googleapis.com
ad.vidverto.io
6 backend.lebanonfiles.com www.lebanonfiles.com
5 match.prod.bidr.io 5 redirects
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 id5-sync.com ads.pubmatic.com
sync.quantumdex.io
5 ads.pubmatic.com cdn.projectagora-adtag-library.com
sync.quantumdex.io
ads.pubmatic.com
adxbid.info
5 imasdk.googleapis.com ad.vidverto.io
imasdk.googleapis.com
5 www.google.com 1 redirects www.lebanonfiles.com
tpc.googlesyndication.com
4 u-ams03.e-planning.net
4 simage4.pubmatic.com ads.pubmatic.com
4 ad.doubleclick.net 4 redirects
4 ad4m.at as.ad4m.at
ad4m.at
4 as.ad4m.at cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
4 a.audrte.com 3 redirects ads.pubmatic.com
4 sync.1rx.io 4 redirects
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
ssum-sec.casalemedia.com
4 script.4dex.io cdn.projectagora-adtag-library.com
script.4dex.io
4 cdn.kdaimo.com 2 redirects
4 www.googleadservices.com 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
4 cdn.projectagora-adtag-library.com ads.projectagoraservices.com
cdn.projectagora-adtag-library.com
4 fonts.googleapis.com securepubads.g.doubleclick.net
507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
4 pbjs.e-planning.net 1 redirects cdn.projectagora-adtag-library.com
4 cdn.jsdelivr.net get.optad360.io
507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
cdn.projectagora-adtag-library.com
4 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.gstatic.com www.google.com
507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
4 connect.facebook.net www.lebanonfiles.com
connect.facebook.net
3 rtb.openx.net 1 redirects cdn.projectagora-adtag-library.com
3 d5p.de17a.com 3 redirects
3 ad.turn.com 3 redirects
3 dsum.casalemedia.com 2 redirects ssum-sec.casalemedia.com
3 ssum-sec.casalemedia.com 1 redirects sync.quantumdex.io
ssum-sec.casalemedia.com
3 ssp.disqus.com 3 redirects
3 idsync.frontend.weborama.fr 2 redirects ads.pubmatic.com
3 dis.criteo.com 3 redirects
3 ups.analytics.yahoo.com 1 redirects ads.pubmatic.com
3 cm.adform.net 1 redirects get.optad360.io
3 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
3 cdn.vidverto.io
3 www8.smartadserver.com 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
3 s0.2mdn.net tpc.googlesyndication.com
imasdk.googleapis.com
507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
3 prg.smartadserver.com get.optad360.io
cdn.projectagora-adtag-library.com
2 creativecdn.com 2 redirects
2 pixel-eu.onaudience.com 2 redirects
2 cm.adgrx.com ads.pubmatic.com
2 ads.creative-serving.com 2 redirects
2 uipglob.semasio.net 1 redirects adxbid.info
2 sync.admanmedia.com cdn.projectagora-adtag-library.com
2 u.openx.net cdn.projectagora-adtag-library.com
2 pixel.sitescout.com cdn.projectagora-adtag-library.com
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 vid.vidoomy.com adxbid.info
vid.vidoomy.com
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 sync.srv.stackadapt.com 2 redirects
2 cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 ap.lijit.com sync.quantumdex.io
adxbid.info
2 ads.betweendigital.com 2 redirects
2 beacon.krxd.net spl.zeotap.com
2 dsp.adfarm1.adition.com 2 redirects
2 dpm.demdex.net 2 redirects
2 dmp.adform.net 1 redirects spl.zeotap.com
2 eu-u.openx.net 2 redirects
2 pixel-sync.sitescout.com ads.pubmatic.com
2 spl.zeotap.com get.optad360.io
spl.zeotap.com
2 px.ads.linkedin.com eus.rubiconproject.com
eb2.3lift.com
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 btlr.sharethrough.com cdn.projectagora-adtag-library.com
2 mp.4dex.io cdn.projectagora-adtag-library.com
2 fastlane.rubiconproject.com cdn.projectagora-adtag-library.com
2 projectagora-d.openx.net cdn.projectagora-adtag-library.com
2 htlb.casalemedia.com cdn.projectagora-adtag-library.com
2 tlx.3lift.com cdn.projectagora-adtag-library.com
2 lb.eu-1-id5-sync.com ads.pubmatic.com
2 id.crwdcntrl.net ads.pubmatic.com
2 eus.rubiconproject.com www.lebanonfiles.com
eus.rubiconproject.com
2 ads.projectagoraservices.com securepubads.g.doubleclick.net
2 static.criteo.net get.optad360.io
static.criteo.net
2 www.facebook.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 palibzh.tech 1 redirects
2 www.googletagmanager.com www.lebanonfiles.com
www.googletagmanager.com
2 get.optad360.io www.lebanonfiles.com
get.optad360.io
2 cdn.onesignal.com www.lebanonfiles.com
cdn.onesignal.com
2 tpx.tesseradigital.com www.lebanonfiles.com
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 p.vidoomy.com vid.vidoomy.com
1 a.vidoomy.com
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 cm-supply-web.gammaplatform.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 ad.mrtnsvr.com 1 redirects
1 p.rfihub.com 1 redirects
1 csync.loopme.me 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com adxbid.info
1 pixel.onaudience.com 1 redirects
1 bh.contextweb.com 1 redirects
1 t.adx.opera.com 1 redirects
1 vpaid.vidoomy.com vid.vidoomy.com
1 partner.blau.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 www.conrad.de as.ad4m.at
1 www.awin1.com 1 redirects
1 ssum.casalemedia.com 1 redirects
1 www.youtube.com
1 bgstats.mox.tv
1 prod-rtb.ad4mat.net cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
1 rr3---sn-5hne6nzs.googlevideo.com
1 gcm.ctnsnet.com 1 redirects
1 s.tribalfusion.com cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
1 cr.frontend.weborama.fr 1 redirects
1 cms.quantserve.com 1 redirects
1 casale-match.dotomi.com 1 redirects
1 c.bing.com eb2.3lift.com
1 u.ipw.metadsp.co.uk 1 redirects
1 as.ck-ie.com 1 redirects
1 cs-server-s2s.yellowblue.io sync.quantumdex.io
1 c34d8e1ae512c01cdaf6d8af50b8937d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 s.ad.smaato.net sync.quantumdex.io
1 match.sharethrough.com sync.quantumdex.io
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 bcp.crwdcntrl.net 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 sync.tidaltv.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 a-prebid.vidoomy.com
1 acdn.adnxs.com get.optad360.io
1 adxbid.info get.optad360.io
1 ic.tynt.com get.optad360.io
1 cadmus.script.ac script.4dex.io
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 cm.adsafety.net 1 redirects
1 ads.smartstream.tv 1 redirects
1 adx.adform.net cdn.projectagora-adtag-library.com
1 t.pubmatic.com ads.pubmatic.com
1 euw1.smartadserver.com ced-ns.sascdn.com
1 apps.sascdn.com ced-ns.sascdn.com
1 ced-ns.sascdn.com www.lebanonfiles.com
1 secure-assets.rubiconproject.com 1 redirects
1 rr2---sn-5hne6nzs.googlevideo.com 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
1 a4p.adpartner.pro 1 redirects
1 mug.criteo.com
1 s.exitbee.com cdn.exitbee.com
1 stats.g.doubleclick.net www.google-analytics.com
1 prebid-eu.creativecdn.com get.optad360.io
1 rtb.adxpremium.services get.optad360.io
1 bidder.criteo.com get.optad360.io
1 prebid.a-mo.net get.optad360.io
1 d.vidoomy.com get.optad360.io
1 ghb.adtelligent.com get.optad360.io
1 useast.quantumdex.io get.optad360.io
1 cdn.optad360.net
1 onesignal.com cdn.onesignal.com
1 cdn.exitbee.com palibzh.tech
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 fd.tesseradigital.com tpx.tesseradigital.com
1 s4.histats.com s10.histats.com
1 s10.histats.com www.lebanonfiles.com
1 htagpa.tech www.lebanonfiles.com
1 cmp.optad360.io www.lebanonfiles.com
1 s3.amazonaws.com www.lebanonfiles.com
1 static.cloudflareinsights.com www.lebanonfiles.com
1 lebanonfiles.com 1 redirects
0 engine.widespace.com Failed spl.zeotap.com
0 api.rlcdn.com Failed ads.pubmatic.com
0 t.effectivemeasure.net Failed www.lebanonfiles.com
672 210
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-27 -
2024-01-27		 a year crt.sh
tpx.tesseradigital.com
R3		 2023-08-05 -
2023-11-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-10 -
2023-09-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
histats.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.optad360.io
Amazon RSA 2048 M02		 2023-03-01 -
2023-11-15		 9 months crt.sh
fd.tesseradigital.com
R3		 2023-06-13 -
2023-09-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
exitbee.com
GTS CA 1P5		 2023-08-15 -
2023-11-13		 3 months crt.sh
*.optad360.net
Amazon RSA 2048 M02		 2023-06-26 -
2024-07-24		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-07-31 -
2023-10-29		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-08-05		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.exitbee.com
SwissNS TLS Issuing RSA CA R1		 2023-05-18 -
2024-05-22		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
ad.vidverto.io
R3		 2023-07-26 -
2023-10-24		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
cdn.projectagora-adtag-library.com
R3		 2023-06-30 -
2023-09-28		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-08-22 -
2023-10-31		 2 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-14 -
2024-07-17		 a year crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
cdn.vidverto.io
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.e-planning.net
R3		 2023-07-14 -
2023-10-12		 3 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
script.ac
E1		 2023-07-05 -
2023-10-03		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
adxbid.info
E1		 2023-08-09 -
2023-11-07		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-09 -
2023-12-10		 a year crt.sh
*.tidaltv.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-08 -
2024-07-08		 a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M01		 2023-07-23 -
2024-08-20		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-06-02 -
2023-12-02		 6 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-07-31 -
2023-10-29		 3 months crt.sh
bgstats.mox.tv
R3		 2023-07-24 -
2023-10-22		 3 months crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
truffle.bid
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh

This page contains 91 frames:

Primary Page: http://www.lebanonfiles.com/
Frame ID: D7F6B5A6184152EBB4BF8015AFD00E56
Requests: 199 HTTP requests in this frame

Frame: http://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
Frame ID: CC530AC6C17730A1D05DB76538AC4342
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/zrt_lookup.html
Frame ID: D2A97587C8295669D82E78B08B4B9708
Requests: 1 HTTP requests in this frame

Frame: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8B3CC82C0B0C64EDB73D57699B16E47A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8745593945608202&output=html&adk=1812271804&adf=3025194257&lmt=1693559030&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1693566230302&bpp=4&bdt=771&idt=580&shv=r20230830&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3471207935890&frm=20&pv=2&ga_vid=514337933.1693566231&ga_sid=1693566231&ga_hid=481147567&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077369%2C42531706&oid=2&pvsid=1599002937088299&tmod=456939262&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=639
Frame ID: 69E2A5451B0034BBF5948777EC711CCC
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9E0524B4A322738C4307F4AB98071A2B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D47B15CF5DAAD3479B52F122E1E95531
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A970B9A4AAC620A14255253959FF465A
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmxLuXGF0DXsCO0oVC8Zvc-kDiDLKGs8gQdNi2OqwO4ho1aVdg8ZIdA_3wY2SUqkwKxj5m4eZcoSio22rQnYFRxVafuvVVM_nFciDAq1ebhYvjg0ZXU5qsBKKk7jMHx1Hi1v95dK6RigPK7FFl4J-6s6Je1gd4jCrII1LH9y5i5914cCmgOloK3fAyPHm9WTAocEWfHDb63dA986ulET1fpaqkbr8r--wZmBM6u5tjBfP2U1WO_Yz2IVlIp5sOOWUWqYv6CHSiKs8G9xpRcgXQs3o0b3iQKnCk7GsUiTFvnFq7QFWR5WcrqjiQUln86agMI_3L-8W6zkPF42djzUHGqo2JAxXL7tpp&sai=AMfl-YSWh3O4jK3DppZI7RNv3tqDH6N0bcI_XR6FbcmItzzvThh5gznplLYQVrIGTGntb64oi-vBfR_MaJRuvdtQ1FYqScUsOkCcIGx1gNAMFzLAF35n3xT31LLsN0Kk0tFHbPviJGw6pQ5Z6HCm95A&sig=Cg0ArKJSzLvvMQxdap-dEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F09D4A93302D683583110EA27973AAD9
Requests: 4 HTTP requests in this frame

Frame: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 417368ACB3DC966D93A14F5774EA19DA
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: D60D2DD23582C839DEDF75797C18B073
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssji9VU1AylWk7AERB_WofxQ9EUyHQypG8QHYOxhY9KbW2ZKrUNVW4qeXQsVQ8EUnARRlVp1zmn9BcJOoZZrGHfirW6pmE5X6jpMh8-TjtK_4s6vH1xY3UaxD9NgnAns90j6s2NFk3r8_B_OwsK7MDGYvadAI-ZqhP-DRj1MP9QYZOaPxY0hXtIdGm-LYadFc7FLFhd-I7SAu3zf70M_S0TuagvMkTr4T7KFDfOz5RRwC10jbNdMlUCF69J8q2yta2lAkFVoC2dNgt0uja8stJnfQYUFZ8kgMgWa1tK5uYLP66BIebAy9FlcnQz2ampeEg19qCd8ua5nCreGkTS1eoIR6rMol_l3CS-qw&sai=AMfl-YSB_jRPi_0XV5WYdwTby3tFVdccslKmSiyVgd2GMqIvCnkCQowmzqcSdgSoUXy8N7HXJkem9JtrjU8VvMYKyjGD5uRU9IRndC8aW1T0w_DZHdsZ_nskVUhGSeo04MjD8XHjX7IPMIYnolO385w&sig=Cg0ArKJSzNgm5qEibllBEAE&uach_m=[UACH]&adurl=
Frame ID: B11A4BF2A31CAA3D5B963F758C57F8E1
Requests: 6 HTTP requests in this frame

Frame: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B30118A66F833474261DEB5AD0A8DE65
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszOxNw1QsKJO5Iw_6inu0qqDdBRDrMlBfzGjYlytAxPDxhOmpitAQXzCeEFbxopxkKVVyDtDBhHt4JoyJsA1hsyXbxu6Pue0vfZ2MOmesfMorK94C5rZIe2trjdx4OrmJYNwqCylzhj3PblCq2p07PJ0b2Ab8WLvVKmJc5gPoE7OTptI-fshBq44IUKiEiyywVjusRZrP6PfbfcXLyyWdgHESRlkr62Mj6OqmPLrSmQWsJ3FH4qmlh6w6z3oQfzfUmt0NW8bMpcfYtauqu0hoVOUCKp-CUavFmaDF6Ds24D8ekX_JtiZLt1gjz8_UrLgyR1MVotFzZBAtXBgQ-JZm5o9K1&sai=AMfl-YRRyZ0Vu4toNbzRq_I9WeonmkyfspzcxDZObxDIr0sUWKr80Pn8r42s2HQbkb0-_pW2j5vZatyKV_P3y494iyhqgKhTNFaSp6oiALIn8bo-4MXhYDmKYGycvtbNYo0zU0ddvyQVTv7uT5YjNVM&sig=Cg0ArKJSzIkhA8AaDZ6UEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 5D0663FC9CBA565DF1D1C76651CA2E03
Requests: 35 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvatk-McUmL5T5yAV953uTz0NFVtzWbcYrwQML5WAL-yTjq3Sco5bftGd1V4SOSl6EkahYvfpS7MpGjgkr0oQsaqQzjF5FA5-EQmeznJdORSZPSNMBcpuk0FPx08HgDlGzsA_sGaPv7Ij93BZ5jghXGlCaO8_tYoCE46dZf41-b6J73__kX5no8lU9NlJ54CqKrOpdPZp-z-e7QmIbbjmpnlkfNdn5Qa53-L1ZqmZxwPHh78cO3vDlDMGBUWy86DW7GlfrODQr6VJFj04y3P6NciSs20ZykXimA4QRurij3IWzx8eIejXOkQEOiy_1Sd_-us6epodDFFGZ-R0BGYHZ8k8inWXMNumL0zQ&sai=AMfl-YRNIZmm5GXgabXuJHZMneyvecViM_dnjNZ1gPyjAi5WENuPM2wjhhQJRU5GBjlrtkc1oaZjtg4x2bD5EkHCUr12jr16dQjkY4l4WMbg3DUNUWFkYdJBfHzZLtSS8YfXChxI7DHfRmm82mMk58k&sig=Cg0ArKJSzC3rZ2776sb7EAE&uach_m=[UACH]&adurl=
Frame ID: 68638B03FB6D9821FD58B150D51FA2B2
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: F09566CBB23EEAF6A4B2B8918F088911
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYm8895FnFNunnR8fKCxexlIgPW8-kiQzj0aSqSBVfFdMEJxAcHWoAzJ0KnU3RVN02-0zryA_P2ZF4RiLbky8acBjwJOQxtjQN-FfmjAJxjWJi78uv7pxRZzkPhmHF6G93UITf2U6yh-9gdDVaj70h_j9NeWTt-31r2zQYdaIa_-mcybM_muszWDBknS4JkaixtqcZycipKZLvS-MAG5Xrn8hc2c-MhzrMthgI7cWGFLGpK9rOBUMe2YawW87JzCXKKORyzzGITe8M-ed9norgq-JbyU0A4JUgHWcgYZ_0CCXUohDkfOKEnT_oLM84_rRJXbZr9mzFfKzkUXBhAe9d3I1A1rrFrALjiGZJLQ&sai=AMfl-YTcuOeIJ7VW_DiOoKrylwj_5sY3ZAP0Z-bplcaH9AgvEF5RHJL6kb-3SZrTXlkXZMTRVqUdJH1ZP8BqomtMzcyzWPk33vjOAdvLxEeDF1AYwqGuwfyD6gcI_0bROVpZz7BvF1gytHUZgdgRRpg&sig=Cg0ArKJSzCBaUpZgd844EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7EBF75A90EBCAACA81D4D369F886D319
Requests: 37 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5kpxuVmq4PijQ3tUcMas-ISoiCWBJtzCTnqfN8Rdt3h5VrQilx4VifM61nNIX8sUfPnxgzYZPSB-vJjpxfl8p4icrL343uolpJzBhZovxKEm2JHhOpZSBOe49Bsc7WssTYHeRRRM6fa_-jeWWGDOb0-iRbHEfQaQlZMpmyX9Ebhk-p18_XXmKhZjlD7at5flaLkTL-Ze7gsW5x7tv2_Y8lFnMfg0alInVh5WpDpCk64AKe86qjR-2CJTlK2u1_uSgwrcKJJJUJEUJ8yQyugxYRIM6f8KAiVPvR-go7EJpJucgV7vH9wgHqcHmPAtuIB6mvJvqYMQoLzOpzf2e2MtYsWjT4fLX8bIosg&sai=AMfl-YTZ6G1vSLp7SN18L832G2AqtS_PB34869rZii684SeAHUn835iCvXEeDibDFPpplViuUWiG0MSFkQpZa569nm-i_-_nfZbKj0mB541i6OeJKbHnDpGPMS32IgIN9ect4V-c2Ej2jS4RWpMu_fI&sig=Cg0ArKJSzHAV8f2WlsJ8EAE&uach_m=[UACH]&adurl=
Frame ID: C723D00972A3B53DB102ECCD65C371EB
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: B2D1B73A141310C35760D4422F0B0158
Requests: 16 HTTP requests in this frame

Frame: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6AFAEECF1D04C69CE03009357DE57C36
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7504746176064661106/728x90/SailPoint-Horizons-MaturityAd1-DE-728x90.html
Frame ID: B6F8AE2F328B2D34363C50D9F734EAB5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8366D2503C53F9EE4CA3B9FD0803DCAE
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.lebanonfiles.com
Frame ID: 0809CCFE7A2171CC3072AC9D35212764
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: C3DA4883841B94371828E8AA95EAB542
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: 2FC84FEA86945ED601952672A24ACC95
Requests: 12 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.3.js
Frame ID: CA8AA262711FE5BBE97F5A2FCFAB6A1B
Requests: 4 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%2254235b7d-4e44-4fbb-80f1-82730afe910a%22%2c%22adomain%22%3a%22etoro.com%22%2c%22page%22%3a%221728294%22%2c%22format%22%3a%2289191%22%2c%22crid%22%3a%22475426577%22%2c%22dsp%22%3a%2276%22%2c%22buyer%22%3a%22183960%22%2c%22cid%22%3a%2217538752370%22%2c%22adid%22%3a%22475426577%22%2c%22hash%22%3a%22-550614471000202510%22%7d
Frame ID: E93184E8462D4A802348A4984E76A985
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhiR3tniATAB&v=APEucNW7T7wCj1kcUrwgfu7AF_bNXOk_-DUh1Fdz-HI7pzvZhnxbLGytxIzw8QOJ5y4MSpKUclS31WWrHqmixPHgP91vAxdsc9M3SJBxKPxRtVieByDoHN4
Frame ID: B621CBB8DA93E5A4B6F2C0AEB1873BB4
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: EAA29EF3F90516F6640CD6731B5D135E
Requests: 16 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Frame ID: EDDDA171714ADF02125333168EAF7A7F
Requests: 43 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: BF6FFB146DBA0906ED3A2F669CA2FF10
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 65655E312291374F55D525668C1DE657
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: CBE911A1C4FA1EEAF96FE345722013C8
Requests: 6 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: A1424F1425A3C513217A2277B6F040FF
Requests: 8 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D
Frame ID: EAC7743FA8B8D16C79FAD6E5231BBE93
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 62EE9E9D6AE0FB7168AC74E8C2C2F21D
Requests: 29 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D%26gpp%3D%5Breplace_me%5D%26gpp_sid%3D%5Breplace_me%5D
Frame ID: 8BC54DC7CF258F5CF58B0E3AA0F46384
Requests: 1 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: C15B05D8EAEFA33012E13F0EE0B14DED
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 972031F5E3E8EE9CD6604B598688C8AE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 11B4F1B872A3781F045DF46F9BB32707
Requests: 3 HTTP requests in this frame

Frame: https://c34d8e1ae512c01cdaf6d8af50b8937d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 09FBC67B881A5520A12A582748F6AEAD
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Frame ID: 2437B102B3795CBF3DEB892C561BD2B1
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: D29F0B613F7A58ED45D33754B2E0AEBF
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 0DA335DD5FDC96AB3A417DFFB8B20F37
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Frame ID: 545A108244129F6F70B009E735FDA67F
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Frame ID: 173584F6142A48B6A298B898FB3840D7
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 3423445F8B97451D1B45C9D5E5D98F74
Requests: 17 HTTP requests in this frame

Frame: https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: E59519E30608743CAB8B0A80B7D6F61C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 1A6A7482ECE0B0BD16D7B8054CFACC70
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0181DC67-EB40-4A05-A565-44BE2E17BD8B&redir=true&gdpr=0&gdpr_consent=
Frame ID: 1026158A286E6F8AF5099C44F5BA9893
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=am8-pT9uafZxOTvwOj11oW5tbPFxYj6lPj_aaM7n
Frame ID: 0D2D3F527FCA4CC09A16027828D1073F
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=0181DC67-EB40-4A05-A565-44BE2E17BD8B
Frame ID: 9F97DA17B8A3649AC7D56E9E7815AE8D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 07385B7489C293739268EA63ABCD448A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EBB577F6EE0319EC75D4B5B1BEDD277D
Requests: 2 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Frame ID: 83EF82F81E86D16BE72804EB6768A891
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D8F432DC28FD4B7798C43CE196C8D57E
Requests: 1 HTTP requests in this frame

Frame: https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: F300F6E21006F5C83E5F17C6CAE48464
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hp087sqahtfe3cv85xgpjx6tfz90dadm44c5vn1252p416ptxcbqhcbepp0e4w8kgzpkq5pa4vq3mjmxhw13zh9kn1gycmmdys70xcw4shqry26cvek1p9np4vch838erjpzs89cy9503h0388417pr6x51n6pnmhkbzwjm5mvk7xag1v06qjc5pmyq76g621qr5gp9skq9xypf8y72b8np400r21gd6wd915g3gyhjfy4ek2bj0r1ajvfe00avx48yr7c4pdd6q88n5sf5ppvz86s5x7znxhkwq22430ajw6d2f13sbgwv84rtqf368w1fvxngs2ye8merxrjw2vxh1czgs1jxg2dyah9pmbyk7gwqne3m5v9mh1hq3ky7x4p1n0xez65h5za018ppsr754bwmbfh1d92kmaf2v8a44sx79a5jc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRYYvG8XxZOv9I-qJ9fgP1K68gAOQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NzQ1NTkzOTQ1NjA4MjAyyAEJqQJTB1TmjjGyPuACAKgDAcgDAqoEngJP0GWJM0qfjVb0z5-owycBjjBBriK-AyOzUDgtL39HSZcuk9VIeNIJh2HPLOen3_-EChJO9uktMOAjDHcIoGfq_Wkwzy0eSbawjLIjvDziReG7vqC90cHx8wpIpbNE5Qo-j5OAylseYfPSW1zytis6NC6XpNAsPIJIUV7kFIlrNFN1RCVRRexf_aUIxqeWGaI1ypeXZdVZSOUN3xK7csXEBSTpXixRQ-Xmlx524_m_UA5dUAPPjIdppLv42fM__aHCqeRLXLBaIq1uyq-9RKmUY-ULY2qZox35uDWijOorXnBI-TVpBEHOntc7FOH7AlM7o7f-CSmgLLVEMqFcsTZCwOdBOMLHCfhgfA3TefQYsEoOqVZtN4DjJ-CfOBz34AQBgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1NU2TL0eVsj6idZy8bUHJkct6-NQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Frame ID: DF037229D2C0DF0795750F5CDC75CB56
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BE86ACFEF91805EE9390A3CB8BF981D4
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvp7g5RVQCHjSFYdNGRziG83o2kdsDNAVpeOQTTfjJCyRy94HgeSW7t11xBaJjhogTvUncQEQLnqmKpzDPanobRnlEyJ4Gv7yc9CZgsLB0jccbH22OYnTIVZAkjPhCV5_k8iWy-1k_bChDdT1ceiLe2_HdCeLkUrh0MBrb7vBvzYnVqFSZPHn1YmurJG1RoHkE2eVg8QDFNi2bbjfoHUR9Ju6K5wI_OShkyOE8TW_IoBGpXCLZf9ou-1wmEyvi63ipMgz1Zv5IB18WqU-nxRButTMI-dOgWkIxDJGvQWXASei9bOEgpEB8fnZ8XReu8GI-FyKPQmLYfbC2H6w6Kp4MYNjA&sai=AMfl-YRArW3zGFvaIUCIG7JOdrSOWtEXk5pcctoAFPxrKMMYdPDQZdpVropunJCtwUyTezoRyqhHh-waQ1RzWM9j-yP7gYq_sAtyXsOfHjYzoMlXTWdBWIMfWQR1vQFSbw&sig=Cg0ArKJSzCjtVm9lelgSEAE&uach_m=[UACH]&adurl=
Frame ID: 07B15EFD007C3DBD7167B9244A36CEAD
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AE770C22C092C58CEF328184519C128F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4649ADDC450510A3D690D194EA01B5D0
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 3D21CD127ADB345B9A4DE53076C72ADE
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=84505256fda787db755d084ff7155137
Frame ID: 7C16331CDE6EC9CB6CDAFBBF6582546B
Requests: 5 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 7588C6738C2DA925743A0AEED48D8338
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=b18b4247d7068452247f05697732b247%2F2981324858884716948&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693566237110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hyhqad3d3ygbnw7abgk8a6xny4j86p3nxwrznmjycbahfm179jvgdf29g26j000f78vjgycccsg99z12crf2p9a6g3bhhqcg887vt8jmpjser2ehbvr1n6b0fvx1q4rydprzzvdfvcdrwjgz6spgv0p2mkchfnnmdbetapd2btne9xmcsn749er5rydzp2jg0gmy9nwckbzg6w2p8c46zrd4v0qdf242b6h8m6v341rzd6bnfcccjngdt8bxwdx3th7anqsje8xdfnfj9r0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRYYvG8XxZOv9I-qJ9fgP1K68gAOQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NzQ1NTkzOTQ1NjA4MjAyyAEJqQJTB1TmjjGyPuACAKgDAcgDAqoEngJP0GWJM0qfjVb0z5-owycBjjBBriK-AyOzUDgtL39HSZcuk9VIeNIJh2HPLOen3_-EChJO9uktMOAjDHcIoGfq_Wkwzy0eSbawjLIjvDziReG7vqC90cHx8wpIpbNE5Qo-j5OAylseYfPSW1zytis6NC6XpNAsPIJIUV7kFIlrNFN1RCVRRexf_aUIxqeWGaI1ypeXZdVZSOUN3xK7csXEBSTpXixRQ-Xmlx524_m_UA5dUAPPjIdppLv42fM__aHCqeRLXLBaIq1uyq-9RKmUY-ULY2qZox35uDWijOorXnBI-TVpBEHOntc7FOH7AlM7o7f-CSmgLLVEMqFcsTZCwOdBOMLHCfhgfA3TefQYsEoOqVZtN4DjJ-CfOBz34AQBgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1NU2TL0eVsj6idZy8bUHJkct6-NQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Frame ID: FCFC04BA460A22A9ECCF99599833DA79
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: CDE88840CE479F407A152FD15736ABDA
Requests: 13 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=0181DC67-EB40-4A05-A565-44BE2E17BD8B&gdpr=0&gdpr_consent=
Frame ID: 54EC48D757F392E0EDC5CEDE46748279
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6913797373196767614&gdpr=0&gdpr_consent=
Frame ID: CAEA1AE25E39A947EA9058CDA3B1F523
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7273811592946841743&gdpr=0&gdpr_consent=
Frame ID: 3123540D0594BEFBA10C4A398378708A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TzQf0P2KVUdxXR8QejjcL8Eg-Pg&gdpr=0&gdpr_consent=
Frame ID: C90FC3CDEC8DBD28927CBB071CCCC191
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: C60E05C60314D3412B5D8654E90229B4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU5e10832b45cc4462b3572c448e5a45ae
Frame ID: 1A61F937F703DF07C40C3CA6A4FC6FA8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADUAE7J44oAACYRASJx3g&gdpr=0&gdpr_consent=
Frame ID: 78B350FBED119BAF986378F466B75C8E
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=0181DC67-EB40-4A05-A565-44BE2E17BD8B
Frame ID: 882942A1D7817C6CEAC0EE88490DE635
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 0012D211E69B5AD9FD47EF39E9D06274
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329527491353795
Frame ID: 8680834BE564CBC0B3E1A764A5DD724E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=0181DC67-EB40-4A05-A565-44BE2E17BD8B&gdpr=0&gdpr_consent=
Frame ID: 7D9306A43B1300A806F55A2E55BE6345
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 6FC465CB9F81599730ABA398DA65F0F0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5280225782490877415
Frame ID: 258A8E4282090E2E77C459658B290F36
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 142FEBC31B08967DAE9572D58FD11613
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1rtm15qasr2p
Frame ID: ED1EB4EDA8878DA87E0B53D7806CF98B
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 363EAB4DAED0ADDFE1E4A39CADE558FF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbMgWgTWgXbgMnUaM&gdpr=0&gdpr_consent=
Frame ID: B7F496612C74D0A3C6B12300E955F32F
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=0181DC67-EB40-4A05-A565-44BE2E17BD8B
Frame ID: 41D5A148DE97FE92E656BB2E1EF36BE3
Requests: 1 HTTP requests in this frame

Frame: https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=izrLvbA0RdEVbh7ky2FE&pi=vidoomy&tc=1
Frame ID: 2623578ADF06450EFE981E43FF44009D
Requests: 2 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: E2274665223538A234656E0A4A3F01EC
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: D5DE6AC9F8694887F45D349F6FC5170A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7dc8566d-b21b-455e-9d99-1df35d6c5b04-003
Frame ID: C4BADE472FC795D61008EE9344DE2030
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:76557FB67D564EDD94437832115B10D2&gdpr=0&gdpr_consent=
Frame ID: F9331C18BA8FF390CF89E15A9637EE9D
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=0181DC67-EB40-4A05-A565-44BE2E17BD8B
Frame ID: A175FB4FC8DD4E78ED2AA9049ADFC4B7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

أخبار الساعة من لبنان والعالم بشكل مباشر | Lebanonfiles | ليبانون فايلز

Page URL History Show full URLs

  1. http://lebanonfiles.com/ HTTP 301
    http://www.lebanonfiles.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

672
Requests

82 %
HTTPS

39 %
IPv6

130
Domains

210
Subdomains

149
IPs

19
Countries

14122 kB
Transfer

27004 kB
Size

174
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lebanonfiles.com/ HTTP 301
    http://www.lebanonfiles.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96
  • http://www.lebanonfiles.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • http://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
Request Chain 104
  • http://palibzh.tech/libs/projectagora.min.js HTTP 301
  • https://palibzh.tech/libs/projectagora.min.js
Request Chain 111
  • http://www.lebanonfiles.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • http://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
Request Chain 116
  • https://www.lebanonfiles.com/wp-admin/admin-ajax.php?action=get_breaking_news&nonce=83eab7eb9e HTTP 302
  • http://www.lebanonfiles.com/
Request Chain 150
  • https://pbjs.e-planning.net/pbjs/1/5b5e6/1/www.lebanonfiles.com/ROS?rnd=0.6502797427012541&e=728x90_0%3A728x90%2C970x90%2C750x100&ur=http%3A%2F%2Fwww.lebanonfiles.com%2F&pbv=7.36.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.lebanonfiles.com%2F&gdpr=0&e_pubcid=800fd301-011e-4aee-af56-fd92b2a381f2 HTTP 302
  • https://pbjs.e-planning.net/hb/1/5b5e6/1/www.lebanonfiles.com/ROS?ct=1&r=pbjs&rnd=0.6502797427012541&e=728x90_0%3A728x90%2C970x90%2C750x100&ur=http%3A%2F%2Fwww.lebanonfiles.com%2F&pbv=7.36.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.lebanonfiles.com%2F&gdpr=0&e_pubcid=800fd301-011e-4aee-af56-fd92b2a381f2
Request Chain 262
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=lebanonfiles.com&sn=ChromeSyncframe&so=0&topUrl=www.lebanonfiles.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=_vRfX3xwT0NrZXdwTHdjc2FuNnBhVmg5ZU5sdlNONmF2YmNUdzkxaEdPK2ZVMjdmUG92N3FNUm5ab3UyL09XRElwUTdiNjVxTWNFbjVDdnU4NnlGeUNhb1hUTmJwNkNUVlU4RGVPOExxdjljZWVuazF4SDhoSnZYQkJuMzRMTU9vNElpTXU5QU9IaDJlV2g2ZzZ2L2dsT3FSK3ErdXJXQ2xpNFVGZDJycUtCMkJTRTBPUW1KY3ZUMEZ2T3o3cTFBamtMelphU3RpSlE4R2JWT2grNVBrL2NTdkExdnJGbUxvQWVpdmowakFZdXV6NnJ2bVJ4VEJhUTNVeHZOeTdXUGxMVXpuYkc4OTBkK1BHUE5DUVBGV1RZREQyZGhFVE8yMGJDNlJjV1VJckR6ODAyRT18&cppv=2
Request Chain 272
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D9fe47168-debf-4cf1-bc31-b3e8292fd01c%26p_id%3D23 HTTP 302
  • https://ad.vidverto.io/delivery/v2/sync?userid=9fe47168-debf-4cf1-bc31-b3e8292fd01c&p_id=23
Request Chain 273
  • http://x.bidswitch.net/sync?ssp=prodoohmox&user_id=9fe47168-debf-4cf1-bc31-b3e8292fd01c&gdpr=0&gdpr_consent= HTTP 302
  • http://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=9fe47168-debf-4cf1-bc31-b3e8292fd01c&gdpr=0&gdpr_consent=
Request Chain 275
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 298
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=C8as3FsXxZISGOL2x9fgPmc22kAq04sybcrry_c33EWQQASCG6OV1YJX68IGMB6ABwJTOhAPIAQmpAlMHVOaOMbI-4AIAqAMByAMKqgSYAk_QGyeoGe5OkAmxeoHEOG7kmGOxJKlzi86bQaKZ9NWqLtO5oXEieJpfM0H44Jf56KGiFKixRZ9Wa2ZCxLIDT_v5wEhWLTGytzTS9V4srp3J2WxUWYrEm0IvHL92yEOe5PalPJgf4JVVYJLxS1r8US6DCukZuFRxYex8W2YYqzIJX8VxM0EgXiKY-QEQHVJYFRgFhOlKHI2czyirWTQ-CMgRyVGxAaD-9CGXfjMSBANATjSgbsPwY4BhSXqr3xfXVjfrRiEY9EtyudGydxIWpkbnwel6eZJ3IqYSGwTX6jiMN8XgVA1QppTvbamZsxUG6f7uuiVB7Mdvot2nsIW3Z07lTdPz5pdrm0Y5b6JhdAjJ92s6f5v13ETABLT1_vrQBOAEAYgFmZep1kuSBQQIBBgBkgUECAUYBKAGLoAHrff_bKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKb6AtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCXVodHRwczovL3d3dy5rcmVzcy5jb20vZGUtZGUvbGFuZGluZy8wMS1lcmZhaHJlbi1zaWUtZ2VuYXVpZ2tlaXQtaW0temVudGltZXRlcmJlcmVpY2gtb2huZS1rYWJlbC1hbnRlbm5lbi1vZGVyLXNlbmRlci-ACgHICwG4E5wb2BMM0BUBgBcBshceChwIABIUcHViLTg3NDU1OTM5NDU2MDgyMDIYhP90&sigh=jIvP3X7u97s&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJWRfv4jp58gJzl33VHF_B3qGGiist0X2AnFmsCUqxGUDKNenjzw_F0wFik7mDyPNQe0lmltuNbjW6J0bSgbZoTMS4u9M_lEhgB&template_id=3484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225334383172039070273%22,%22debug_reporting%22:true,%22destination%22:%22https://kress.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22814975552%22],%224%22:[%2209-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216432495493335749249%22}&andc=true
Request Chain 299
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Request Chain 312
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CZCPbFsXxZKL-N72x9fgPmc22kAqf4p3xcYqMte_xEfHJ_d8FEAEghujldWCV-vCBjAegAazLpuQDyAEJ4AIAqAMByANIqgScAk_QR4OZKezkzPXhA0OzLh5dkf7UZUKN23vCRfXx8QtIw861qNEqxzHAM5kOeIfY7D_ukgzsDrA4K6meguUSgITHha8TqMPEBXxoaWGBgL28UT3LST1wLjheZUctVfT4Rc9WLR5udMcrqi6UuIXw_prANIbzIrKzDSMD5tadXKlznmzY6rva-JYgYWx891VC9fcSFnKn5ltEwOnShYu8Mc7OtHqVftnxvKvzanDvm9iUaYTdyxEwzcaHnXtsf4fYN7w-CbDxz_fDSPcwnsvziozufMEU5AfGb6_RlsxDftt8DD9_Ciq-zx0D6R0ILtddAvbikv2lJtuNaXWdZjHsXPzsQCqoJ-V2mCbMQDDWAjy9v22gPdBqqVJr-e2ewATwlK62yATgBAGIBfvE_PBLkgUECAQYAZIFBAgFGASgBi6AB7y02RuoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDtyAPSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgmZAWh0dHBzOi8vd3d3LnNhaWxwb2ludC5jb20vZGUvaWRlbnRpdHktc2VjdXJpdHktbWF0dXJpdHkvP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY29udGVudD1lbWVhLXRvZnUtYWxsLXF1aXotZGUtbWEmdXRtX2lkPTcwMTJKMDAwMDAxRmNsWIAKAcgLAdgTCtAVAYAXAbIXHgocCAASFHB1Yi04NzQ1NTkzOTQ1NjA4MjAyGIT_dA&sigh=oqoHym4WlNM&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJWRfv4jp58gJzl33VHF_B3qGGiist0X2AnFmsCUqxGUDKNenjzw_F0wFik7mDyPNQe0lmltuNbjW6J0bSgbZoTMS4u9M_lEhgB&template_id=419&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211802940213948539546%22,%22debug_reporting%22:true,%22destination%22:%22https://sailpoint.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221015653804%22],%224%22:[%2209-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221090560908628259025%22}&andc=true
Request Chain 339
  • http://cdn.kdaimo.com/projectagora-483829/min.js HTTP 301
  • https://cdn.kdaimo.com/projectagora-483829/min.js
Request Chain 352
  • http://cdn.kdaimo.com/projectagora-483829/min.js HTTP 301
  • https://cdn.kdaimo.com/projectagora-483829/min.js
Request Chain 367
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEOgjQzKJ2R4WX1BogBbpSqk&google_cver=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEOgjQzKJ2R4WX1BogBbpSqk&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=786b4a3bec89987139dd6174c3ef78c6&uid=786b4a3bec89987139dd6174c3ef78c6&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 391
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YThlMmU0ZTQ5MDMwNGVjMDhiODQ1OWVlN2Y5NGNjM2RkY2FiNDZlNQ
Request Chain 392
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM0HLXVR-3-HH89
Request Chain 393
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/kcRJt26R3MAYxcso2BT5yg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-lRexlktE2oL3q8PwIkglihSsfRhrdATHU0YAwA--~A
Request Chain 394
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=I-TjIRvgRL6jrG-vk9sotQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=I-TjIRvgRL6jrG-vk9sotQ
Request Chain 395
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJ39f9uD43Lr5varnHPUa9I&google_cver=1
Request Chain 397
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE0wSExYVlItMy1ISDg5 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMfU8gXIgtpBp4qSypfo5s0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE0wSExYVlItMy1ISDg5&google_push=
Request Chain 398
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Ry4RqGV1R2u91duYoMOMFQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Ry4RqGV1R2u91duYoMOMFQ
Request Chain 412
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=0bb90bcf-07ee-4bef-ac3b-a4b7f48491f9&gdpr=0&gdpr_consent=
Request Chain 413
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=Nzg4MDYyOTQ5MjQwNzc2MDg1Mw==&gdpr=0&gdpr_consent=
Request Chain 415
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fa-prebid.vidoomy.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253Dundefined%2526uid%253D%2524UID HTTP 302
  • https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=6913797373196767614
Request Chain 416
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=3375610941547449351&gdpr=0&gdpr_consent=
Request Chain 417
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=Nzg4MDYyOTQ5MjQwNzc2MDg1Mw==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPzxmmaABqF1OwUiZkweeV0&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 419
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://eu-u.openx.net/w/1.0/cm?cc=1&id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=5d0501f9-e3c3-0bae-10e0-969cffa7fbfd&gdpr=0&gdpr_consent=
Request Chain 425
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D953a2b3d-5dbd-4c11-5a79-f9fef21b859d%26reqId%3D37706181-b8c1-4e57-5017-426ec88882e0%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D953a2b3d-5dbd-4c11-5a79-f9fef21b859d%26reqId%3D37706181-b8c1-4e57-5017-426ec88882e0%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=ab5980be-a108-4a25-a2b4-bb48ab98ecb2&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Request Chain 432
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D953a2b3d-5dbd-4c11-5a79-f9fef21b859d%26reqId%3D37706181-b8c1-4e57-5017-426ec88882e0%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D953a2b3d-5dbd-4c11-5a79-f9fef21b859d%26reqId%3D37706181-b8c1-4e57-5017-426ec88882e0%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=72145796973904721492166289012063486841&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Request Chain 434
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D953a2b3d-5dbd-4c11-5a79-f9fef21b859d%26reqId%3D37706181-b8c1-4e57-5017-426ec88882e0%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7273811592946841743&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Request Chain 435
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=953a2b3d-5dbd-4c11-5a79-f9fef21b859d HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=953a2b3d-5dbd-4c11-5a79-f9fef21b859d
Request Chain 436
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D953a2b3d-5dbd-4c11-5a79-f9fef21b859d%26reqId%3D37706181-b8c1-4e57-5017-426ec88882e0%26zdid%3D1361 HTTP 307
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D953a2b3d-5dbd-4c11-5a79-f9fef21b859d%26reqId%3D37706181-b8c1-4e57-5017-426ec88882e0%26zdid%3D1361&bounce=1&random=1758669262 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=QsJUka5DAFDEIdePGvibEu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Request Chain 437
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=953a2b3d-5dbd-4c11-5a79-f9fef21b859d?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Request Chain 438
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-v_2Md1NE2oo2XdOpZdP7E.yxTxPIez.YYw--~A&zpartnerid=570&env=mWeb
Request Chain 439
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=SWE&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=SWE&zdid=1361&cid=5XIzeCvVCnd9VYy1iJ1gWKBkVp6OziEi%2BS41iYitP1U%3D
Request Chain 443
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D953a2b3d-5dbd-4c11-5a79-f9fef21b859d%26reqId%3D37706181-b8c1-4e57-5017-426ec88882e0%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D953a2b3d-5dbd-4c11-5a79-f9fef21b859d%26reqId%3D37706181-b8c1-4e57-5017-426ec88882e0%26zdid%3D1361&_test=ZPHFGwAJwnUCQQBV HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZPHFGwAJwnUCQQBV&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Request Chain 445
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Request Chain 446
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361&dcc=t
Request Chain 448
  • https://pixel.rubiconproject.com/token?pid=41544&puid=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=LM0HLXVR-3-HH89&env=mWeb&zpartnerid=1770&gdpr=1
Request Chain 457
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-e755f5a5-d945-37eb-8b12-dce486826668
Request Chain 458
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=-6564974426313112687 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=e3c2486d-9af6-52f4-a3c0-e8aec7312db5
Request Chain 463
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6913797373196767614
Request Chain 469
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 471
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Request Chain 472
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Request Chain 485
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=ed8f39ebc1dd63af53b15e4529903236867b9622442926dc6c70a2a6c300f747
Request Chain 488
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjkwOTk1MDg5ODg1OTExMjg0MDM5 HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 489
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJgSYn--94qqsZi8ovpCotw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 490
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjkwOTk1MDg5ODg1OTExMjg0MDM5
Request Chain 492
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=690995089885911284039&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=690995089885911284039&gdpr=0&gdpr_consent= HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=${BSW_USER_UD}&bsw_param=0e6106d9-cb1a-488f-8355-e1be61655f1d&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=0e6106d9-cb1a-488f-8355-e1be61655f1d
Request Chain 493
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/690995089885911284039?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-ujze11JE2oQodrfsJCXClhEoGVQgLPtez7NID7D7Hw--~A&dongle=0883
Request Chain 495
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=0bb90bcf-07ee-4bef-ac3b-a4b7f48491f9&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 496
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6913797373196767614&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 497
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPHFGz0IGCvxrvg0RKIHOQAADK0AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBvqywSJ3gwv961sx1xy7Gc&google_cver=1
Request Chain 500
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZPHFGz0IGCvxrvg0RKIHOQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE_pPrCVCSzw1rWdKSzVZz0&google_cver=1
Request Chain 501
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1693652635
Request Chain 503
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=TzQf0P2KVUdxXR8QejjcL8Eg-Pg
Request Chain 504
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7061777754893075511
Request Chain 506
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 508
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=am8-pT9uafZxOTvwOj11oW5tbPFxYj6lPj_aaM7n
Request Chain 510
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AYHcZ-tASgWlZUS-Lhe9iw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 512
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=0181DC67-EB40-4A05-A565-44BE2E17BD8B
Request Chain 513
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=0181DC67-EB40-4A05-A565-44BE2E17BD8B HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OTBla2ItMS13bWVTUW1xQ0Z2VHpsYXowZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=3375610941547449351&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 514
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDE4MURDNjctRUI0MC00QTA1LUE1NjUtNDRCRTJFMTdCRDhC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 515
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAFDW_I0UzM5UUSUpm5oMvw&google_cver=1
Request Chain 518
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3375610941547449351
Request Chain 564
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEA-yPqqCUfGFE6Gh5_Gkhp8&google_cver=1&google_push=AXcoOmSGyQTs8sczA_YjKiltrPQ15DUJuGxgL9yxqZYPbfwl58Aj3M5twC9Jl4S8Kv2KhBINmldzvan-9LsxB8aH84YnPizz3JbW548&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSGyQTs8sczA_YjKiltrPQ15DUJuGxgL9yxqZYPbfwl58Aj3M5twC9Jl4S8Kv2KhBINmldzvan-9LsxB8aH84YnPizz3JbW548%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEA-yPqqCUfGFE6Gh5_Gkhp8&google_cver=1&google_push=AXcoOmSGyQTs8sczA_YjKiltrPQ15DUJuGxgL9yxqZYPbfwl58Aj3M5twC9Jl4S8Kv2KhBINmldzvan-9LsxB8aH84YnPizz3JbW548&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSGyQTs8sczA_YjKiltrPQ15DUJuGxgL9yxqZYPbfwl58Aj3M5twC9Jl4S8Kv2KhBINmldzvan-9LsxB8aH84YnPizz3JbW548%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 565
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEE7ujMiuFzKYJPQ5HzcdSlI&google_cver=1&google_push=AXcoOmQvA4ygQDO-as8T_X1qyUHlavRrSXXP8OksRe8d0lKKN74NK2hhxIzy9mJYelVnXCzWY0TK6vRLGOEZNUeYm7_5JtzNJYpS-fQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQvA4ygQDO-as8T_X1qyUHlavRrSXXP8OksRe8d0lKKN74NK2hhxIzy9mJYelVnXCzWY0TK6vRLGOEZNUeYm7_5JtzNJYpS-fQ&google_hm=-tMMNsbWQOa1jv3aHCMCVfg
Request Chain 567
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK487k_fOeIuD49vXMES-U8&google_cver=1&google_push=AXcoOmSKBzUTxXMFeZNvpHOFRkfw1GheL2dkIaVjxuswF-o0pDLEXMv5pKBlJi3SLymJaqnuYFC5pnauIJOnXGfNsQIwMRtychYClZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzM3NTYxMDk0MTU0NzQ0OTM1MQ&google_push=AXcoOmSKBzUTxXMFeZNvpHOFRkfw1GheL2dkIaVjxuswF-o0pDLEXMv5pKBlJi3SLymJaqnuYFC5pnauIJOnXGfNsQIwMRtychYClZg
Request Chain 568
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEKcFPCNnxt08yfrSgDXjYHk&google_cver=1&google_push=AXcoOmTQ6wpDjpRBZxPXvYkKjVPEvpBVlT8WhVW2upCJML21s41Yqi052Wq7ufxKtyCyqL0o1bxNI0e9TqilcltlB8YD4ppOEPW0IA HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEKcFPCNnxt08yfrSgDXjYHk&google_cver=1&google_push=AXcoOmTQ6wpDjpRBZxPXvYkKjVPEvpBVlT8WhVW2upCJML21s41Yqi052Wq7ufxKtyCyqL0o1bxNI0e9TqilcltlB8YD4ppOEPW0IA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTQ6wpDjpRBZxPXvYkKjVPEvpBVlT8WhVW2upCJML21s41Yqi052Wq7ufxKtyCyqL0o1bxNI0e9TqilcltlB8YD4ppOEPW0IA
Request Chain 569
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK487k_fOeIuD49vXMES-U8&google_cver=1&google_push=AXcoOmTKAi73THLu6fWP6w84Clrgry2Oovj3R9F-U2df2X2GvFAZkeGypu5O8lLzEI9LjUkqKY21ECOy9j1ZHhfEK7_C7c4B1Zo8tQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzM3NTYxMDk0MTU0NzQ0OTM1MQ&google_push=AXcoOmTKAi73THLu6fWP6w84Clrgry2Oovj3R9F-U2df2X2GvFAZkeGypu5O8lLzEI9LjUkqKY21ECOy9j1ZHhfEK7_C7c4B1Zo8tQ
Request Chain 570
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAwb5PYOU1JWEuS8X_fNaQc&google_cver=1&google_push=AXcoOmR0Tye1bjK0gbLfBPmFXJPkCjAkpTsz41hu0ecDClQgwA9bqvimZSfnugQP7HQnTy1lZWpv_kcjvbzQza6dY0HHO0NnqJd_RVE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR0Tye1bjK0gbLfBPmFXJPkCjAkpTsz41hu0ecDClQgwA9bqvimZSfnugQP7HQnTy1lZWpv_kcjvbzQza6dY0HHO0NnqJd_RVE
Request Chain 606
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZPHFGz0IGCvxrvg0RKIHOQAA%263245
Request Chain 611
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1693566237_3f5eda61-48b7-11ee-8502-226591661de6&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 614
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNqO9O-hiYEDFVyPgwcdMVMLDg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023090113035788480820755X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023090113035788480820755X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Request Chain 617
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3Dviewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CICU9O-hiYEDFRaK_QcdSzkMXg;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3Dviewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023090113035788480820753X113752V1225131106MSviewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
Request Chain 631
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D86b2998d6e37678b%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=86b2998d6e37678b&uid=6913797373196767614
Request Chain 633
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=660898&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZPHFGwAJwnUCQQBV&gdpr=0
Request Chain 635
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D86b2998d6e37678b%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=86b2998d6e37678b&uid=ua-e755f5a5-d945-37eb-8b12-dce486826668
Request Chain 638
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6913797373196767614&gdpr=0&gdpr_consent=
Request Chain 639
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7273811592946841743&gdpr=0&gdpr_consent=
Request Chain 640
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TzQf0P2KVUdxXR8QejjcL8Eg-Pg&gdpr=0&gdpr_consent=
Request Chain 642
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU5e10832b45cc4462b3572c448e5a45ae
Request Chain 643
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEVUFFN0o0NG9BQUNZUkFTSngzZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADUAE7J44oAACYRASJx3g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7880629492407760853&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AADUAE7J44oAACYRASJx3g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D7880629492407760853%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=7880629492407760853&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADUAE7J44oAACYRASJx3g&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADUAE7J44oAACYRASJx3g&gdpr=0&gdpr_consent=
Request Chain 646
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0181DC67-EB40-4A05-A565-44BE2E17BD8B&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0181DC67-EB40-4A05-A565-44BE2E17BD8B&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 647
  • https://pixel.onaudience.com/?partner=214&mapped=0181DC67-EB40-4A05-A565-44BE2E17BD8B&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 648
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=0e6106d9-cb1a-488f-8355-e1be61655f1d&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=0e6106d9-cb1a-488f-8355-e1be61655f1d&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=b97da03c-12cd-47f3-a6d6-155bf5698b5d&ssp=pubmatic&expires=30&user_group=5&bsw_param=0e6106d9-cb1a-488f-8355-e1be61655f1d
Request Chain 650
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7061777754893075511&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 651
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0c2c575f-ffd4-46d8-b1f6-6c1a8f7f0181&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 652
  • https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=3375610941547449351
Request Chain 653
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D86b2998d6e37678b%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=86b2998d6e37678b&uid=ua-e755f5a5-d945-37eb-8b12-dce486826668
Request Chain 654
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D86b2998d6e37678b%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=86b2998d6e37678b&uid=6913797373196767614
Request Chain 660
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=660920&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=0
Request Chain 663
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 664
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329527491353795
Request Chain 665
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=0181DC67-EB40-4A05-A565-44BE2E17BD8B&gdpr=0&gdpr_consent=
Request Chain 667
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5280225782490877415
Request Chain 669
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1rtm15qasr2p
Request Chain 671
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=1fa4a74a21afe60f/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNOvcHvPGbMgWgTWgXbgMnUaM%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DNOvcHvPGbMgWgTWgXbgMnUaM%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbMgWgTWgXbgMnUaM&gdpr=0&gdpr_consent=
Request Chain 674
  • https://creativecdn.com/cm-notify?pi=vidoomy HTTP 302
  • https://creativecdn.com/cm-notify?pi=vidoomy&tc=1 HTTP 302
  • https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=izrLvbA0RdEVbh7ky2FE&pi=vidoomy&tc=1
Request Chain 676
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3D84505256fda787db755d084ff7155137%26dspid%3Dopenx HTTP 302
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=715219ce-cb9e-072b-3cfe-e8b558efe2b6&vid=84505256fda787db755d084ff7155137&dspid=openx
Request Chain 684
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1693566240743 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4662367904 HTTP 302
  • https://sync.1rx.io/usersync/turn/7061777754893075511?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7dc8566d-b21b-455e-9d99-1df35d6c5b04-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-7dc8566d-b21b-455e-9d99-1df35d6c5b04-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7dc8566d-b21b-455e-9d99-1df35d6c5b04-003
Request Chain 685
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:76557FB67D564EDD94437832115B10D2&gdpr=0&gdpr_consent=
Request Chain 687
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6913797373196767614

672 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.lebanonfiles.com/
Redirect Chain
  • http://lebanonfiles.com/
  • http://www.lebanonfiles.com/
350 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.lebanonfiles.com/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
407c89fe8e59d1bef14a0c3885d541d077f7d2222f17aa5c6c5637249af31c77

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7ffd07663e9591e7-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Sep 2023 11:03:49 GMT
ITW-Cache
HIT
Link
<https://www.lebanonfiles.com/wp-json/>; rel="https://api.w.org/", <https://www.lebanonfiles.com/wp-json/wp/v2/pages/182>; rel="alternate"; type="application/json", <https://www.lebanonfiles.com/>; rel=shortlink
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fu82htE5vEQZAW31VFOz1Lkd%2BvhR1WRPXB0DXiGO%2FYtR5zwwVXHRG7eIWUjK44lLl%2FWyyef%2BBnnOUF2M0N8uVKwXqoVczF%2FIsZ5IDILDHcnEPvVjPykyedo7wVIhBNoFXrK5JbMJZdmtaSHwEr6PTL%2By"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
7ffd07658e111968-FRA
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/html
Date
Fri, 01 Sep 2023 11:03:49 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Location
http://www.lebanonfiles.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLLncQ4PRF8GPhZnBQFZyLtlwFddkLOeFDolz5uVIMgHvp%2FI3XVfrZss2bMIqHqddnG90tXgv5Aw0%2FnWruy8BAGJfnw7%2BkBdeZfEQzBFgmEaMhdmrAkA2WAc5OU19x%2FGit7aDh%2FanUx6O31Td3k%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Strict-Transport-Security
max-age=15768000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
alt-svc
h3=":443"; ma=86400
styles.css
www.lebanonfiles.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.6
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4818542
cf-polished
origSize=2859
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 11 Apr 2023 22:47:51 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UiCr1MnQN7jbujbqKn2lr4m6vsawEkqQajwnWg%2FoE%2BdoXmwP5ukBdheys%2BjLGMoC9QGwZInNVlCWNRs80ta06e%2B6e8AvFXS%2FrhhGDWEg6QDjgQcVRfHzu%2B1M%2FMDLvTqZ21i%2B%2B9pbKthiQG80d8vSQjrw"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
7ffd07670fba3653-FRA
expires
Sat, 06 Jul 2024 16:28:13 GMT
triangle-mena-news-coverage-public.css
www.lebanonfiles.com/wp-content/plugins/triangle-mena-news-coverage/public/css/ 		0
315 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/plugins/triangle-mena-news-coverage/public/css/triangle-mena-news-coverage-public.css?ver=1.3.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4818542
cf-polished
origSize=98
alt-svc
h3=":443"; ma=86400
content-length
0
cf-bgj
minify
last-modified
Tue, 28 Jan 2020 12:11:23 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWidksRZVjLSCZ6%2FdUC%2Bjilwg19OUk64MTC2kys%2BWaUynCi1am%2BIOQjHsPiJYcmHnWcRuJFrk%2FMvqPeGskoKMOQpeCHRA33BTM1wIPzj1KIYAotc0Q1l2qN%2FLPA%2BRTmbPXrjvTjSvjOecj5uOiw5wHds"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd07670fbd3653-FRA
expires
Sat, 06 Jul 2024 16:28:13 GMT
plyr.min.css
www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/plyrJs/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/plyrJs/plyr.min.css?ver=13.0.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c3718a6ae4f2eb59d54458122825583392158ad8664f85806610271ad31f392

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Jul 2021 08:55:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4818908
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oz%2BgAM%2BFqsNR7v8hpUcIHCiXoiaZyAwRA82un25dc8qMH1Ve%2BJ23d8nxc3ke1yj%2BfPouTRSgmelJF4N%2BsxSV6cgXhMbttP9Lwkn3qe1ReuX6AohDPpRLQ%2F3J2h6MQ0HJnbtRjmDdKehIZZgvATC1H5Mv"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
7ffd07670fbe3653-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 16:28:12 GMT
style.css
www.lebanonfiles.com/wp-content/themes/lebanonfiles/ 		308 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=13.0.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a86ed54db67b0b14aff5d9560b711c713f4b01f2bd641a89a77dd327d5f110c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4818908
cf-polished
origSize=379979
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 07 Jul 2023 15:56:27 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JI92mRB5tDn%2Fr%2BHRBvI9EfPweCeKpIJK1gm%2B3nstaFitFbJMPfMAd7%2BBhdns4K36IObeaY%2BbGJMzV3bNee698bBOrlqZMGgsV8SLdw81tIH0nUxzrke98J%2FqlXxdsTDmVIIfKmpJMqE%2FJ3RdN4XsrxFo"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
7ffd07671fc43653-FRA
expires
Sat, 06 Jul 2024 16:28:12 GMT
simplebar.css
www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/simplebar/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/simplebar/simplebar.css?ver=13.0.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
398479678a61a08fb0c4c6608eb274f3ff3900e40d6008f5d4b90c8d06efd331

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4818908
cf-polished
origSize=3819
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zsg4UTkocXewpswzI91tlgoJwPt6HlDziNPl%2BavoQTMEIJDljV8F6KUg6JlKc9WtSBvWYAc6OfiBEH6sSDY95sXhKoWOZb%2FbMvOhTJj3HaRoZIUduCHV58N4wmtlm0gme4UcdiFqzDJqCRrBlzxfZbEh"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
7ffd07670fc33653-FRA
expires
Sat, 06 Jul 2024 16:28:12 GMT
swiper.min.css
www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/swiper/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/swiper/swiper.min.css?ver=13.0.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67b6584af0fff14908d8f05c0eb9d59cb809da113feffd197f3ddb38a779ea45

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Feb 2020 22:12:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4818908
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GBb3wHL2zlp5wtVdVzRElGrWucOkdD04SXOLik1CvIgL1LZUzCMJ%2FnMBRZ5N0xv9YAXnqyrFc63tVGH6Opmc%2Fn2JCEXEzaWJZbvUljd0tfh6DxPMJiaeGQiGKc1Rw0FDA9azRfUFODdfh3liKorvNxG"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
7ffd07670fc13653-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 16:28:12 GMT
live-news-icon.svg
www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/live-news-icon.svg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9835caf857ce89641ff388de4d9deb25ef12912ae950b5c3d7f35ef709b7bf54

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Mar 2020 08:25:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4818857
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MALbXG4pPtp%2Fm%2FbZ%2B6tRrhOh6ZHSRCD59BjsewxvUO%2BSsS0i1M%2Bf4Me0Klyp5eLg518iuzWXi3F7yXLx8ACFg3skCgYzCog3p%2F7BJsATxrW9N2PErXbwAY01kl8HC%2B5fkSXOdMK48%2FtfYxIPBDMOLEfd"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7ffd07673fe83653-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 16:28:12 GMT
trianglemena-logo.png
www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/trianglemena-logo.png
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db5d999e356d97a5cf821870429655191d582cb778c71312215215751b922eb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4818856
cf-polished
origSize=6872
alt-svc
h3=":443"; ma=86400
content-length
3837
cf-bgj
imgq:85,h2pri
last-modified
Wed, 29 Jan 2020 20:48:38 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2MqAywM8bgjOlIhhPJEa30lIK2ks9pjpsMqyZjc0d3O6%2Fwa5700JKESL9jx7OS0B9VixzZPXZwzcl3qwclrTGh4pi5sbMilvxtJ22bTwbMPY87aPMNp6jn%2Fk8FGbdPttSkVso6L3wjQCyQurw2MLHtFK"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd07673feb3653-FRA
expires
Sat, 06 Jul 2024 16:28:12 GMT
rocket-loader.min.js
www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 25 Aug 2023 15:15:50 GMT
Server
cloudflare
ETag
W/"64e8c5a6-302c"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2I9NoHWTc0RiUNflhg%2F3kN06ynzcSv2fSYReZx28m%2BeIWsn26LZ%2FOW9JcUlalt%2F3RqhhVbChCBEBn0Gj5WH%2FrPTP0UUGOfRKTn06JVabTYvGQGQA1%2Fgz0kaOI66u%2Fai3Fx1PKmfmsPo201K%2Fg83teuR"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
X-Frame-Options
DENY
Cache-Control
max-age=172800, public
CF-RAY
7ffd07670f5391e7-FRA
Expires
Sun, 03 Sep 2023 11:03:49 GMT
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
http://www.lebanonfiles.com/
Origin
http://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7ffd07673b89ac9e-TXL
logo.svg
www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/ 		14 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/logo.svg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=13.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b545867fa76275afab94da71ec2e4059d9694e77e7e3f3a879d16e677f0ec2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=13.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4818810
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fDG9THyBMjTi9uQvtQ7BQ5QPGEZGzduhyRoi0fYD48TiU8sqtzXdpvfWBxcAITtKANhpKAO%2FFLoUqoVmJTYw5Sm5zkjQfFheVPWuS2WCrHEXR0%2BE4nELADNLwK3cuWPw%2BkJ%2BrwHudzmqBAXPonSGRx4C"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7ffd0767884a3653-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 16:28:13 GMT
ticker-icon.svg
www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/ 		1 KB
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/ticker-icon.svg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=13.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c25f17d25f76448906480fb83546ad8d0f7bdcb900a172c1d3f7488f34db723

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=13.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 03 Sep 2020 10:11:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4818810
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oiy2vZJieOhY1INSiEXQMn3jdDoKS3%2FXNmhwBQ3qfh8ORlyWramLn19WizyWC912hVcVKlKJXr4gDC1%2FF%2BHTAm6g7kjDTXUmdq%2Bn369z%2BRom369VTlCrZ%2FZxWEHfeKqojI6FrVT%2Bn3OYKwJRQueq9XfT"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7ffd0767884d3653-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 16:28:13 GMT
lf-small-icon.svg
www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/lf-small-icon.svg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=13.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b791d9b523b9be4615eed3ada77b540ecb01bcdbec149b19d7b3a323300662e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=13.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 03 Sep 2020 10:11:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4818810
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6FLElUJaQgSA8WpjuXwBU93Nf4rOa8bCm9jR8mwzrKTorKwqdmQYtkXE%2BJ7v6RjERe4Eyz9tsBgL30N1I4483QyXew945bzrPP5I3lfVfagCcrXZ96IhHTsZA3tTp2MwTP4XHyk94mmoFyHY2zIMpMZY"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7ffd0767884e3653-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 16:28:13 GMT
Screenshot-2023-08-23-111339-1-300x188.jpg
www.lebanonfiles.com/wp-content/uploads/2023/08/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/08/Screenshot-2023-08-23-111339-1-300x188.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c06f51a7b5892f0981f5982dc2070d6ed19df0c799fb4eac6aa847eae018c1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
787036
cf-polished
degrade=85, origSize=11678
alt-svc
h3=":443"; ma=86400
content-length
11305
cf-bgj
imgq:85,h2pri
last-modified
Wed, 23 Aug 2023 08:23:38 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5ikAK9eNu6I6z3DOVCb9Ci4yqyLznej9hSccnOihkdz%2FI8yHOyttTIpoZsMsr65lvHvDLAxstQMDg%2FZN5IoEaZfvu4pxNGZ4clBkvrB5bobAm7qplmWWfJBWNWSVS9%2Bfa6VBxj%2FZFdlnaJj0fSFJx2s"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd076788553653-FRA
expires
Thu, 22 Aug 2024 08:25:24 GMT
Screenshot-2023-08-10-104206-1-300x153.jpg
www.lebanonfiles.com/wp-content/uploads/2023/08/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/08/Screenshot-2023-08-10-104206-1-300x153.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
feffa0462565c770b4ec4e96e046b286b948a4fd09ef0ecf516b3dd546e14215

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1912534
cf-polished
degrade=85, origSize=12339
alt-svc
h3=":443"; ma=86400
content-length
11685
cf-bgj
imgq:85,h2pri
last-modified
Thu, 10 Aug 2023 07:45:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aDizIB10BHdIsSgBfnkMWnNhVdncyMRdK4aKE8s0G%2Bxn%2FNz2NCTA%2FFgfImpoGSXlrNUOmPCMitWONBR%2F5qpITjrn3snYLoIbxmPvKjarB5MVQ2Rz9jy%2BrSEF4AB0ccRkpedo%2FtzOO%2FyajWD82QWwnYvW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd076788563653-FRA
expires
Fri, 09 Aug 2024 07:46:38 GMT
2121-300x277.jpg
www.lebanonfiles.com/wp-content/uploads/2023/08/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/08/2121-300x277.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df4ed157474854943dd623b2d7918e46db1077b038bc75fec07b3a16196d73c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2604727
cf-polished
degrade=85, origSize=15706
alt-svc
h3=":443"; ma=86400
content-length
15180
cf-bgj
imgq:85,h2pri
last-modified
Wed, 02 Aug 2023 07:28:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FpLdaTVSzL6qP7TgG4MFpQ5ISc4zj%2FB7RLLuImxwjBd1F0RUiEx7BLhE4TqZ6pyVgEj56fMnVICoGVLMHymQxcf0Jh4u1qg1%2FgqisqDp8EViMmzAg56xy95rsOW1a8ygOP61VTM7cqybKpIaaWS7Ua0"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd076788573653-FRA
expires
Thu, 01 Aug 2024 07:29:54 GMT
yawmdesaterbg.png
www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/ 		212 KB
213 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/yawmdesaterbg.png
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=13.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
401322bc63046615783e0c917807bb0f898efa0b5ecc2fc4d18673ebc81f695b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=13.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4818518
cf-polished
origSize=230045
alt-svc
h3=":443"; ma=86400
content-length
217063
cf-bgj
imgq:85,h2pri
last-modified
Fri, 19 Feb 2021 07:14:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rvuc4P2w2fmd5VrcIQjNDyZuxOOuknzEfHP52JPK4WLZJq0TGGnrf1vqOKga%2BgMw1wWEXRsyHD8LIahMEsum9BWw7HV8u%2BWDsPk7h14GAErB6jsGB3Cby5GDBw7JQ4rRx2kvhlyAtrviPuAjHJFmWhTo"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd076788593653-FRA
expires
Sat, 06 Jul 2024 16:28:15 GMT
video-icon.svg
www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/ 		1 KB
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/video-icon.svg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=13.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81519deacce30ac3640700d27b2125240a8e7c5418d7798c83aba2067f620463

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=13.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4818518
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zugnXEcYjgM8eN0%2FLBsiwYyMAcK95bHDHjB5Os6UYhL0aBiMEUgiYB0KYKspJVUwVcrxEA4lpb2Ik2J5a5Dp%2BBp17ShjWoYWn1BUXajIBCfYvOsVH1L4AQk66pWKTH3VEtwSTezLxNS2mdo33UY5HuA%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7ffd0767985f3653-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 16:28:15 GMT
Screenshot-2023-08-23-111339-1.jpg
www.lebanonfiles.com/wp-content/uploads/2023/08/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/08/Screenshot-2023-08-23-111339-1.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf98351346a79f27a1707d7ac87740ad483b1469ecf7b0242727db7bcab89a49

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
787036
cf-polished
degrade=85, origSize=34366
alt-svc
h3=":443"; ma=86400
content-length
23807
cf-bgj
imgq:85,h2pri
last-modified
Wed, 23 Aug 2023 08:23:38 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OdDL2yd2GC4Y0vccv%2BxVU2ye4CL4mB%2BX0wLzT%2FXwrfAuVoGlzbokzTesOGh5V4U4o%2FPGuuyMtmgzykd1ikBQ31Y7X1qvNcxPTlv9JMna5gTWEzT24GRL3kRKwwYBanHa3d3o6rBiHV%2FlclGMFs3JSVdj"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd076798603653-FRA
expires
Thu, 22 Aug 2024 08:25:24 GMT
Screenshot-2023-08-10-104206-1.jpg
www.lebanonfiles.com/wp-content/uploads/2023/08/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/08/Screenshot-2023-08-10-104206-1.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd3ef1e0cf7d865dd4a1b2e6d9745d8d0ae7bf1a488285e380200ca93425c16d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1912477
cf-polished
degrade=85, origSize=49563
alt-svc
h3=":443"; ma=86400
content-length
34092
cf-bgj
imgq:85,h2pri
last-modified
Thu, 10 Aug 2023 07:45:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCtFajPStiMyHBRw5slcaFkMdHeXk%2FeR12ycQJajwxVD6UehcO5JqVcmbn53pkWZJaPNma9u4ZU%2FPB4PGIRnkUCSdZbSmg4tkQipOZapqPYpBD54Hm8KwWSrA3IJl1jpOPsK4ox6xUG8ZqQ1QDwRG6IL"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd076798623653-FRA
expires
Fri, 09 Aug 2024 07:46:38 GMT
rabih.jpg
www.lebanonfiles.com/wp-content/uploads/2023/08/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/08/rabih.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12f093bb3ec6b28936c066143b112e2c283f12b119b2b44139565faf946973e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2509353
cf-polished
degrade=85, origSize=38196
alt-svc
h3=":443"; ma=86400
content-length
26201
cf-bgj
imgq:85,h2pri
last-modified
Thu, 03 Aug 2023 09:59:33 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1IypzdeyQBIE0CU%2FkOSZBzKSto%2F3HqMm0kb3NdzDNmfNHk9z4GpiLTni6OAy97CjfTZvvJ2tH59tIjrQxGckG3FV604eNVNBM8yhS8sCdgGzpOOxKRZiGylBVTFx%2Fq5x7azrSTybx4px8obbhuJhYUP"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd076798633653-FRA
expires
Fri, 02 Aug 2024 10:01:09 GMT
2121.jpg
www.lebanonfiles.com/wp-content/uploads/2023/08/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/08/2121.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85353c730ff25e8bb5def64ccf39f12fa153df5e1678ecfe9c7eff7c2f0d1d6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2604727
cf-polished
degrade=85, origSize=58401
alt-svc
h3=":443"; ma=86400
content-length
30220
cf-bgj
imgq:85,h2pri
last-modified
Wed, 02 Aug 2023 07:28:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdcH0XbierXuan5P3PdgtTSB54RR67koz8GCWCm0bohygQnrP8onI0%2Bl3JWOEzRVqBpKsddqR%2B4F%2F4m0TMgFuyZ5cE3oW3KawzE5xW5dRa6xgCpyQglK5LYRJh0IsimEEY7OlUvX70BvueSV6RfBvnUo"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd076798653653-FRA
expires
Thu, 01 Aug 2024 07:30:06 GMT
Screenshot-35.png
www.lebanonfiles.com/wp-content/uploads/2023/08/ 		682 KB
683 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/08/Screenshot-35.png
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d342b07d87840b66f504fcbb361ca50250e4566deb94a20c4dd2992a624da25

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2640877
cf-polished
origSize=976439
alt-svc
h3=":443"; ma=86400
content-length
698182
cf-bgj
imgq:85,h2pri
last-modified
Tue, 01 Aug 2023 21:15:46 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPlBpnJ9Q9%2FgRvwvBqiEv5kn71Mq%2F2MtwxxMqRm69WVAq7M3DrFvC%2F%2FmalTRuZX3zA8Ya%2BrRw%2BpNRh3Q1Lp9ekWJ9Gkaa1AsdfhwlTIMGCv83btgEOIARqfDgx36JtZ7rUKjamoY7BkR%2B2e7dkCLKGlc"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd076798663653-FRA
expires
Wed, 31 Jul 2024 21:18:34 GMT
truncated
/ 		152 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81f5a03e1b49cbe1692501481bd08328870b21f448be669a04666ae2a6c96855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		150 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d47a786c6b9e0f114e0ff0c92a8ff81d27d822447e41279494336c84560ea675

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
ArbFONTS-The-Sans-Plain.otf
www.lebanonfiles.com/wp-content/themes/lebanonfiles/fonts/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/fonts/ArbFONTS-The-Sans-Plain.otf
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=13.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6f14410f46ae33b84e0707dcf7bb436b153e7ee83485b583592052a48e983b6

Request headers

Referer
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=13.0.0
Origin
http://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1666672
alt-svc
h3=":443"; ma=86400
content-length
60160
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJ%2FxXv4j3%2B9CZuZh2H84d%2BJRoIBsfLOepXfKH1RG8g7mBAe%2FpbGRWeiDkbQZhmUy%2BgkmQKcI9lO3YPqd6r19HFbBPjn0G9Vhu%2Fk6H%2BQg80DSei7zyjxdOCs4wTshzaKjQcHoCku5LkxEJQL3hg%2BICQrS"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767dd043829-FRA
expires
Sat, 10 Aug 2024 00:40:39 GMT
fontawesome-webfont.woff2
www.lebanonfiles.com/wp-content/themes/lebanonfiles/font-awesome/fonts/font-awesome/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/font-awesome/fonts/font-awesome/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=13.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=13.0.0
Origin
http://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1334707
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W34BhMnkVUuL4cv6aZl8vdr3ocSoGcszfSa%2Fpuc6kKFAbA1T%2BdndJKXXga9jEFZoYPEen6%2B0F04zGqh%2B1%2FPDXMhqsf7PmyKQoxArdDCqOFBrNTYYgxlEkq8G0ucvtNPQvQ60f9dy6LJCCiPUriTOSQXY"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767dd063829-FRA
expires
Thu, 15 Aug 2024 20:20:33 GMT
ArbFONTS-The-Sans-Bold.otf
www.lebanonfiles.com/wp-content/themes/lebanonfiles/fonts/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/fonts/ArbFONTS-The-Sans-Bold.otf
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=13.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
707d47e8f794caef2636919f7e4a1ee998ee9280fa0798af057c605a5894d569

Request headers

Referer
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=13.0.0
Origin
http://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
455909
alt-svc
h3=":443"; ma=86400
content-length
59664
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfTvuDMSO%2FAAVkeDbLkEij24A%2BGBnFNUnHpnomEkZXTJpBgA6atlh57MXC6hLHg8YAaeD5TEMoXiAP0TrB3P9C%2BLcLlEIT87DJI9EXzpdmt9ooPNCCIh6F0gv1IOcnQOVfAiAZfq9ddRcoEj1U0D3UtN"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767dd083829-FRA
expires
Sun, 18 Aug 2024 00:52:14 GMT
rahi-400x232.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/rahi-400x232.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cfa1d7c4bc439e66028d23a3cd184f9b98d7da453c55c36594b15dc4453b1bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5188
cf-polished
degrade=85, origSize=17352
alt-svc
h3=":443"; ma=86400
content-length
16712
cf-bgj
imgq:85,h2pri
last-modified
Sun, 05 Feb 2023 08:53:05 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69IzrxJIqnvhtW2BGwdSGbRwA0OahAU3k%2FeXV8Mr7gSzJlZEtzY4yGDxMkZY%2F0Y1u%2Bgf3MLw0ZmhRkx%2BV7FLHFxpVM4jPnF%2BaVxzudx1vZBM%2BsfeqMQLL9MArkGn0EHpF%2B%2BuiWL4y8Nu3OeQgb9PIM2z"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767dff39036-FRA
expires
Sat, 31 Aug 2024 09:37:11 GMT
%D8%B9%D8%A8%D8%AF%D8%A7%D9%84%D9%84%D9%87%D9%8A%D8%A7%D9%86-400x232.jpg
www.lebanonfiles.com/wp-content/uploads/2023/09/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/09/%D8%B9%D8%A8%D8%AF%D8%A7%D9%84%D9%84%D9%87%D9%8A%D8%A7%D9%86-400x232.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3d8de82fcd4eebac0fe6855db47b608fc70365a23c4883252baaba34d170f1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3720
cf-polished
degrade=85, origSize=15766
alt-svc
h3=":443"; ma=86400
content-length
15113
cf-bgj
imgq:85,h2pri
last-modified
Fri, 01 Sep 2023 09:58:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FMAKdbtNi%2FtQXBBdq1eiFqcfBJyAYsuwH8489FQ72%2FofwTJyqOm%2BFaH%2F31QsMop8pryr0jMiTVgdZf%2BTqLq7saHPwQeqzrcyoxnE8vJ6FU4ky1c6pvb9N7QouyD4bP9fjNKwLpCGDBrZIzgdxweAMFd"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767efff9036-FRA
expires
Sat, 31 Aug 2024 10:01:11 GMT
hockstein-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2022/10/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2022/10/hockstein-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96b599fc1ed933b6f0851046c641e1bf25250a51d847167b645727e8fa5bd7e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4286
cf-polished
degrade=85, origSize=11548
alt-svc
h3=":443"; ma=86400
content-length
11148
cf-bgj
imgq:85,h2pri
last-modified
Sat, 15 Oct 2022 07:21:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JGIveme0Hfa1CUq8fnOKZ9Ms%2B%2FgKr04g3grKy%2BSIGtfxAzQdrLh84kfBKcvvy6WsbnMNX375i6YalGowXJc6H%2Fh%2BHCDsHtIvNWpD1IyO6bgfxWM0GCP0I9twDaaCzwMJVuCiOYy6xpXg4NcTHWnv9MwL"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e8019036-FRA
expires
Sat, 31 Aug 2024 09:52:08 GMT
%D8%B9%D8%A8%D8%AF%D9%84%D9%84%D9%87-%D8%A8%D9%88-%D8%AD%D8%A8%D9%8A%D8%A8-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/05/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/05/%D8%B9%D8%A8%D8%AF%D9%84%D9%84%D9%87-%D8%A8%D9%88-%D8%AD%D8%A8%D9%8A%D8%A8-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e69d296b0a284ad3aa25fb3231b370cb4ac2dec672a588d96ecbd43075ab11b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
degrade=85, origSize=26916
alt-svc
h3=":443"; ma=86400
content-length
15051
cf-bgj
imgq:85,h2pri
last-modified
Tue, 30 May 2023 13:04:46 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zuOnwi413cCqWgR26AljxQ77LmRzsvWmwQgw%2BoS39hs3XkhA2UHbh5qmy89J0BF5Lc4%2BYjqlHGd4StdErSBSOv5F6loih7iRPivHnDxPC6EvnsOPyGXNGhyfRjGAuFebBAKVPU6pzmIjKWCVu%2FxTQqKA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e8029036-FRA
expires
Sat, 31 Aug 2024 10:35:28 GMT
636877529880403447-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2021/01/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2021/01/636877529880403447-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
282289926c01a43c07f6cec070c2ab597b054259a702ec7aa92f74c94a2c7616

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2660
cf-polished
degrade=85, origSize=14641
alt-svc
h3=":443"; ma=86400
content-length
14029
cf-bgj
imgq:85,h2pri
last-modified
Mon, 04 Jan 2021 10:39:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ds7sMEeAI1UvuGnpz8rlxEEhHLdc9krfyTUeh81HAnZ7QEUL3mU%2FFiMyEL7Ty7aV1Qn3gi%2FbA9D5SNLXMjQyikhyHcxryJmlYi9PykoLr9Kafr0LkVAl%2FirXFXpfOHg5B53PdYXOyqpOJfda2bpLJ%2Bxj"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e8049036-FRA
expires
Sat, 31 Aug 2024 10:19:14 GMT
school-desks-students-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/01/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/01/school-desks-students-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
065ca54b4d42e68a8b6b723ab1953f3f643ef717a3e2047ca2c0d7e55907498e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7610
cf-polished
degrade=85, origSize=22887
alt-svc
h3=":443"; ma=86400
content-length
18688
cf-bgj
imgq:85,h2pri
last-modified
Wed, 25 Jan 2023 16:04:33 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxLupJa%2FXIyT%2B%2B5SHpXh5TzQeB7woDy8mKSeNiHU079CYEr3a1GgGAzsp9mEaI1vuw11csxhcZ%2BUjykv3%2BoXTzA9NnZSd9oSS4UviWpYnjkaVIa1u6rHvTx6Ily1pEebRgRIS5np%2BT8P5qmVe9M7RvFC"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e8059036-FRA
expires
Sat, 31 Aug 2024 08:54:53 GMT
%D8%A7%D9%84%D9%86%D8%A7%D9%81%D8%B9%D8%A9-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/01/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/01/%D8%A7%D9%84%D9%86%D8%A7%D9%81%D8%B9%D8%A9-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b49146621cfe6b6029390414d145f23df852e1e16d22212fd75aaac65baf337a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5889
cf-polished
degrade=85, origSize=20725
alt-svc
h3=":443"; ma=86400
content-length
19679
cf-bgj
imgq:85,h2pri
last-modified
Wed, 18 Jan 2023 20:36:13 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3W9%2FczPATPNr1Vfff%2B9kvvpXehpCxoPFBs6QWcYXdkXE1DbGIojmvIx8eB3XpT7WLwMMUpAFfXNwuBbZG0742g38oOyCVTgjdIhwETIZnzhi21qMMleGTBw8hg1imYqCBM9JwH%2FS%2BU4sxqajAhts3CXe"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e8069036-FRA
expires
Sat, 31 Aug 2024 09:25:02 GMT
%D9%83%D9%87%D8%B1%D8%A8%D8%A7%D8%A1-%D9%84%D8%A8%D9%86%D8%A7%D9%86-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2020/11/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2020/11/%D9%83%D9%87%D8%B1%D8%A8%D8%A7%D8%A1-%D9%84%D8%A8%D9%86%D8%A7%D9%86-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb9c54b9a3a86a8af1afa213efd33d118e186951b31f5470c2587eeef7faf3ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3381
cf-polished
degrade=85, origSize=24528
alt-svc
h3=":443"; ma=86400
content-length
23778
cf-bgj
imgq:85,h2pri
last-modified
Mon, 09 Nov 2020 15:19:56 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KaDABZYfZcVuaHsw6o5YJfLNdg8MCC71C7DVW%2BlfA%2FHn1HOvjqqEkeFYwELDvyozlxsRIYxnOZZudjejHso64vAmYs0prxCppQ2N7bEgnUyg%2Fz8LfytF9s7CZTZI84%2BB88atms6o%2FBbYmBziCOJWNC9J"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e8079036-FRA
expires
Sat, 31 Aug 2024 10:07:13 GMT
31-08-19-justice-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/01/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/01/31-08-19-justice-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0de08609ea49246b75adf6b80690b6fe0a0551fe3e678889ae7416ebd692f2a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10763
cf-polished
degrade=85, origSize=13770
alt-svc
h3=":443"; ma=86400
content-length
13299
cf-bgj
imgq:85,h2pri
last-modified
Thu, 26 Jan 2023 20:29:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fb%2BBdge2fomvoyGnG%2B68rCL%2FGReXFxQ3DKxhL3PRHPXYT0HQp3tyd4no%2BH99H0FpHRJxwkuZEgF%2BtbvE06UA5QCHkRfso4wz1zK%2Bp2hnV1NiNAsoRuWu6slS%2B4TQWVWKRYvO8MJnqNUjX5HmJomWz0md"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e8089036-FRA
expires
Sat, 31 Aug 2024 08:01:12 GMT
refugees-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2020/06/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2020/06/refugees-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbb2291a145e2525f1731567e3c12e281c95cec5cdfc50efadef31f99800626d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3940
cf-polished
degrade=85, origSize=21315
alt-svc
h3=":443"; ma=86400
content-length
20673
cf-bgj
imgq:85,h2pri
last-modified
Thu, 18 Jun 2020 11:40:37 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfxBYP6YGaOaOCYNdtqbPh8wfGY41RCkCms5rnDiI3GESstaBTsP3cfkPJ0M8NDEQQHTuEjWWZ47Ml5etCNAlyP3vrh6tGbOavl2uHbViSWALryVMf7tNRYwDeGbj6O%2B9ltvo7zR%2Bh0y6Jbj2PW2SEci"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e8099036-FRA
expires
Sat, 31 Aug 2024 09:54:31 GMT
751218Image1-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/09/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/09/751218Image1-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
737dc6a053f0457ed5b504f58971c3cdc1842a09bbb9f1cdbf5b6841e2d6efab

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5371
cf-polished
degrade=85, origSize=25764
alt-svc
h3=":443"; ma=86400
content-length
16482
cf-bgj
imgq:85,h2pri
last-modified
Fri, 01 Sep 2023 09:33:46 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJgYvB5N1d2dWjLrdnzLCseKqgP4X0qMWAky25aBvfguDVPFLTW1VLErVlmVrHYUMoto4hLY8SWDeqo6LCPZQpnEk68WHKpcwodJM%2FP42fli8DvvYT6ZNfOsyswlosTn0sMLA8Sw2cbRzjyiL%2BlYv5ph"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e80a9036-FRA
expires
Sat, 31 Aug 2024 09:34:11 GMT
khass-21-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/08/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/08/khass-21-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9bdd1e43d064672f14ad2a8635e7720b3b9f457d788e159d8b6e9d4310c65a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50459
cf-polished
degrade=85, origSize=12428
alt-svc
h3=":443"; ma=86400
content-length
12296
cf-bgj
imgq:85,h2pri
last-modified
Thu, 31 Aug 2023 20:07:43 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UzeZmDTHVIXaY4E7deQMKcbi5gBfEVeqhWu5BM2%2BGOM2JqRBsOaGMqDl57G%2Fr4tXO8AaV%2B6vj9aLMmwsYrAYyJlHk%2Bb7CVWZR8JR%2BB5fGomxWxkbQORkJRbSekvQCrp%2F1b%2FsXE3%2FIh0BBisIu%2Bz40QK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e80c9036-FRA
expires
Fri, 30 Aug 2024 21:01:17 GMT
hadath-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/09/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/09/hadath-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7597ad277148e47269a6b47304a0f20134464df89f6efbf2e3c9203a16f2ff1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50096
cf-polished
degrade=85, origSize=11991
alt-svc
h3=":443"; ma=86400
content-length
11585
cf-bgj
imgq:85,h2pri
last-modified
Thu, 31 Aug 2023 21:05:26 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2Fa2AvhsxUuUZlv2LJhQjXKW0f%2BFvT8HYpvHXKhfaZiBP4e7cX9O4bnhRXeGxPNkqhqeLlZ%2B8KJjDGn%2FBJbvzVAtzGpnDxgrZGNbEgL20HTQIW82kndLrd9p7MCk1v%2BtB%2BcalPP3I66ozNa5xqALnNmo"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e80f9036-FRA
expires
Fri, 30 Aug 2024 21:06:15 GMT
%D8%AD%D8%AF%D8%AB-%D9%81%D9%8A-%D9%87%D8%B0%D8%A7-%D8%A7%D9%84%D9%8A%D9%88%D9%85-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/09/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/09/%D8%AD%D8%AF%D8%AB-%D9%81%D9%8A-%D9%87%D8%B0%D8%A7-%D8%A7%D9%84%D9%8A%D9%88%D9%85-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11b2f4d9312a4f37162c06df360dd1b9d2d92ded17f22e6b92bf27cb2c6d3916

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50459
cf-polished
degrade=85, origSize=21342
alt-svc
h3=":443"; ma=86400
content-length
19789
cf-bgj
imgq:85,h2pri
last-modified
Thu, 31 Aug 2023 21:01:03 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fflW96MzFOv9tXOAbjyYFgHlFCvXD2OHtQ5BJTUZN%2Bs542bh735RsZYsFdU513sZQElRT6KuVEBW%2FN48boLIoWHRZMV9rVtz2z8GGAL9jmbt8WKV8qDuBCJts4AD3VFKq8MHqf9T6TSzaQ4cXiC5UCRW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e8119036-FRA
expires
Fri, 30 Aug 2024 21:02:30 GMT
%D9%86%D8%B2%D9%88%D8%AD-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/09/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/09/%D9%86%D8%B2%D9%88%D8%AD-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7b06ebe0b395e1576fe13389a33ac68e3f049e3b644592fbcbdfe3506dd0ad5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25262
cf-polished
degrade=85, origSize=19334
alt-svc
h3=":443"; ma=86400
content-length
18117
cf-bgj
imgq:85,h2pri
last-modified
Fri, 01 Sep 2023 03:23:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=225jK%2Fc0Dh3k0AOnnnRo9CbeGuXWoxzpMtFAeDt5qecgpGer7XYUACYg0rQBs89ByLSUO3Wo2VjUUKf66hFJLaPf%2FZBtjZCJ1eH2N1NjclMTA3rHMUqt1LliO%2Fr94h1Vix%2B%2F9lFN3D%2BH4sPUuJWhSJgN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e8129036-FRA
expires
Sat, 31 Aug 2024 03:25:56 GMT
%D9%85%D9%82%D8%AF%D9%85%D8%A7%D8%AA-%D9%86%D8%B4%D8%B1%D8%A7%D8%AA-%D8%A7%D9%84%D8%A7%D8%AE%D8%A8%D8%A7%D8%B1-%D8%A7%D9%84%D9%85%D8%B3%D8%A7%D8%A6%D9%8A%D8%A9-2-4-306x184-3.jpeg
www.lebanonfiles.com/wp-content/uploads/2022/12/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2022/12/%D9%85%D9%82%D8%AF%D9%85%D8%A7%D8%AA-%D9%86%D8%B4%D8%B1%D8%A7%D8%AA-%D8%A7%D9%84%D8%A7%D8%AE%D8%A8%D8%A7%D8%B1-%D8%A7%D9%84%D9%85%D8%B3%D8%A7%D8%A6%D9%8A%D8%A9-2-4-306x184-3.jpeg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec00992b822d8451b2ff5a68c2cfd69e9a4b3773e4386285bad10237b8c81ba9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
57871
cf-polished
degrade=85, origSize=9555
alt-svc
h3=":443"; ma=86400
content-length
9547
cf-bgj
imgq:85,h2pri
last-modified
Mon, 05 Dec 2022 19:16:43 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WdAetELZYygucB4btnz48L2S47w8Te856S4%2FuU5lnG5ycsSTZrlqbLA%2FuoW6CBikBAo7i3SJx3F%2FSLiro%2FeADC7mhSHp03leF7WEu6iuFubSvBKQH27f%2FRbq43%2B0wbdUGSuryEw70QoBV5yXsms247da"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e8139036-FRA
expires
Fri, 30 Aug 2024 18:57:11 GMT
%D8%A7%D9%84%D8%AE%D8%B7%D9%8A%D8%A8-306x184.png
www.lebanonfiles.com/wp-content/uploads/2023/09/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/09/%D8%A7%D9%84%D8%AE%D8%B7%D9%8A%D8%A8-306x184.png
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceff9418d44f0ad295c88ed552b874e2b5eae6eb811c860f6d0541a90e7720ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
cf-polished
origSize=114822
alt-svc
h3=":443"; ma=86400
content-length
101559
cf-bgj
imgq:85,h2pri
last-modified
Fri, 01 Sep 2023 11:00:51 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taRBnCV1kVxp%2BkGJgwtV53MdvlfMTUhPSpW%2FuKcpavVttTwwhb95HIxt%2FC%2BMgRuQfeEczky0CfOkVPZUt1DV%2FQGX%2BUALZZaz4JvNmTvaQxzX%2FZX9H9Io5mqcxz9KGpIlCcgDPejffy%2FS%2Fp1YZEaGZBWp"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e8149036-FRA
expires
Sat, 31 Aug 2024 11:01:20 GMT
%D9%87%D8%A7%D9%83%D9%88%D8%A8-%D8%AA%D8%B1%D8%B2%D9%8A%D8%A7%D9%86%E2%80%8E-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/08/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/08/%D9%87%D8%A7%D9%83%D9%88%D8%A8-%D8%AA%D8%B1%D8%B2%D9%8A%D8%A7%D9%86%E2%80%8E-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5daceff2b9ea7d4877bae7ffcc7a192533a5152c68157a3eded1dab74b8ccd00

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
degrade=85, origSize=11124
alt-svc
h3=":443"; ma=86400
content-length
9017
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Aug 2023 09:16:13 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMjD4QyxGRiAdaXKJO9ko3qhH7aj2OgFepBpPjkKR74WDj4q8%2FW%2B%2FshlON%2BntI6hjBWtJVKrvtLFNwNMqSsTscV2i7672%2FNrJIGxped6Dh40NXQGejJQUdRHS%2Bf4GjhdstCYje4El9MX6fmBewV5DF9N"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e8179036-FRA
expires
Sat, 31 Aug 2024 11:01:34 GMT
21-01-20-litani-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2020/01/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2020/01/21-01-20-litani-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
501af02c12506c73a3916fc7bee2129ff768f2c259c6cb51ff045f474a565539

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
287
cf-polished
degrade=85, origSize=27184
alt-svc
h3=":443"; ma=86400
content-length
24510
cf-bgj
imgq:85,h2pri
last-modified
Fri, 31 Jan 2020 23:50:35 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QS%2BlpDnL%2BjfQd8ZwyNwUrvdy0MWbBcDwCG5E2NASnyt%2B5gmk05e0hhWuBcs35Vs4SQh292Fr1q7HQLkqYD3Kyhf%2BnaJtOt2%2B0h9%2F%2B1mx7n%2BWv9YPoqSDTfQUjM3B8JNFU5%2BeSUlSdQnrvicpcL6hm6uX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e8199036-FRA
expires
Sat, 31 Aug 2024 10:51:09 GMT
26-2-e1677686159964-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2020/05/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2020/05/26-2-e1677686159964-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
905bf003d2b911588a61f7ccca6166ff65f1866e6e4ead872f6add3fd92ef6d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
842
cf-polished
degrade=85, origSize=5604
alt-svc
h3=":443"; ma=86400
content-length
5119
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Mar 2023 15:55:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDakGLFnhy0hyGkBnPzXcxsZ%2Bclg6ZkPaAwyYxqBJ3RsXWKfkkpri%2Fp01%2FP%2BMQVbMmkaoVBP1yH12sDTFSy7MWZH8AJMiGgq7NQRonwDfKsDumyOCAP8gW8h1vTLpP5VUuvbUZ5NrAr5D2ukZAG7WVoU"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e81a9036-FRA
expires
Sat, 31 Aug 2024 10:49:09 GMT
%D9%82%D8%A8%D9%84%D8%A7%D9%86-405x215.png
www.lebanonfiles.com/wp-content/uploads/2023/03/ 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/03/%D9%82%D8%A8%D9%84%D8%A7%D9%86-405x215.png
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f932ce7990a64af88556d0c1752d975a6ceabaa15ff215b27705801903e24f43

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1023
cf-polished
origSize=115990
alt-svc
h3=":443"; ma=86400
content-length
102582
cf-bgj
imgq:85,h2pri
last-modified
Fri, 10 Mar 2023 15:42:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40AUvGRZinsZ7tWCqVoD0CEJboBqogvnF3l9zxkDLmKd66EqoQNk3NT6zkVDpidfA7ZifxfggRQr0rtfJBzWOWEcj8S7g20oyug3zvLBQ6YakikPklP0hT%2BNfWGmgq9blZUXJpnpmukDkikm%2BAvDKvOy"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e81b9036-FRA
expires
Sat, 31 Aug 2024 10:33:05 GMT
%D8%B3%D8%A7%D9%85%D9%8A-%D8%A7%D9%84%D8%AC%D9%85%D9%8A%D9%84-1-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/08/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/08/%D8%B3%D8%A7%D9%85%D9%8A-%D8%A7%D9%84%D8%AC%D9%85%D9%8A%D9%84-1-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
241b2a3d7abaa8bda42766dc7e21e01cccb3c383d4ae3554e657aa04265ce1bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2049
cf-polished
degrade=85, origSize=12202
alt-svc
h3=":443"; ma=86400
content-length
12001
cf-bgj
imgq:85,h2pri
last-modified
Thu, 03 Aug 2023 16:09:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsAcutzVbnmdO9hRU%2FNhVGDb%2FEITd1%2B6t63mgscoUdG7n2setHp1eolKPpsf5porlS1iBvwK%2BfIP0r2%2FGAS%2Ba8qBv%2F%2FQWvCXYsY%2BCdhbf7MCc3M9xEr7OQ95X7ov5733vI95D6UVTCqRlvIensrIVJ9K"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e81c9036-FRA
expires
Sat, 31 Aug 2024 10:26:04 GMT
%D9%88%D8%A6%D8%A7%D9%85-%D9%88%D9%87%D9%91%D8%A7%D8%A8-734x405-1-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2022/11/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2022/11/%D9%88%D8%A6%D8%A7%D9%85-%D9%88%D9%87%D9%91%D8%A7%D8%A8-734x405-1-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5273c63f43a5c2723fc0664f0476435ec8c1bfcc5a0c05a10a1a54ccc09399f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3347
cf-polished
degrade=85, origSize=10643
alt-svc
h3=":443"; ma=86400
content-length
10420
cf-bgj
imgq:85,h2pri
last-modified
Sun, 20 Nov 2022 18:19:06 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94ahMUqsv4Ok2B6OCn4W0s1%2FLqR1A09L19puR9v3evmFLih6eb5HM%2Bu8xD%2B5xWCLYL8kAB4iWYlYmW5kQJtJIG6T1qla6uP1gUPUjG2O31Ac2pisy50wIUSMnrDnX0w7qcUSMKgkTaC%2F%2BufKElsUR1RR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e81d9036-FRA
expires
Sat, 31 Aug 2024 10:05:17 GMT
metelmaheye-1-300x198.jpg
www.lebanonfiles.com/wp-content/uploads/2023/09/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/09/metelmaheye-1-300x198.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9ea6ae99364ce66259b1181b149c52cc81e3fcff737c25ae0305dcab61925de

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50187
cf-polished
degrade=85, origSize=12808
alt-svc
h3=":443"; ma=86400
content-length
12428
cf-bgj
imgq:85,h2pri
last-modified
Thu, 31 Aug 2023 21:03:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CslmIk9pj%2BT6YeYAsQe6%2BFTMzITpwsPIwr0nRCU%2BnxdQsAKf40CyK0ANx4YMI2s57AL7M9pt0kupB7HgqZ6h9hBqtjmJ%2BD%2Bidpeb6h3B8U5ePPWjEfIbMrPF2Zw%2FKA0zH4Qo1SsbCQUJBnyZ%2FXfCM%2Bvj"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e81e9036-FRA
expires
Fri, 30 Aug 2024 21:04:30 GMT
Christian-news-Pope-Francis-and-China-President-Xi-Jinping-1287412-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/09/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/09/Christian-news-Pope-Francis-and-China-President-Xi-Jinping-1287412-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698c414bc7041b7968c1a27a6b080c150925ba3169d7fde13456ecb43958a597

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3325
cf-polished
degrade=85, origSize=20435
alt-svc
h3=":443"; ma=86400
content-length
19340
cf-bgj
imgq:85,h2pri
last-modified
Fri, 01 Sep 2023 10:07:29 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKEjG00Iwg7iELtKl6pOiGthPWpFCdBjiLdB%2B6Gh8q%2BaCKtK1dmWOdHTIX4mSYI2RwnwThyFob7CB4mT1M2B1bnuyYgrUdBIbetab%2FALxONJkXrq%2F0thX1cB1mErl6MZQP0jnjeeV6k79cm1SMzFM1aw"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e8209036-FRA
expires
Sat, 31 Aug 2024 10:08:08 GMT
fd729310-470f-11ee-a2bc-ffc67f0c7edd-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2023/09/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/09/fd729310-470f-11ee-a2bc-ffc67f0c7edd-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31fd2f072a3e8fc65b6b3dec8ab86e1d8f480931ed29118010a4d3508a54ef89

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3324
cf-polished
degrade=85, origSize=7338
alt-svc
h3=":443"; ma=86400
content-length
6992
cf-bgj
imgq:85,h2pri
last-modified
Fri, 01 Sep 2023 09:55:07 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1V9MN3%2FO5EqycJEqQQPT3JlUJ8eH0bqUBCUfuXmuEBHW30wlEPnS5jm3FMUvVWfnnPxAp9cs4WdEpVnFVNzY2R1nsVGBW5MIrCBOGPCmSxH01uePe1qK%2FrxOskh7%2Fded0Cpju2YYiPXi5IitAENAvRP"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e8219036-FRA
expires
Sat, 31 Aug 2024 09:56:39 GMT
751218Image1-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2023/09/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/09/751218Image1-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92140fac6c0a2f7104c63ff3848412f4dc2c5876c3350db902de310d5f38491a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3940
cf-polished
degrade=85, origSize=20183
alt-svc
h3=":443"; ma=86400
content-length
11159
cf-bgj
imgq:85,h2pri
last-modified
Fri, 01 Sep 2023 09:33:46 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zq0EObZXjVaAJDczMDVMogyU82Neab3j0jPu3VMwvdNJVR%2B9ZCt6AiLV8%2F%2BR43mYFpF28l%2Ft7ZSP4T2gW34a4yyNymWjC2OvMRNWX5IX1NW63GUUfhgKBIENY%2BWgA0w8NEw3hG83v4K%2BF5nRe0JBqVyp"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e8239036-FRA
expires
Sat, 31 Aug 2024 09:34:16 GMT
%D8%A7%D9%84%D8%AC%D8%B2%D8%A7%D8%A6%D8%B1-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2023/09/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/09/%D8%A7%D9%84%D8%AC%D8%B2%D8%A7%D8%A6%D8%B1-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92091b636a01a36bfc6b24674f344ac82b928107c943ddef0b02d87a2386b3dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4172
cf-polished
degrade=85, origSize=9898
alt-svc
h3=":443"; ma=86400
content-length
9654
cf-bgj
imgq:85,h2pri
last-modified
Fri, 01 Sep 2023 09:03:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAJwPluTA%2FdhHEsnudKKJGfPHK%2BnYeanukRpTV1FaarCaajW0m8UjS8AOn2e1QskpOO9uGb81q%2Fca2HADwyxg8oUYj7ttkJ%2F5YiI776RHfSUoHEB5JMBdL7%2F7x4jDJaifPjYsIb946%2BJsk%2F7NKVgGihp"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e8249036-FRA
expires
Sat, 31 Aug 2024 09:11:44 GMT
64f17e174c59b7363e22ad7e-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2023/09/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/09/64f17e174c59b7363e22ad7e-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce6abdc031b17ee4f3fececaf66348880d1a57323548c523b9c5a7d1d7e42f49

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6790
cf-polished
degrade=85, origSize=11788
alt-svc
h3=":443"; ma=86400
content-length
11397
cf-bgj
imgq:85,h2pri
last-modified
Fri, 01 Sep 2023 08:37:22 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0nq%2BhH6ew0R9hi2viO5jbZOilqLttCFhd%2By54gXlBhWPkDNaAD3gRWL0I7GkNZBBGV%2FsuzrzJXeuIDKYag32h3ULrAma94Alp%2BE4OX5ouZdWqq1txIDEPgcP7nWBksAf8A4hi5tmbMGe2WWeZUFHLNlR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e8269036-FRA
expires
Sat, 31 Aug 2024 08:37:47 GMT
F47RuVZWwAADex--405x215.webp
www.lebanonfiles.com/wp-content/uploads/2023/09/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/09/F47RuVZWwAADex--405x215.webp
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed91a50a26439612c396aa46a8369ce56248b4523abd6aca34d3346980e0faf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Sep 2023 08:23:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2cb8-60447de9f782f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3T8QmWIK%2B0qTDBnq84pg1NGMkccWSvkKd45WLvZwX1V2cIRpRGFZu0jTOGvw%2BBox3u11XmR8ktcsvtdeUTbYlW3R68OD9%2FvLdQFJy7k%2BZzuuJZduuV8zDrBeulDRk0z%2FwIcv6LXx%2BDUD%2FzVGBsOQoAOU"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7ffd0767e8279036-FRA
alt-svc
h3=":443"; ma=86400
content-length
11448
itw-cache
MISS
%D9%83%D8%B1%D9%8A%D9%85-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2023/09/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/09/%D9%83%D8%B1%D9%8A%D9%85-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76bb29f790fef2e1b112aa9422f341c4983b82ead1995de7cff3dd50d8995eeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13059
cf-polished
degrade=85, origSize=8594
alt-svc
h3=":443"; ma=86400
content-length
8311
cf-bgj
imgq:85,h2pri
last-modified
Fri, 01 Sep 2023 07:14:14 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRVtTEXmkQ3ya5Q6DhZsxnr0YGyEQe5w0pH5%2F%2BBmAE6BerfnqXJGsMpSnv%2FBmIz1trWOQQXCfPi1lLh5DVVD94c6Af%2FLPAZ3CguYYJQrfJ213T%2Fu2rftrjxntEThbmyjBEtHKZdXGPvU7XgiqMFCTcSp"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e8289036-FRA
expires
Sat, 31 Aug 2024 07:15:06 GMT
1198402-1-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2023/09/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/09/1198402-1-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98f3074e159bfa2f2b2f46c1e66959ed5e09cab5c835837cd280f6bcecfc7954

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13513
cf-polished
degrade=85, origSize=9719
alt-svc
h3=":443"; ma=86400
content-length
9397
cf-bgj
imgq:85,h2pri
last-modified
Fri, 01 Sep 2023 06:21:39 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FfpZmI97jrV9J2vwzb22il7%2FKHy8ES4UZo1iur%2Fs1LgnU7t%2F0eTW92fCqB6RFy4tDkUAwAU1VCGvESGrdkopujIzQ%2FiGHSi7FlDTcaSbw7G%2Fvjt7%2F146hcd8SnRmaCubOxb4i31HgENYtAHeOcfpaPzb"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e82a9036-FRA
expires
Sat, 31 Aug 2024 06:22:34 GMT
%D9%81%D9%8A%D9%84%D9%85-Dogman_0-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2023/09/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/09/%D9%81%D9%8A%D9%84%D9%85-Dogman_0-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aecafa6faf66348367ef501ce6751e5700e714fe16dfad1bb0b152a5317fed00

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16687
cf-polished
degrade=85, origSize=15669
alt-svc
h3=":443"; ma=86400
content-length
14960
cf-bgj
imgq:85,h2pri
last-modified
Fri, 01 Sep 2023 05:37:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCyvL4pLGD%2FBTCIDD2R91cvM0Il3hPUxDYC7jpxeKbK8lesW7FQA%2FdyvSsfnL2TrxWp8eHJJvhl7jNqjrxWea1FnVPTFAA0W8ymGt9LBftx%2Ba1SQpJPFyT0wA3a5jGEoEDG5muHzROF6wVRahRa3ELIW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e82b9036-FRA
expires
Sat, 31 Aug 2024 05:38:09 GMT
F44KjZTWYAABMOF-306x184.webp
www.lebanonfiles.com/wp-content/uploads/2023/09/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/09/F44KjZTWYAABMOF-306x184.webp
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
062134078ff1e2177138488800a233d7ed69e164265221188419bef80acb44b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Sep 2023 05:31:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4172
etag
"2392-60445783758cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IWwABiR%2B3lM4Q99J8gXaezC57v%2FuJhEH0zgRbnnZoeYl8tWAWNu%2F6T3MgJ5iwLhfxU%2BSH3X3hKHE3kld%2FFML4kIYjATAyqT1zlZUoPOLgBYiPcx%2BmeppQueYZqpWE6L6kIgHOvJxwl7Bn%2B5Fp5joHjQG"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7ffd0767e82c9036-FRA
alt-svc
h3=":443"; ma=86400
content-length
9106
itw-cache
MISS
%D8%A7%D9%84%D9%86%D9%81%D8%B7-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2023/05/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/05/%D8%A7%D9%84%D9%86%D9%81%D8%B7-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a5ebf4174ef2895779f518b2298dd7086a0993b3be537fc7e3c16545d420efa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7621
cf-polished
degrade=85, origSize=8532
alt-svc
h3=":443"; ma=86400
content-length
8349
cf-bgj
imgq:85,h2pri
last-modified
Thu, 04 May 2023 06:16:13 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dy20zYYAAUm3oa9eMddeoeh9CupNMShwcRhNFsyZrcahu%2BFi5OaPCgRbFi4q%2FfU3eKz5AGUsBgcOHgjJcyzn83vzdzyGucEgpLoI2W58D94T8CIwWqdyP7IGp64FpeLTs8%2BuP%2BTiBUKo3R3gWcWZdBkp"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e82d9036-FRA
expires
Sat, 31 Aug 2024 08:28:24 GMT
%D9%88%D8%B2%D8%A7%D8%B1%D8%A9-%D8%A7%D9%84%D9%85%D8%A7%D9%84%D9%8A%D8%A9-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2022/01/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2022/01/%D9%88%D8%B2%D8%A7%D8%B1%D8%A9-%D8%A7%D9%84%D9%85%D8%A7%D9%84%D9%8A%D8%A9-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f2c465681e2bebcdfad22e26c45c79d5c66c24e8ebd3e81188c134245130fd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9184
cf-polished
degrade=85, origSize=12257
alt-svc
h3=":443"; ma=86400
content-length
11631
cf-bgj
imgq:85,h2pri
last-modified
Tue, 11 Jan 2022 16:48:24 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQaTehcUdcIX95cZ%2B%2BEgXr9H9VK6ajgTrie0hbpJJJMXRsjttlB%2BAF0Vt5fw4Ph3Of4EsrwMTNE15M5Uk1657b%2BOwkwMXuFaIL7VAg4ekyMPaP729DijXkZVB%2FXtJNytfrGmg7Ot5CJ1YLyl0YdRssbZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e82e9036-FRA
expires
Sat, 31 Aug 2024 08:28:26 GMT
200830100720434_dollars-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/200830100720434_dollars-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1047d36624a664147c5517041a210da6085a0700885cfa2d01ebf3ec43911e95

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9092
cf-polished
degrade=85, origSize=14897
alt-svc
h3=":443"; ma=86400
content-length
14032
cf-bgj
imgq:85,h2pri
last-modified
Tue, 28 Feb 2023 18:06:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVF8q9qcDXWICueVoHJaWlz6lY8eg4QYR3YZpQ77IpIBzL4IvuEHoadqbKOSq%2BDGsuRSGLMGgzmezqoFRW27pzHtDO3JEBc2vq%2F7r%2FN6a9vBdKa%2BQvNugQNduF0CQXkDTTH4WAfBXrBIajUcOLKoM7EL"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e82f9036-FRA
expires
Sat, 31 Aug 2024 07:54:02 GMT
wissam-mansoury230731082350040-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2023/08/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/08/wissam-mansoury230731082350040-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76ef3b7b99ce518f4faadf518cc69abba129f12c282884facc4dc90c9f4a98df

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11283
cf-polished
degrade=85, origSize=9975
alt-svc
h3=":443"; ma=86400
content-length
9665
cf-bgj
imgq:85,h2pri
last-modified
Mon, 07 Aug 2023 03:06:58 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zNUdvNFLdXMeT4t2nNfaoqv%2BrYSDOUra63PWbhmCdD1eFNSKrNHGaDF9%2FCg7O71O0Q7txV%2BiyL3PUCCMrZdpSEQJ7VC%2BA8AGGb8RW00YgrkXoZUKlyKWAsbtEdOtu19ELKFze8uHQxs3pvihhFc2sIp"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd0767e8309036-FRA
expires
Sat, 31 Aug 2024 07:53:46 GMT
%D9%84%D9%8A%D9%86-%D8%B7%D8%A7%D9%84%D8%A8-306x184.jpg
backend.lebanonfiles.com/wp-content/uploads/2023/08/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://backend.lebanonfiles.com/wp-content/uploads/2023/08/%D9%84%D9%8A%D9%86-%D8%B7%D8%A7%D9%84%D8%A8-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38329bdeb4a5e2a0bf0fb6521820e9c21d000d480abc05af31f15bd7b04a6d16

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
DYNAMIC
last-modified
Sat, 12 Aug 2023 03:23:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bBxW1UboeyUREsNgFDgi3QphAMgNB2%2Bkb4WO0fl9ngYYViYDopWi3Fw7L95f5dfejtjPBqMK2MF2rM864c8M43e1hYSZ%2BN6HFO2cAfNvviII9AZoLtrVreOg8ziDbjEX51EgX3Kb4eHG4CZ0J7EWqC2egWRb%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd076809033653-FRA
alt-svc
h3=":443"; ma=86400
content-length
7331
expires
Sat, 31 Aug 2024 11:03:49 GMT
eghtisab-306x184.jpg
backend.lebanonfiles.com/wp-content/uploads/2022/02/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://backend.lebanonfiles.com/wp-content/uploads/2022/02/eghtisab-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4e600c8238df5644da3f8f32cbb20e4464870fc69cc50ff664a45103bed2c72

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 07 Feb 2022 14:38:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYhQlhmC1q2ZERf0A%2FE2StsETFSw%2Fsyk6bc1aLCpcXh1NIUqBVX20iM1g1BF6lrNnu1BQySuT4PFOvl8q6coX9Ao48vsp%2F85aM8S%2BrvrWnTnOHprGRqIQVhaCB07K6xrODfYLCn4k3bJbJaKFDeRUmvfkn2gDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd076809053653-FRA
alt-svc
h3=":443"; ma=86400
content-length
9446
expires
Sat, 31 Aug 2024 11:03:49 GMT
ldw1qgf69up61-306x184.webp
backend.lebanonfiles.com/wp-content/uploads/2023/08/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://backend.lebanonfiles.com/wp-content/uploads/2023/08/ldw1qgf69up61-306x184.webp
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f164e72b28fd41369622c23191d7741cae3f2b1c7efc70233aafbebfd506dc02

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 30 Aug 2023 22:05:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"24f6-6042b2051c143"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWvCmQwExWVG%2BlEnSAYFfmodf2Tb99vExTL3sUNkNeAXGMeMFQnhHv323MT9RCZrFFvPDTIdoddTkWuYwxwRyjlZCTq1vBnPMGHPuy4ZmGxVnv8DQbo7%2BtxJ%2Fsz9JdJPVJtjry4O762N4vfH8Uhi4MJkfUff7A%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7ffd076809043653-FRA
alt-svc
h3=":443"; ma=86400
content-length
9462
itw-cache
HIT
%D9%85%D8%B5%D8%B1%D9%81-%D9%84%D8%A8%D9%86%D8%A7%D9%862-306x184.jpeg
backend.lebanonfiles.com/wp-content/uploads/2023/07/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://backend.lebanonfiles.com/wp-content/uploads/2023/07/%D9%85%D8%B5%D8%B1%D9%81-%D9%84%D8%A8%D9%86%D8%A7%D9%862-306x184.jpeg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8808269273561cc13c9a9ef1626b10d85f75f6a021b4a96b96cba3aa17918f58

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
DYNAMIC
last-modified
Sat, 22 Jul 2023 19:55:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yA9UxAqVxH9C%2B3QOA3wtlWsZJHpw9WCaXHCxfYHgqF3iAxWR6bimYsDZv%2FGx%2Brw4Rqx8FvrUJud%2FnNevYh9ita6LgEGJYVMypDACDdHtm8P1S7atMFdTQXQcyQTUPXyMkr2jyxtusx8e65tF6CfxAgCePMNfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd076809003653-FRA
alt-svc
h3=":443"; ma=86400
content-length
13154
expires
Sat, 31 Aug 2024 11:03:49 GMT
202383104613480638290395734807198-306x184.jpg
backend.lebanonfiles.com/wp-content/uploads/2023/08/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://backend.lebanonfiles.com/wp-content/uploads/2023/08/202383104613480638290395734807198-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eff007f0d57869efbf35af404b8a454ea2c225fe3aa11c5570c234443f021ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 31 Aug 2023 04:08:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVqg5a61jtxNDWy93H7kESsyhjp1m7%2Bpp4oU0PRvYVePASiXzpET7SdrPW2T13vEoMK4xPALlqFqv1zsV4QffFMp0Ga0hN29xVNayl9MxQJEtzCDNJimSsDWtX58dpcqdAVuslxOXb%2FG3g7l%2FxAqgYHitCzo5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd076809083653-FRA
alt-svc
h3=":443"; ma=86400
content-length
17192
expires
Sat, 31 Aug 2024 11:03:49 GMT
FOJYKYCGGA-306x184.jpg
backend.lebanonfiles.com/wp-content/uploads/2023/08/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://backend.lebanonfiles.com/wp-content/uploads/2023/08/FOJYKYCGGA-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
352b4d475ec2bf60a83d04e3bda58c57f30f7205d2a9ae6ecdf2df7285e046d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 31 Aug 2023 12:45:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2uNU40jVwD7%2BvXJ1%2BxsyQgfWJQ%2FrA%2FLtsQ0h1JRgWy3MZ%2FuHooTjOmPGwFK5W1O%2Fn%2BMKpwYDevkbxD9UqMRwwg7dhrVXJn%2B1RFBZjW0Kb51dOy3j%2Bwde0NiZ6HaUURvMumxJnAjRtqsRxLt6ESMqXwxms1%2BeXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd076809063653-FRA
alt-svc
h3=":443"; ma=86400
content-length
7265
expires
Sat, 31 Aug 2024 11:03:49 GMT
bundle.js
tpx.tesseradigital.com/dist/ 		26 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpx.tesseradigital.com/dist/bundle.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.157.179.180 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-179-180.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c6844dab634a8acc2a5419f1877946173bf6cad7dbdd601658c6289d939027a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
server
nginx
etag
"dae8b4871c0707b853e6f07960088792e25f5a5a"
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
26906
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.2.1
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1742
etag
W/"2a3bbde818bef34d53a0df862ead5d5f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7ffd07688c2d414b-HAM
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Mon, 04 Sep 2023 11:03:49 GMT
lebanonfiles.js
www.lebanonfiles.com/wp-content/themes/lebanonfiles/js/ 		42 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/js/lebanonfiles.js?ver=13.0.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78797b518e0df3bfe55a1edfca1a70d0009ab6d210aa1f46097bccf11343c84b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Jun 2022 19:48:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4818050
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JENsKuV%2B%2BHVztup6IRtZTBC7MoVZ2oiyH4n7759TKjaulEyDbiHzxGCQtnsaRwLDPYuemlUrFUujFHKkds4BbGk%2Fi738Af1QpK7z%2BRS6bU7u5SRVWjlzj4b66hx%2BORopH%2F5Bmx5GcvATOAPnW0KX1akL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7ffd0768184a9036-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 16:28:12 GMT
simplebar.min.js
www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/simplebar/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/simplebar/simplebar.min.js?ver=1.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e5be5b6e3ff509bba2f9ee8a7dd4ebfd8016d1a0b2f085d980df240b10d25bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4818050
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKbh5R3qfKfu7jxq4%2Fk8%2F2vH%2FflA1EEyC%2BzFp0R9v%2BKWC0nPm0UUmw%2FN54rtLyHPR3Np7XJ%2BVSKxblfhufVOcoJmy%2FjKta3z6Xs23ybNLfMufyS2yR0rStftS59vYYz%2BVP2EEVqKfsud9bnUQq78JwSe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7ffd0768284f9036-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 16:28:12 GMT
slick.min.js
www.lebanonfiles.com/wp-content/themes/lebanonfiles/js/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/js/slick.min.js?ver=1.8.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4818050
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tESGPU4eusHTk0D9d%2F7OqhTJ79UsDtecZ1yfP2xAV7AJmrFlhA%2FLnIo6O3AUaoi9iXHM75s9Dh7KkHmFxZBi3kjdnuorubxLm3srhbC09FyBfuHRVoF5BZ3zQZn%2FnKYCj0fn9RK%2Ba%2FxJIf6LuwLZu5o8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7ffd076828549036-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 16:28:12 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
216f1b52bef7e178ff3ea257dd40e1dcabc2ed4accfca90e6626f456636066cf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
862
x-xss-protection
1; mode=block
expires
Fri, 01 Sep 2023 11:03:49 GMT
index.js
www.lebanonfiles.com/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Apr 2023 22:47:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4818050
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kW40vB%2B6oVWp4tnGp1ZJzdcYFP1UV1g8gNCBniLmsHUWqka2qVjZHnffC3QYCsUwmfM7UAMUk4SRf%2BxH2jAZr1qjaX0B9OuFD2Sp7wPMC9WA0iooebPtkKC1D%2BISQLy%2FqnSVC7oKk0vnJlj8L4pqCaj2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7ffd076828579036-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 16:28:12 GMT
index.js
www.lebanonfiles.com/wp-content/plugins/contact-form-7/includes/swv/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.6
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Apr 2023 22:47:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4818050
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXEin%2FNzXb4DthCaci9viD4nP1dmdlT8bpkmTEnRaYNXj1DdfZSQan4VHn62cSWnqz%2BzC0nDtVPyKAhwz6D%2Frnz7oS%2BX%2BQYr7SDNQ%2BUXsgEthrtdvKI7%2Fom7xKHeifLg4lXDA%2BuEJ26g5GRoS%2BuDpXrv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7ffd076828589036-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 16:28:12 GMT
mc-validate.js
s3.amazonaws.com/downloads.mailchimp.com/js/ 		140 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
52.216.60.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:50 GMT
Last-Modified
Mon, 20 Aug 2018 17:42:38 GMT
Server
AmazonS3
x-amz-request-id
4M2GD5VJYSYHKFPX
ETag
"6465dd4a8331265e6629cd069e03504c"
Content-Type
application/javascript
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
Content-Length
143249
x-amz-id-2
0n4/cUhDJm6gieRecSu5oYL9O3UOk/c72+4zaFiDDkjAtmFOlvvJtnRcnb5lnGba+yiulgM0ejY=
sdk.js
connect.facebook.net/ar_AR/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ar_AR/sdk.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e07a8d6bfa783740be1351aad3a83446f7e8fe90969a7db53a024db036a5149e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.lebanonfiles.com/
Origin
http://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 01 Sep 2023 11:03:49 GMT
content-md5
48wDi4VDbbsqrseRhcASvQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
x-fb-debug
0gnlYL89oSHkwEeAJxzih/Vn4Suwq5E9krF+4ZbGUWnxOeHiY2o2LE5Yocci4AdZvISQfz+cn/cCPOkeXhZ5ug==
x-fb-content-md5
4bc86cd36ce623f6923471ba47ecd9e0
cross-origin-opener-policy
same-origin-allow-popups
etag
"bf681ca3be8d03b81eec84fa0478dc41"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 01 Sep 2023 11:21:15 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		104 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18cffd85676d8fd824755449ed6c29ba276dca0f03ff541785aeab9bc5be4c95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29760
x-xss-protection
0
server
cafe
etag
652 / 19601 / 31077538 / config-hash: 9283820109230677264
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 01 Sep 2023 11:03:50 GMT
eb04c7fa-27fb-4c61-8600-c39fc91d7ce2.min.js
cmp.optad360.io/items/ 		497 B
997 B 		Script
General
Check archive.org
Download Go to
Full URL
http://cmp.optad360.io/items/eb04c7fa-27fb-4c61-8600-c39fc91d7ce2.min.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
2600:9000:2156:5000:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 19:52:09 GMT
Via
1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
Last-Modified
Mon, 12 Apr 2021 08:54:56 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA50-C1
Age
54700
ETag
"7acdc116a0830ba0aef5e087010246ba"
Vary
Accept-Encoding
X-Cache
Error from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
497
X-Amz-Cf-Id
QhSNI1Q2eaqpafUlQXJu0Wq9R4cMCjTw4_OXwsR4X1wB-zSIZ3KOiA==
plugin.min.js
get.optad360.io/sf/8b2de328-d178-47b2-bc5e-74cf6a08de97/ 		280 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://get.optad360.io/sf/8b2de328-d178-47b2-bc5e-74cf6a08de97/plugin.min.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
2600:9000:225e:5e00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7d4c054cf2b21f70c6fafd5f579719cf8ac50f399562b760029232fe87f6688

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 11:48:56 GMT
Content-Encoding
gzip
Via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P4
Age
83694
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 30 Aug 2023 09:38:07 GMT
Server
AmazonS3
ETag
W/"fda6689028f30606e6ec1f4085c46d95"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=86400
X-Amz-Cf-Id
B0rkW9Uv_OVv9W1gNlX--_kUgN5-RQJjGAQhZmN9IFjvdUAkrEJ9PA==
lebanonfiles.com.js
htagpa.tech/c/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://htagpa.tech/c/lebanonfiles.com.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9754c70bf18afb3a03065dae96aac1f2c32ab14acbbf7ad32bc27b9bedba421

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:49 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5PE1VBD5TSM2CRJ3
Age
6704
x-amz-server-side-encryption
AES256
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
2701
x-amz-id-2
fBajH7Wg7fz8QQmWk6h3Rr1LdwMDGjQXOzS2iQyRwq2UZw1EFs77VmHSQbpowEeVkqAQ2vEL7a0=
Last-Modified
Mon, 10 Apr 2023 13:04:12 GMT
Server
cloudflare
ETag
"035a875f8f89fdabee1c6bc722ea5767"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tzlpw%2BouuAYwR585a7RDRZsu44vFEL%2FNljVSRptSSpQG%2FVs6Z%2B%2BasEOrO6i2PWI3FXAmUiHopodMtPW8pj3piaL6hrDjHbZOgfmVDMZRdyhIchpK22aoCFXEvad8MFBmuDcXbqUq%2B9p54Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
7ffd07685d302c1c-FRA
js
www.googletagmanager.com/gtag/ 		128 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-60620050-1
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
432fdce0f0497cde1876dbb3f9ece60e6510c9b6d2ab6f918f1044a5370f60a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
50063
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Sep 2023 11:03:49 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2801299fa911a18c77fdbdf6d4694d8c88bfba249bdbc6e20f2355188e77b36c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51109
x-xss-protection
0
server
cafe
etag
362263538148340627
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 01 Sep 2023 11:03:49 GMT
swiper.min.js
www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/swiper/ 		136 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/swiper/swiper.min.js?ver=6.2.1
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
770008a560398e6ab513700705e2431fce9e999b8e10c299ad9c4dafd0c9010b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 02 Mar 2020 09:09:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4818050
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ust5JXnJ%2FlQD5otwJ5at0uoSAFyuaCvnFxSbNRHCuc1by4%2BOmLsuIPOB18Csjvl5VUnlhe9sI8wm6JLXME8sUWYZZpgR7Nv8UNGafeFBK%2Fko82JtX5KyAeG21%2BOjX3rZBTQpK2Vmj3TWC1Tc%2B7EQEptD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7ffd076828599036-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 16:28:12 GMT
iscroll.js
www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/iscroll/ 		49 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/iscroll/iscroll.js?ver=6.2.1
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ba5939372549192a9866bf2c9d828e9c7f16487c080a5339b2355601fd292c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4818050
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HPdTcR08GTMnrTIMNx4DM6vJ0av35zhdLlaAXrgSZ4y%2BV3PQ9xcLKkhxYi50GBWjn%2FMK0oVEleDoN8GZfbPF7Dt66ap4fWpeMgYJW1KDNjidsQrFrDO%2FXp7It%2F8DjBX0R7PqLRGV6z2Xd4jn1vRF576"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7ffd0768285a9036-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 16:28:12 GMT
jscroll.js
www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/jscroll/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/jscroll/jscroll.js?ver=6.2.1
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca296812f114107fa083d5231d83f2f12264be3f0fddf1e270b41f849fbfa8be

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4818050
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oleDm%2F%2B84uaN6Bzbw%2BkP7dV4Gtmx1VEMrdh1h27lKAKJY9I8kJhDfOV6IPAsC%2BTXLiXjNNwl9We0TwelHGkcKCk0RwuImI%2BNQoBQvLiC73%2B95WuuN2aMFOgB7G3h%2FQdk0VuxYb9p5dlsslRmA%2Bk9xx0W"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7ffd0768285c9036-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 16:28:12 GMT
plyr.min.js
www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/plyrJs/ 		117 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/plyrJs/plyr.min.js?ver=6.2.1
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d4e557fae260566d3a44d3b94eb31158760bf12fb0b8b3d0359b78a3110fb52

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Jul 2021 08:55:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4818050
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwU%2BBktxNCxnnjF55y3TqEb2qMYsyICeevLCK6Igcs5z4fIZjcp1nGiYRXy41M7oYNZZNN9aT%2BuJtMeE2acPHZOVVUE3AShwuHLnPjpIYpoEA67GAVeLZ1rOjVjMEme%2BoAxmjMwe2kUVIRY0IMq7I5A2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7ffd0768285d9036-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 16:28:12 GMT
anime.min.js
www.lebanonfiles.com/wp-content/themes/lebanonfiles/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/js/anime.min.js?ver=6.2.1
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7813f21ffc8ab5a9c4808a33cae9e6234b4ab3b14245a8900bdd62879642077c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 Mar 2020 10:08:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4818050
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJttgX%2FP5G4kS%2Fp3rDiDcWdMZCPIu%2B%2F9HIINZ547qhnntkDAeXTZ%2B7ZdqXH1ELYuxufYnYmcXumyrCEY6gWTbbkjczh8w5dNqsg2ozyAIIlqVjiu06KXfGRsanwOqo58Q3FaLD0syRwDpLIwDb6IR1lX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7ffd0768285e9036-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 16:28:12 GMT
triangle-mena-news-coverage-public.js
www.lebanonfiles.com/wp-content/plugins/triangle-mena-news-coverage/public/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/plugins/triangle-mena-news-coverage/public/js/triangle-mena-news-coverage-public.js?ver=1.3.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7efd359cd7418393a4a48a1bdc760a0ca0562da42bbe89b8cb48cab89225a471

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 Mar 2020 10:08:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4818050
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBt8WfsHE6GpvER8TDl6R69X%2FyRNGC%2BQo%2Ft%2BLefYdWDQVbtw%2BwKspBY4vsioLtxia5Hj1yoElW6%2BZNgskDiud%2BPZxhWndn9RGdBaPmkkzBtv0h65Mw64jEC5%2BJl%2BTCtSlE6wApdKtOEpri%2BW6UelPq%2FA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7ffd076828609036-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 16:28:12 GMT
jquery-migrate.min.js
www.lebanonfiles.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Apr 2023 22:47:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4818050
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sh3qhlYQWdkMV5zu90uPQJGExpCNASAyWnfx4atI6653KrBWlNgzBW7IdXt2L63seXUs3RBOhVBCC7aBRaS86KeN4jUvYkB7tgzi%2FmfX9gySmr14pa%2BxxnicFEmsR3kRMIAOzSJHPv0RO0E1mu9BifNq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7ffd076828619036-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 16:28:12 GMT
jquery.min.js
www.lebanonfiles.com/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Apr 2023 22:47:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4818487
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vuYjM3a59CuLFkqADhWEPG9C62urHz9bkilyrxb5yPf4ilCprQYH%2FBDweFi6obXqXCf7Z%2FOx49zpn61rGYP9cU5Mngo5rAdU%2BF0f7%2BX5j9ezzdKbsZczibhOmztzEds1TlLbBFfZq9lgwrKxiwvDtYIg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7ffd076828629036-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 16:28:12 GMT
main.js
www.lebanonfiles.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/ Frame CC53
Redirect Chain
  • http://www.lebanonfiles.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • http://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30e54f6224c24c68d80f52168ce45ad5b05f3e79bdf595627900214d33115856
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
application/javascript; charset=UTF-8
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGX6%2FNevFWK4GeskQFLDwbKm3iJk34Ob8C0T2Iq%2BcWudmaXgJibb%2By1jo95nBvcWay9FS0l7%2BXDYWs6pfMm1aL3NbM%2Bfq1SwlO%2BCRd9eQLu66cevosB1rZ%2Fqq0u%2BCYLQkJiGWwtYgDw1dvFcyUX2yxl4"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, public
Connection
keep-alive
CF-RAY
7ffd076888b791e7-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

Date
Fri, 01 Sep 2023 11:03:49 GMT
content-encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
vary
accept-encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HlFoIsvDONFSpyYiSFvrgMYtBLImST4n6E0%2BajUjGT%2BYrwIhWI2BBW1HtTRX%2FY%2Bxv2V%2FQjjdBKajnb462teVL8saLWlIpjSxM4nHjVG6OQQQjluAvvKHyWOee5e6X8RvBuJlJltl60WRb8kl2i90rJDh"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
cache-control
max-age=300, public
Connection
keep-alive
CF-RAY
7ffd0768487991e7-FRA
alt-svc
h3=":443"; ma=86400
7ffd07663e9591e7
www.lebanonfiles.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame CC53 		0
854 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/b/jsd/r/7ffd07663e9591e7
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
HTTP/1.1
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 01 Sep 2023 11:03:50 GMT
Content-Encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KqpNs94VRStFhtoH2ddGE65ZM4V0x7t7h8Z6aVBDI0Dl%2FbOoi7LbdQOeYeGN1zil0qBjlDNx9q1GgCUOiEZFJQWMA4ovboJJs%2FvDzHUd8K6NlI66%2FJ%2B5wqevoK6Kb0M%2BDMV2POi4UAAFyIf2rg6hRcmS"}],"group":"cf-nel","max_age":604800}
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
CF-RAY
7ffd076a9ae291e7-FRA
alt-svc
h3=":443"; ma=86400
wp-emoji-release.min.js
www.lebanonfiles.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.1
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Apr 2023 22:47:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4811995
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jM2MBRp35NDHCcHRqE2zzj7XkSqaQEue%2FhvHAklYD%2BQ4BbahnkN6yr%2BwgE42hKMmARYbiYAZpAl4jkrsqa73HGo0kkAxS8j9cA325nZNpMQeLZgzoCl1nW3LKmi8zc06Tr6U2Waslxq9XV7u198D1BYE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7ffd076b2c479036-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 16:28:14 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
HTTP/1.1
Server
2606:4700:10::6814:81f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:50 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Thu, 16 Apr 2020 10:44:16 GMT
Server
cloudflare
Age
70203
ETag
"-375139978"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=28800
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7ffd076bab651da2-FRA
Content-Length
4547
fbevents.js
connect.facebook.net/en_US/ 		193 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 01 Sep 2023 11:03:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52127
x-xss-protection
0
pragma
public
x-fb-debug
zXpXkrL5o0dNIc/xcUf6iGTf1Z+CO2yFaK4/AOFwk5yq+1No9QbIGu5LzLklvE/IppQ0nqJhHLTJIUGHz2CGog==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag.js
t.effectivemeasure.net/ 		0
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/ 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8745593945608202&plah=www.lebanonfiles.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6bb17c6c41827b7404a840e5f25577086ea0722d9b77489607f9c1ca9fcbbc78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133276
x-xss-protection
0
server
cafe
etag
13979855997456990793
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 01 Sep 2023 11:03:50 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/ Frame D2A9 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72382
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 14:57:28 GMT
etag
9878862242593084568
expires
Thu, 14 Sep 2023 14:57:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
projectagora.min.js
palibzh.tech/libs/
Redirect Chain
  • http://palibzh.tech/libs/projectagora.min.js
  • https://palibzh.tech/libs/projectagora.min.js
351 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://palibzh.tech/libs/projectagora.min.js
Protocol
H2
Server
2606:4700:3037::ac43:8a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dcb1d114416c41672277d95ab43ccc4b2fd9902e632de555a277a8f86b808c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:50 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QN7RVTEHAR8FN1B7
age
1756
x-amz-server-side-encryption
AES256
x-amz-meta-version
3.12.3
alt-svc
h3=":443"; ma=86400
content-length
100248
x-amz-id-2
EHyJg8vY7vqAH1fNMAPYJN+kkJU/oveu6qgG10PmKe+45+Sz5fETQsYjgpx3F4OG0MdYt3XW6KUpQXu6mcAvDA==
last-modified
Mon, 21 Aug 2023 08:31:08 GMT
server
cloudflare
etag
"2df94c86a8e03161638aefa64c9307b2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BdbLvOVOZfmZXd%2BX6ZPiX77vgVDTPNZKx0etPBIDfstNxXIUlJOx6qoOhmvnQouNn0OFSt6Np1taLatZF2pUt%2BQ9MLBFqXshXaVisXgKJWGydCu%2BWEDn%2BOF79Lm8HsvsOStiqSSZQhW89Uo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ffd076ccb8a1db0-FRA

Redirect headers

Date
Fri, 01 Sep 2023 11:03:50 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IpxlnEY3OZ3IcO3XF2LYZNrpLp0YzaVN4m5cZWOuzyBpMreu92OyH%2FIZ1PrHnKi1imikMRXXAep8xnGhAi51PA47oH6KTda2Xpaf36C3CilkAgD44u7F6o6f4HLR%2B7MYB4H2t6wOYvsZHs%3D"}],"group":"cf-nel","max_age":604800}
Location
https://palibzh.tech/libs/projectagora.min.js
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7ffd076c0f1892ab-FRA
alt-svc
h3=":443"; ma=86400
Expires
Fri, 01 Sep 2023 12:03:50 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/ 		403 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
667d77669d19714ac96c979a077c8c1ddeb43e5d9b425bf78da585cb92935dad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 09:50:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
4389
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129791
x-xss-protection
0
server
cafe
etag
6482524881801658577
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 31 Aug 2024 09:50:41 GMT
js
www.googletagmanager.com/gtag/ 		236 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G4EQ7NKTZM&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-60620050-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4bbdaa4383efe05132bb1963bd79c043b09ceb6b23c4572b91c0eacf62a597f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83735
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Sep 2023 11:03:50 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-60620050-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 01 Sep 2023 09:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4447
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 01 Sep 2023 11:49:43 GMT
0.php
s4.histats.com/stats/ 		52 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?1238494&@f16&@g1&@h1&@i1&@j1693566230424&@k0&@l1&@m%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D8%B3%D8%A7%D8%B9%D8%A9%20%D9%85%D9%86%20%D9%84%D8%A8%D9%86%D8%A7%D9%86%20%D9%88%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%20%D8%A8%D8%B4%D9%83%D9%84%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%7C%20Lebanonfiles%20%7C%20%D9%84%D9%8A%D8%A8%D8%A7%D9%86%D9%88%D9%86%20%D9%81%D8%A7%D9%8A%D9%84%D8%B2&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:13674206&@b3:1693566230&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fwww.lebanonfiles.com%2F&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
d14014baeba87467e3b1feef05f044a599931a5fa12df9ad6a911d6f4224923b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:50 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
287142507125395
connect.facebook.net/signals/config/ 		137 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/287142507125395?v=2.9.125&r=stable&domain=www.lebanonfiles.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b9723d048d0733d78d547eee2f28603e3ba051376e2a819ca5fd7c33af0b69ea
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 01 Sep 2023 11:03:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35925
x-xss-protection
0
pragma
public
x-fb-debug
eaUayw0rok7YaNV5MmR/mmgOOSBjacYUukKANC6uUKuOgMpVqHgbJ3EFRyTN5yQWaOcZYIJxnehT1et8Fv/pgg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
prebid7.36.3.js
get.optad360.io/sf/ 		520 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid7.36.3.js
Requested by
Host: get.optad360.io
URL: http://get.optad360.io/sf/8b2de328-d178-47b2-bc5e-74cf6a08de97/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:3000:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7559ba45677beff9ea485d64ab945d4a29a460c9319f20f8b131051629a1a67a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 18:50:32 GMT
content-encoding
gzip
via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified
Mon, 03 Apr 2023 08:32:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
1354399
etag
W/"0a921f4d0ab6e1dce1061b3c4ed313ce"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=360000000
x-amz-cf-id
3GMSoipQZGqQwpycG9IQpeWnWiC8dxGyvhOniPY4395mt8UV5gE6jA==
main.js
www.lebanonfiles.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/ Frame CC53
Redirect Chain
  • http://www.lebanonfiles.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • http://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
Protocol
HTTP/1.1
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9919db581b322a9912aaa2d88de756cb176e5e739c7d06398d839a35e90b8a36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
application/javascript; charset=UTF-8
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spVdvEeg4mQWFV%2Bkn9VfjcniABISbnxZuFGkimEovv1B3GGwhEudsOhzZiqpkYxVp%2FL8lW90Fq08iS5%2FOPQb8zcot1Vdx3w1KomnnnRyA3fduWvuOaGKlxrk7rpMgy7obLAFe6QD4Z8DE4rLpXKAQff2"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, public
Connection
keep-alive
CF-RAY
7ffd076dfe1f03f8-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

Date
Fri, 01 Sep 2023 11:03:50 GMT
content-encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
vary
accept-encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqXDGFWyvKIKYcECH5Wg5D0e2ZD4V0CmUJnaCPerl3QUS%2Bu17%2FP1sESuiur1aol%2BMmOaWKk2mr3qTg3nCqTili14sK6%2BPv6h2VHmL6fLSe547I3ZvseLhxO3kA96d2M9Ez0Fw9lU%2BRvWNwkvRUuf90My"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
Connection
keep-alive
CF-RAY
7ffd076c9d0b91e7-FRA
alt-svc
h3=":443"; ma=86400
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.2.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:50 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
973
etag
W/"7f9669464fe15e6a516c0eb693b26dbb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7ffd076cdbfa414b-HAM
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Mon, 04 Sep 2023 11:03:50 GMT
imp.js
fd.tesseradigital.com/ 		0
189 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fd.tesseradigital.com/imp.js?_pid=163594704&_ouuid=ASodpfIZjOnBwhMrThCSNfMsFWAnEBWSr8JFfSDUXPaq&_oprio=0&_oref=http%3A%2F%2Fwww.lebanonfiles.com%2F
Requested by
Host: tpx.tesseradigital.com
URL: https://tpx.tesseradigital.com/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.196.91.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-91-239.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:00:47 GMT
cache-control
no-store,no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
last-modified
Friday, 01-Sep-2023 11:00:47 GMT
server
nginx
content-length
0
content-type
text/javascript
sdk.js
connect.facebook.net/ar_AR/ 		308 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ar_AR/sdk.js?hash=dadcbdc7e6adbf10f8a291bb2b76d990
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ar_AR/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2f04da2d5791a00303d73678e80414d364917bdd867abd26e2387607dca4bab4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.lebanonfiles.com/
Origin
http://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 01 Sep 2023 11:03:50 GMT
content-md5
38AEwz8fg+vl6/O99dPc+A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89075
x-fb-debug
yN5oaZ79b/1/bsca1AAGksTcELKP5NcDMDR+kf0K43OLcwhWe9MIh9OCtyHobllulXZrUMywtiyxBjA0dslVOw==
x-fb-content-md5
ae794c405581cb63efd768958eae06f9
cross-origin-opener-policy
same-origin-allow-popups
etag
"80655ea344aa4382d1bd0900b6f8962a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 31 Aug 2024 10:19:36 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ 		454 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Origin
http://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 10:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186637
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 31 Aug 2024 10:47:17 GMT
/
www.lebanonfiles.com/
Redirect Chain
  • https://www.lebanonfiles.com/wp-admin/admin-ajax.php?action=get_breaking_news&nonce=83eab7eb9e
  • http://www.lebanonfiles.com/
0
0
%D8%B9%D9%8A%D9%86_%D8%A7%D9%84%D8%AD%D9%84%D9%88%D8%A9-810x450.jpg
www.lebanonfiles.com/wp-content/uploads/2023/07/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/07/%D8%B9%D9%8A%D9%86_%D8%A7%D9%84%D8%AD%D9%84%D9%88%D8%A9-810x450.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c68252b45c6245ea8a49f45ac89d3627bf3f787e40c0ee0fb90ff65a2ffed425

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2745807
cf-polished
degrade=85, origSize=95162
alt-svc
h3=":443"; ma=86400
content-length
89083
cf-bgj
imgq:85,h2pri
last-modified
Mon, 31 Jul 2023 16:12:37 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMjpEH2Xp4s91uiXTliW87NvO8w5ZOfpiwiQtRXfRl4kTmKn%2FDU1FEAYeC%2F2CvBpTBMPD%2FXgUZmJmbCeOJhMDgHMKQCUY9tCHuB0OYEnKoucV6csIkh%2BpWmdEGvY8GDiWMJcgMvqRWNntdeVlx6ysXX0"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd076dbf609036-FRA
expires
Tue, 30 Jul 2024 16:19:24 GMT
%D9%855-810x450.jpg
www.lebanonfiles.com/wp-content/uploads/2023/07/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/07/%D9%855-810x450.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3eac6723c55eadfc133dcccd13ace342859c5457a776bae19934beb61002b39

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3014246
cf-polished
degrade=85, origSize=80745
alt-svc
h3=":443"; ma=86400
content-length
76084
cf-bgj
imgq:85,h2pri
last-modified
Fri, 28 Jul 2023 13:42:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4X2I6WLgtd1KXjxcZz0llY8xcGkDCOQOORJ1ZZ%2F13C0AnawEjsbOZQ%2FgaTzkFm9Oy1ExY7pAbUI3%2F92gpprFFH%2FrnoQl92u4%2F7HiFw%2BlXulkw391pHr7rWkMPsp00hDeqp7ILN8oxH6NRhu6%2F7uK%2F%2FM"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd076dbf619036-FRA
expires
Sat, 27 Jul 2024 13:45:29 GMT
WhatsApp-Image-2023-07-27-at-11.06.35-AM-2-810x450.jpeg
www.lebanonfiles.com/wp-content/uploads/2023/07/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/07/WhatsApp-Image-2023-07-27-at-11.06.35-AM-2-810x450.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cc29d96c9287a978514a95a20e3286ab43fb4ee56a36a416f53dbf79d35182b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3119874
cf-polished
degrade=85, origSize=71678
alt-svc
h3=":443"; ma=86400
content-length
67516
cf-bgj
imgq:85,h2pri
last-modified
Thu, 27 Jul 2023 08:24:08 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZynOEOorKPNrUfOQJjxwTBhnTRTP9SQPNmcmIv%2FXv9LH75S4VHkGPx1hjLiT7kKlNc0Y4%2FT%2Frf3x%2FIyVEnqo%2BjdCokir7iX6lwvRabnvH0hWkPd5Er6NmU6szNxlYiahi54j6ibrHBLQNyRMDm6SCJc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd076dbf629036-FRA
expires
Fri, 26 Jul 2024 08:25:04 GMT
image-1-1-800x450.jpg
www.lebanonfiles.com/wp-content/uploads/2023/08/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/08/image-1-1-800x450.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb666583829babf53e0a80640fd618c55c293e3dd52ef1df117014ccbb0cdab4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81981
cf-polished
degrade=85, origSize=39059
alt-svc
h3=":443"; ma=86400
content-length
31915
cf-bgj
imgq:85,h2pri
last-modified
Thu, 31 Aug 2023 12:16:11 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7qOW3UlklwpyPhI5ThQuH%2FgpejxSKK8EX7ElwH9G4P0ka3K4ihoheitIsjls3PC%2F%2BFchgAeDUKljTGOHGopK7Rb4MCYEuquDLN4nxyMpjXwwMWHhjn3CvgiCgq%2BsoObfld1OipN4ZSGjE8G%2B8gbu4M8"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd076dbf639036-FRA
expires
Fri, 30 Aug 2024 12:17:07 GMT
9adYZ-ue.webp
www.lebanonfiles.com/wp-content/uploads/2023/08/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/08/9adYZ-ue.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee2c65d3b0e08561a4b755c6d4a43f59ebe87bbb6eaf5ab9722be653858b2a79

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:50 GMT
cf-cache-status
HIT
last-modified
Fri, 25 Aug 2023 11:00:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
18
etag
"13c6c-603bd40187ce9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZJxXcamaUOv9gEBeOKwa09FvNwRG5bGV4RFCvPCfKCnT8mIT9biRwM2aLO20mew7adXTYUIkT%2FRAHm%2FtcaXaEVwZU6RqccQeggw%2BG%2FAgch7js1AXwfZyM9HROs4QT9uuCPRr4ITZHLuPFqSWeQdpf6S"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7ffd076dbf659036-FRA
alt-svc
h3=":443"; ma=86400
content-length
81004
itw-cache
MISS
9c3ac213-fe34-43a5-ad9d-60c093df3677-810x450.jpg
www.lebanonfiles.com/wp-content/uploads/2023/08/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/08/9c3ac213-fe34-43a5-ad9d-60c093df3677-810x450.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8b706737cbde3a4b198983681ee1f63966f6af09bf93aabe28486235f40a7d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
763528
cf-polished
degrade=85, origSize=53440
alt-svc
h3=":443"; ma=86400
content-length
48540
cf-bgj
imgq:85,h2pri
last-modified
Wed, 23 Aug 2023 14:54:50 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTRZE4BmZbMR5r4QiVpEQvoNNZMNcCMvUvzlW4RW2h8clJvz7aK%2F776%2BHhfUQq9FG7DhkaonOMW%2FCwJbLQBrSH655NCBlWsuStw6A6ooOfRdQDyz357ON2ceTOtn9r2l%2FQsUG%2BuLTBMuqLQH9eNwkuca"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd076dbf669036-FRA
expires
Thu, 22 Aug 2024 14:56:13 GMT
1_35-810x450.jpg
www.lebanonfiles.com/wp-content/uploads/2023/08/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/08/1_35-810x450.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8ae03988b6db28471f9795556a4020d8fa8063a2b03b69cf8e5df123e7515d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2059518
cf-polished
degrade=85, origSize=92541
alt-svc
h3=":443"; ma=86400
content-length
63708
cf-bgj
imgq:85,h2pri
last-modified
Tue, 08 Aug 2023 14:54:50 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jSmPkvZu2NQnglKbYB2zhoEcUuOpIsZe03VchWCJvqb3OyTr5IdBDWfqu23r1mqwXD9ZPLqCtLaoH0Dr8sAnwwe0TA%2F4xCeGM6mTOaOtvB1YL9WvJPZ3yHzr0L8A%2BIz4mOUHdRXYv9Hz%2FEw3bHJGkJi4"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd076dbf679036-FRA
expires
Wed, 07 Aug 2024 14:56:53 GMT
moon5-740x450.png
www.lebanonfiles.com/wp-content/uploads/2023/08/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/08/moon5-740x450.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:441e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e352feac4af7dae9b14606626c40a3c87cfc38cffd56b2ad9dc1348ad4cb4681

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2398707
cf-polished
origSize=119387
alt-svc
h3=":443"; ma=86400
content-length
109540
cf-bgj
imgq:85,h2pri
last-modified
Fri, 04 Aug 2023 16:34:22 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpLUo04y%2ByFS4%2BWnyMo3A2jMItqTveIQ8Ulp1YF5sIebB7Q63dtfXLKyokk0jFuZzrqbAmFwbj7BiSy4laMathGuMeKR0GmfBRY%2Bn9wt4ydZ3McMBfftyRRr2309dgxtdAczjSXDQweOIEpt5t2tBNqz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffd076dbf699036-FRA
expires
Sat, 03 Aug 2024 16:43:20 GMT
rum
www.lebanonfiles.com/cdn-cgi/ 		0
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.lebanonfiles.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Protocol
HTTP/1.1
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
application/json

Response headers

Date
Fri, 01 Sep 2023 11:03:50 GMT
X-Content-Type-Options
nosniff
Server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
http://www.lebanonfiles.com
X-Frame-Options
DENY
access-control-allow-credentials
true
Connection
keep-alive
CF-RAY
7ffd076dbe1691e7-FRA
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=287142507125395&ev=PageView&dl=http%3A%2F%2Fwww.lebanonfiles.com%2F&rl=&if=false&ts=1693566230717&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.1.1693566230715.111581842&it=1693566230446&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 01 Sep 2023 11:03:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ads
securepubads.g.doubleclick.net/gampad/ 		714 KB
111 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1599002937088299&correlator=2680479197198447&eid=31077538%2C31070232&output=ldjh&gdfp_req=1&vrg=202308300101&ptt=17&impl=fifs&iu_parts=21894097782%2CLFiles_1x1%2CLFiles_728x90(1)%2CLFiles_728x90_970x90_970x250(2)%2CLFiles_320x50_320x100(1)%2CLFiles_300x600_300x250%2CLFiles_300x250(2)%2CLFiles_728x90_970x90_970x250(3)%2CLFiles_320x50_320x100(2)%2CLFiles_300x600(1)%2CLFiles_728x90_970x90_970x250(4)%2CLFiles_320x50_320x100(3)%2CLFiles_300x600(2)&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12&prev_iu_szs=1x1%2C728x90%2C970x90%7C728x90%7C970x250%2C300x250%2C300x600%7C300x250%2C300x250%2C728x90%7C970x90%7C970x250%2C300x250%2C300x600%2C970x90%7C970x250%7C728x90%2C300x250%2C300x600&ifi=2&didk=953092430~2049709755~3460629402~3453288073~609319846~975455373~2418804520~2137296733~1106874073~3491148600~3954194795~799051558&sfv=1-0-40&sc=0&cookie_enabled=1&abxe=1&dt=1693566230797&lmt=1693559030&adxs=1599%2C290%2C515%2C-12245933%2C135%2C-12245933%2C-9%2C-12245933%2C135%2C515%2C-12245933%2C143&adys=180%2C10%2C246%2C-12245933%2C2759%2C-12245933%2C-9%2C-12245933%2C4382%2C5019%2C-12245933%2C5079&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C-1%7C1%7C-1%7C-1%7C-1%7C2%7C3%7C-1%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&bc=23&nvt=1&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&vis=1&psz=1600x6532%7C903x-1%7C1370x0%7C0x0%7C320x0%7C0x0%7C0x-1%7C1370x0%7C315x0%7C1370x0%7C1370x0%7C312x0&msz=1x-1%7C903x-1%7C1370x0%7C0x0%7C320x0%7C0x-1%7C0x-1%7C0x0%7C315x0%7C1370x0%7C0x0%7C312x0&fws=4%2C516%2C4%2C132%2C4%2C132%2C2%2C132%2C4%2C4%2C132%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C0%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=514337933.1693566231&ga_sid=1693566231&ga_hid=481147567&ga_fc=false&dlt=1693566229531&idt=1206&cust_params=LFiles_Category%3DHomePage&adks=1850051439%2C1915962503%2C2468375758%2C1490351828%2C2976248596%2C1640508103%2C2087380756%2C263201464%2C65953659%2C2062053634%2C3722982800%2C2620572147&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
10dc0d689c47a91889c13a6e851922bbb361fcea40a4e7d55867bada4e4e13fa
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7504746176064661106/728x90/SailPoint-Horizons-MaturityAd1-DE-728x90.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7504746176064661106/728x90/SailPoint-Horizons-MaturityAd1-DE-728x90.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKLh4-yhiYEDFb1YHQkdmaYNog&gqi=&layout=/sadbundle/%24csp%253Der3%24/7504746176064661106/728x90/SailPoint-Horizons-MaturityAd1-DE-728x90.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7504746176064661106/728x90/SailPoint-Horizons-MaturityAd1-DE-728x90.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7504746176064661106/728x90/SailPoint-Horizons-MaturityAd1-DE-728x90.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKLh4-yhiYEDFb1YHQkdmaYNog&gqi=&layout=/sadbundle/%24csp%253Der3%24/7504746176064661106/728x90/SailPoint-Horizons-MaturityAd1-DE-728x90.html
date
Fri, 01 Sep 2023 11:03:52 GMT
x-content-type-options
nosniff
content-encoding
br
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113930
x-xss-protection
0
google-lineitem-id
5507213652,-1,-1,5436026142,-1,6012624441,6012624441,5436026142,-1,6012624441,5436026142,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138381865323,-1,-1,138420579998,-1,138393257644,138393258382,138420579953,-1,138392782968,138420579666,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308300101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c77866653e07fedab1f3b4a5411a3cfd271a100da3512feba2c072a64fdb255d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11811
x-xss-protection
0
container.html
507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8B3C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 11:03:50 GMT
expires
Sat, 31 Aug 2024 11:03:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-G4EQ7NKTZM&gtm=45je38u0&_p=481147567&cid=514337933.1693566231&ul=en-us&sr=1600x1200&_eu=AAAI&_s=1&sid=1693566230&sct=1&seg=0&dl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dt=%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D8%B3%D8%A7%D8%B9%D8%A9%20%D9%85%D9%86%20%D9%84%D8%A8%D9%86%D8%A7%D9%86%20%D9%88%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%20%D8%A8%D8%B4%D9%83%D9%84%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%7C%20Lebanonfiles%20%7C%20%D9%84%D9%8A%D8%A8%D8%A7%D9%86%D9%88%D9%86%20%D9%81%D8%A7%D9%8A%D9%84%D8%B2&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G4EQ7NKTZM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		399 B
607 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.lebanonfiles.com&callback=_gfp_s_&client=ca-pub-8745593945608202
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8745593945608202&plah=www.lebanonfiles.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
859700879b8f5b1a0499186a47d299a404a7cd99f755a0dad4f3bc814c39a7e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 69E2 		35 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8745593945608202&output=html&adk=1812271804&adf=3025194257&lmt=1693559030&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1693566230302&bpp=4&bdt=771&idt=580&shv=r20230830&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3471207935890&frm=20&pv=2&ga_vid=514337933.1693566231&ga_sid=1693566231&ga_hid=481147567&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077369%2C42531706&oid=2&pvsid=1599002937088299&tmod=456939262&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=639
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8745593945608202&plah=www.lebanonfiles.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a1d07869cb049d588a77f11efd3beb17f80dafd3cbeac292c09bb98cdbbd40b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
2052
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 11:03:51 GMT
expires
Fri, 01 Sep 2023 11:03:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&id=masthead&cls=site-header&ign=false&pw=1600&ph=1200&x=0&y=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
incoming
tpx.tesseradigital.com/ 		0
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpx.tesseradigital.com/incoming?p=false&a=false&b=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.157.179.180 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-179-180.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:50 GMT
last-modified
Friday, 01-Sep-2023 11:03:50 GMT
server
nginx
xtb.min.js
cdn.exitbee.com/ 		58 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.exitbee.com/xtb.min.js
Requested by
Host: palibzh.tech
URL: http://palibzh.tech/libs/projectagora.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c804a48c27c95ece02166174d1ed784187384ae36ea58848fd362f30824d21f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1894
x-guploader-uploadid
ADPycdvFdnCb51U5uzJIA5WGdsDMFmKAb4pAmSdpymeZF5eE0OHG2a4cmXfoghMdxGNIkZLLjsiwSHXPR1p0GDneCzaxi50-_ZK5
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 25 Jul 2023 13:16:53 GMT
server
cloudflare
etag
W/"e18d7a0b2b82d7299647e58634778c51"
vary
Accept-Encoding
x-goog-hash
crc32c=1Bru1g==, md5=4Y16CyuC1ymWR+WGNHeMUQ==
x-goog-generation
1690291013680966
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F183rum6Pi%2FtE21mKG2OUNzA1eEcOeQjGhpMvQJFS7RmV%2F3TXWGUMx3vHBSNNyiKQjGfPDCrMUGi%2FRYUMD5J9wsjBiO7JpdrTvsaPuttJsdtPwrGdbQT41Wt%2Ft2BM5mGh7FyuMykJJA1n0wHqaE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
59423
cf-ray
7ffd07704beebbd1-FRA
expires
Fri, 01 Sep 2023 11:05:09 GMT
web
onesignal.com/api/v1/sync/526a87ee-0554-4141-869b-9284da88eaea/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/526a87ee-0554-4141-869b-9284da88eaea/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed5b6be0c8b4f13ce22fe22b9d7008b58ca0dbd8a5680ca96c5625357658f43c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:51 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
1501
cf-polished
origSize=3427
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
691c5e08-e063-4a30-ac20-49484f7e1d23
x-runtime
0.035502
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"bbfef6d7d83c496b21112e52117ed151"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7ffd076ff99b414b-HAM
access-control-allow-headers
SDK-Version
expires
Fri, 01 Sep 2023 12:03:51 GMT
collect
www.google-analytics.com/j/ 		2 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=481147567&t=pageview&_s=1&dl=http%3A%2F%2Fwww.lebanonfiles.com%2F&ul=en-us&de=UTF-8&dt=%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D8%B3%D8%A7%D8%B9%D8%A9%20%D9%85%D9%86%20%D9%84%D8%A8%D9%86%D8%A7%D9%86%20%D9%88%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%20%D8%A8%D8%B4%D9%83%D9%84%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%7C%20Lebanonfiles%20%7C%20%D9%84%D9%8A%D8%A8%D8%A7%D9%86%D9%88%D9%86%20%D9%81%D8%A7%D9%8A%D9%84%D8%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1595637540&gjid=1711381913&cid=514337933.1693566231&tid=UA-60620050-1&_gid=2064550162.1693566231&_r=1&gtm=457e38u0&jsscut=1&z=612998893
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230901
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9ea931ae179a9a41f8826287bf803ff573c6aea650579b57e481f88b41485e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 01 Sep 2023 11:03:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
25379
x-jsd-version
1.0.1799
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4561-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"63b-T4+d61p2dctZ+6ErDqpOkcAu7+M"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcQZuzxWSnMlb3TNPno%2BFmGjIB6r9GgYSmfa%2FfhBtLAfhyEDn32mFAAN0HcbcmnKE668LkjsY46PeW%2F1BugLpToVlEFNwIzdbPOXhYDdLcIeUMldplns%2Fca3a5QvIIqTR18GbgsX1tA0lod5yFE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7ffd07709e352671-TXL
branding-ads.svg
cdn.optad360.net/icons/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.optad360.net/icons/branding-ads.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a000:f:a31d:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 12:58:01 GMT
content-encoding
gzip
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 12:02:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
2153151
etag
W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=360000000
x-amz-cf-id
-SqnHRAPC7kuUjiJ6wxM8Fuh0xpcvgpUYk_VBYkO7Tb_px9ftk1Cjg==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Sep 2023 11:03:51 GMT
7ffd07663e9591e7
www.lebanonfiles.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame CC53 		0
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/b/jsd/r/7ffd07663e9591e7
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
HTTP/1.1
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 01 Sep 2023 11:03:51 GMT
Content-Encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exaxGeJSU1EXeo9L9FIDrqkJixOnBzxfWHEpbrihHjTP2LylvKHaRIPqHaT1JHqjBH79pXn%2FhxEGXwXg%2FA5D40%2BkekzNzECfHQ1iS%2FK8PZCxU88s4NNWnv7iLBRnfwK1Vg8HsbfwXLkZTxMhQ0x1wqJo"}],"group":"cf-nel","max_age":604800}
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
CF-RAY
7ffd07717b2403f8-FRA
alt-svc
h3=":443"; ma=86400
pbjs
useast.quantumdex.io/auction/ 		0
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Fri, 01 Sep 2023 11:03:51 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7ffd077228e31cab-FRA
access-control-allow-methods
POST, GET
/
ghb.adtelligent.com/v2/auction/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8579fcf68a694bb09f94fe1753a3956312c54377a09547e10ad54c2c4811282c

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 01 Sep 2023 11:03:51 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
740
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=39667&adtype=banner&auc=oa-360-1693566231103_kd8naphhb&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.140%20Safari%2F537.36&l=en&dt=1&pid=62135&requestId=6bf7b007054f91&schain=%5Bobject%20Object%5D&bidfloor=0&d=lebanonfiles.com&sp=http%253A%252F%252Fwww.lebanonfiles.com%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.246 Terrassa, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb2.vdmy.dtic.es
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 01 Sep 2023 11:03:51 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
c
prebid.a-mo.net/a/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Fri, 01 Sep 2023 11:03:50 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
67
server
envoy
vary
origin, Accept-Encoding
cdb
bidder.criteo.com/ 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.36.0&cb=65723689190&lsavail=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Fri, 01 Sep 2023 11:03:50 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		139 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
81f8adeb53004b623652a54fa8179ca0051c8081102b56f3c1fdbc742bbea170
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:51 GMT
an-x-request-uuid
ab289bef-06aa-4b2f-9d92-7194cb3f7891
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.248; 193.32.248.248; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
46481059ad4c254a1579d147870f279bf94675c70ad1f8adca69e2e134e58e8c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:51 GMT
an-x-request-uuid
447626a7-c418-4435-8510-a9ffc49f5a97
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.248; 193.32.248.248; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
2aec2a2ed7df1cd9532f583f9bc93ab550da9e050a40afcfa191618cc1aaf57c

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 01 Sep 2023 11:03:51 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1836
Expires
0
ROS
pbjs.e-planning.net/hb/1/5b5e6/1/www.lebanonfiles.com/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/5b5e6/1/www.lebanonfiles.com/ROS?rnd=0.6502797427012541&e=728x90_0%3A728x90%2C970x90%2C750x100&ur=http%3A%2F%2Fwww.lebanonfiles.com%2F&pbv=7.36.0&ncb=1&vs=F&crs=U...
  • https://pbjs.e-planning.net/hb/1/5b5e6/1/www.lebanonfiles.com/ROS?ct=1&r=pbjs&rnd=0.6502797427012541&e=728x90_0%3A728x90%2C970x90%2C750x100&ur=http%3A%2F%2Fwww.lebanonfiles.com%2F&pbv=7.36.0&ncb=1&...
292 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/5b5e6/1/www.lebanonfiles.com/ROS?ct=1&r=pbjs&rnd=0.6502797427012541&e=728x90_0%3A728x90%2C970x90%2C750x100&ur=http%3A%2F%2Fwww.lebanonfiles.com%2F&pbv=7.36.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.lebanonfiles.com%2F&gdpr=0&e_pubcid=800fd301-011e-4aee-af56-fd92b2a381f2
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
afbeb022cae9e01bdf5fe7d8a890894c3779539e9807a30b4b7ef3aa2c1dec8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Fri, 01 Sep 2023 11:03:51 GMT
date
Fri, 01 Sep 2023 11:03:51 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
http://www.lebanonfiles.com
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
292
x-sid
AMS-929

Redirect headers

date
Fri, 01 Sep 2023 11:03:51 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
http://www.lebanonfiles.com
location
/hb/1/5b5e6/1/www.lebanonfiles.com/ROS?ct=1&r=pbjs&rnd=0.6502797427012541&e=728x90_0%3A728x90%2C970x90%2C750x100&ur=http%3A%2F%2Fwww.lebanonfiles.com%2F&pbv=7.36.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.lebanonfiles.com%2F&gdpr=0&e_pubcid=800fd301-011e-4aee-af56-fd92b2a381f2
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-929
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Fri, 01 Sep 2023 11:03:51 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ 		31 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
b7fa3a38e05d8ffddb37e7b382e7feacc4de23aa5efa8ea540232aa974e74061

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:51 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
collect
stats.g.doubleclick.net/j/ 		1 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-60620050-1&cid=514337933.1693566231&jid=1595637540&gjid=1711381913&_gid=2064550162.1693566231&_u=YADAAUAAAAAAACAAI~&z=1373732049
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 01 Sep 2023 11:03:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 9E05 		0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
http://www.lebanonfiles.com
Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
http://www.lebanonfiles.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 11:03:51 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
settings
s.exitbee.com/[object%20Object]/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://s.exitbee.com/[object%20Object]/settings
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.240.50.85 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
85.50.240.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-length
0
date
Fri, 01 Sep 2023 11:03:51 GMT
strict-transport-security
max-age=15724800; includeSubDomains
settings
s.exitbee.com/[object%20Object]/ 		0
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D47B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1638
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 10:36:33 GMT
expires
Sat, 31 Aug 2024 10:36:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A970 		829 B
941 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0a000afac31d99333c0fa4048be275b09c7ef6673b3aa08b88da326a0310e115
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-C0Fvvn_thWLmF_NlDr51CQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-C0Fvvn_thWLmF_NlDr51CQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 11:03:51 GMT
expires
Fri, 01 Sep 2023 11:03:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame A970 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308300101&jk=1599002937088299&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
pagead2.googlesyndication.com/bg/ Frame D47B 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
246306
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14793
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Aug 2024 14:38:45 GMT
generate_204
tpc.googlesyndication.com/ Frame D47B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?amPNgw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1599002937088299&correlator=616947358452119&eid=31077538%2C31070232&output=ldjh&gdfp_req=1&vrg=202308300101&ptt=17&impl=fifs&iu_parts=121764058%3A22548546259%2Clebanonfiles.com_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x100%7C970x90&ifi=14&didk=3382680491&sfv=1-0-40&eri=1&sc=0&cookie=ID%3Dc7e74650cf4a470e-22ff31ce64de0084%3AT%3D1693566231%3ART%3D1693566231%3AS%3DALNI_MZ_ODKxF4VbOs6IFmjuR6iBpKNvsw&gpic=UID%3D00000c6bdca11e7f%3AT%3D1693566231%3ART%3D1693566231%3AS%3DALNI_MZEg36aoGVSeXVIEvl8-G5FS-2kTg&abxe=1&dt=1693566232057&lmt=1693559032&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&bc=23&nvt=1&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&vis=1&psz=0x-1&msz=728x-1&fws=644&ohw=1600&ga_vid=514337933.1693566231&ga_sid=1693566231&ga_hid=481147567&ga_fc=true&dlt=1693566229531&idt=1206&prev_scp=hb_format_smartadser%3Dbanner%26hb_size_smartadserve%3D728x90%26hb_pb_smartadserver%3D0.63%26hb_adid_smartadserve%3D2377595bb49783c%26hb_bidder_smartadser%3Dsmartadserver%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.63%26hb_adid%3D2377595bb49783c%26hb_bidder%3Dsmartadserver&cust_params=LFiles_Category%3DHomePage&adks=3076045770&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c2e515f1bc5a4a5528814fcb3e3823392c8c55b8cd5011f29170d5602ae544c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:52 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11836
x-xss-protection
0
google-lineitem-id
5748817617
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138358150549
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308300101&jk=1599002937088299&bg=!eHulezTNAAYHwnCgJ8I7ADQBe5WfOFqoDhrMICHiIExOpr6t7GLByy1oGwtNf6jXhi3RikMWGvNYdBEkn8EoolfybExcAgAAAI9SAAAACGgBBwoAUg6dLvnioQ9OmW3M7qWq4MRFvg95qSibjZxP5ISLLboafoCoRTLDI-CTl339-wO3JD0IX11oyIw8EH8fmGkR7v3S5mgrtCsft1MU7dpcVtodHkWZAr9ACXK4CyQzkWrXE_0ewtYKHjGUv2VTQfu0A0ahT-ZjZZLd7b7t8uXxYO7ivNogNFPLgzh2MvWcs6I3LIBPN5v03fu9D3rIphpYExH1Cm3impjSS0l1kmFYMRkQVaNjJGQZshuXJDd7s52L_RiwDRMPpi1PRT8c7YKIC-icgyqeRSxNDjQq048eFNeISntlUqMgW9GWDQzQdjpJ3eGuv7AVUOpht14CHQlgU6K7Oww7eyYOaOvrQal4o5KaFEFrKGcRaEfBEky9LYnVRFKA_nIj86F0ERqv3QZqJSRkcXyxR_JZxYgKFPKR3CnUMyQr4tccWubRTNbhGJNY6Yx6rx-ZuYMTb9r1_R-oTkzpbLrV2zmPLnrDoq3tB-s12_bl3DgfTZKFhwdP75BW3ADcn4bvl0zaTNTsRqFfvt3OUr6wwimxNuF5XUb22bjEXoHANaIviQaVkaZvrywprCLkUN9RFIvPPrrAqcaa0tHzheckdFP74wUvA5tIyeIMik6VMU_bpWMgkuWAeTVbRFrtwzU_kuZjyLOWzNVd_KYu-5dwO6iDY9u-ahcmQ5OJ1DHxsaSs1HciPNSbOB_lKMSDbu_CfiR_DmWqvKlJSpTe9TGNUViCB4qtetUBMw5wmD9-87bht0SxMDmm7QsBq3zc3Ad0VPo8hfgIEN_ITfOmBZIBYINCBA0-4pxsk_-lgxbK8UAFIwqs54bvWeHlpHFuPSln6qRO1GX7imhJjCXEGF949cHPjJExuUbDnkpEygwXb4UEQIrJttI9ciMpdSixLQZAl-D9aVZU9ttKuzf7QCiQ8lFhF8xpEYR4iSalTvGK_NdBIag8VzQNwhSUpJh0MLQBCL6itxAxZBEN-zWYwxSdGLbJoMQGdUFNrKZIHYlOlAUte99Cvni7vMHe5aAB00e1IgoZWxL0-U1LkULYKfZg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
publishertag.prebid.134.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Sep 2023 11:03:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F09D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmxLuXGF0DXsCO0oVC8Zvc-kDiDLKGs8gQdNi2OqwO4ho1aVdg8ZIdA_3wY2SUqkwKxj5m4eZcoSio22rQnYFRxVafuvVVM_nFciDAq1ebhYvjg0ZXU5qsBKKk7jMHx1Hi1v95dK6RigPK7FFl4J-6s6Je1gd4jCrII1LH9y5i5914cCmgOloK3fAyPHm9WTAocEWfHDb63dA986ulET1fpaqkbr8r--wZmBM6u5tjBfP2U1WO_Yz2IVlIp5sOOWUWqYv6CHSiKs8G9xpRcgXQs3o0b3iQKnCk7GsUiTFvnFq7QFWR5WcrqjiQUln86agMI_3L-8W6zkPF42djzUHGqo2JAxXL7tpp&sai=AMfl-YSWh3O4jK3DppZI7RNv3tqDH6N0bcI_XR6FbcmItzzvThh5gznplLYQVrIGTGntb64oi-vBfR_MaJRuvdtQ1FYqScUsOkCcIGx1gNAMFzLAF35n3xT31LLsN0Kk0tFHbPviJGw6pQ5Z6HCm95A&sig=Cg0ArKJSzLvvMQxdap-dEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Sep 2023 11:03:52 GMT
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:52 GMT
content-encoding
gzip
last-modified
Fri, 18 Aug 2023 14:03:06 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64df7a1a-66bb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 01 Sep 2023 12:03:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F09D 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 11:03:52 GMT
container.html
507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4173 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 11:03:50 GMT
expires
Sat, 31 Aug 2024 11:03:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012307272333000/ Frame D60D 		222 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 19:22:21 GMT
age
229291
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62092
x-xss-protection
0
server
sffe
etag
"72571316e23440c4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 19:22:21 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame D60D 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Aug 2023 10:00:11 GMT
age
176621
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5267
x-xss-protection
0
server
sffe
etag
"85c6144a0af9a6d8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Aug 2024 10:00:11 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame D60D 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 05:50:45 GMT
age
277987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29055
x-xss-protection
0
server
sffe
etag
"34be4077024c0aa5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 05:50:45 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame D60D 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 16:22:50 GMT
age
240062
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1908
x-xss-protection
0
server
sffe
etag
"a56399b21b8bf15b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 16:22:50 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame D60D 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 10:05:13 GMT
age
262719
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13018
x-xss-protection
0
server
sffe
etag
"62ea6ad255afcfa9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 10:05:13 GMT
css
fonts.googleapis.com/ Frame D60D 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Sep 2023 11:03:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 09:59:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Sep 2023 11:03:52 GMT
ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D60D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 04:27:51 GMT
x-content-type-options
nosniff
server
cafe
age
23761
etag
9421415325968714010
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2737
x-xss-protection
0
expires
Sat, 02 Sep 2023 04:27:51 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D60D 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 12:49:12 GMT
x-content-type-options
nosniff
server
cafe
age
80080
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 01 Sep 2023 12:49:12 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/3976578151113734319/ Frame D60D 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3976578151113734319/14763004658117789537
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
222dd2655c39f59ce46d323a9c611e5768af6d45e35fd2541341311809074c72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 08:57:36 GMT
x-content-type-options
nosniff
age
525976
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116690
x-xss-protection
0
last-modified
Tue, 18 Jul 2023 10:09:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 25 Aug 2024 08:57:36 GMT
truncated
/ Frame D60D 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D60D 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D60D 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d624ecaf5c9e39ce3ba27a74b04463bf132f8204c38064b4050ff58cd90a755b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame B11A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssji9VU1AylWk7AERB_WofxQ9EUyHQypG8QHYOxhY9KbW2ZKrUNVW4qeXQsVQ8EUnARRlVp1zmn9BcJOoZZrGHfirW6pmE5X6jpMh8-TjtK_4s6vH1xY3UaxD9NgnAns90j6s2NFk3r8_B_OwsK7MDGYvadAI-ZqhP-DRj1MP9QYZOaPxY0hXtIdGm-LYadFc7FLFhd-I7SAu3zf70M_S0TuagvMkTr4T7KFDfOz5RRwC10jbNdMlUCF69J8q2yta2lAkFVoC2dNgt0uja8stJnfQYUFZ8kgMgWa1tK5uYLP66BIebAy9FlcnQz2ampeEg19qCd8ua5nCreGkTS1eoIR6rMol_l3CS-qw&sai=AMfl-YSB_jRPi_0XV5WYdwTby3tFVdccslKmSiyVgd2GMqIvCnkCQowmzqcSdgSoUXy8N7HXJkem9JtrjU8VvMYKyjGD5uRU9IRndC8aW1T0w_DZHdsZ_nskVUhGSeo04MjD8XHjX7IPMIYnolO385w&sig=Cg0ArKJSzNgm5qEibllBEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame B11A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
76173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9067
x-xss-protection
0
server
cafe
etag
16184311534176170479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 13:54:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame B11A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 07:52:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
11486
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Sep 2023 07:52:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B11A 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 11:03:52 GMT
2480297202195357521
tpc.googlesyndication.com/simgad/ Frame B11A 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2480297202195357521
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc075fd28c7c5fe13c0de6252ea367f0b679ad6b5f3a6403111b16539eaee1a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 19:25:50 GMT
x-content-type-options
nosniff
age
574682
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101008
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 10:09:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 24 Aug 2024 19:25:50 GMT
container.html
507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B301 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 11:03:50 GMT
expires
Sat, 31 Aug 2024 11:03:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 5D06 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszOxNw1QsKJO5Iw_6inu0qqDdBRDrMlBfzGjYlytAxPDxhOmpitAQXzCeEFbxopxkKVVyDtDBhHt4JoyJsA1hsyXbxu6Pue0vfZ2MOmesfMorK94C5rZIe2trjdx4OrmJYNwqCylzhj3PblCq2p07PJ0b2Ab8WLvVKmJc5gPoE7OTptI-fshBq44IUKiEiyywVjusRZrP6PfbfcXLyyWdgHESRlkr62Mj6OqmPLrSmQWsJ3FH4qmlh6w6z3oQfzfUmt0NW8bMpcfYtauqu0hoVOUCKp-CUavFmaDF6Ds24D8ekX_JtiZLt1gjz8_UrLgyR1MVotFzZBAtXBgQ-JZm5o9K1&sai=AMfl-YRRyZ0Vu4toNbzRq_I9WeonmkyfspzcxDZObxDIr0sUWKr80Pn8r42s2HQbkb0-_pW2j5vZatyKV_P3y494iyhqgKhTNFaSp6oiALIn8bo-4MXhYDmKYGycvtbNYo0zU0ddvyQVTv7uT5YjNVM&sig=Cg0ArKJSzIkhA8AaDZ6UEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
ads.projectagoraservices.com/ Frame 5D06 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.projectagoraservices.com/?id=14326&schain=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
HTTP/1.1
Server
2a02:26f0:3100::1735:2899 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ad4201efdc63f28f489ac3d0e135aa8dc69d92909d2e2dab075f3ef117f8cf6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Sep 2023 11:03:52 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
1817
Expires
Fri, 01 Sep 2023 11:03:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5D06 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 11:03:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6863 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvatk-McUmL5T5yAV953uTz0NFVtzWbcYrwQML5WAL-yTjq3Sco5bftGd1V4SOSl6EkahYvfpS7MpGjgkr0oQsaqQzjF5FA5-EQmeznJdORSZPSNMBcpuk0FPx08HgDlGzsA_sGaPv7Ij93BZ5jghXGlCaO8_tYoCE46dZf41-b6J73__kX5no8lU9NlJ54CqKrOpdPZp-z-e7QmIbbjmpnlkfNdn5Qa53-L1ZqmZxwPHh78cO3vDlDMGBUWy86DW7GlfrODQr6VJFj04y3P6NciSs20ZykXimA4QRurij3IWzx8eIejXOkQEOiy_1Sd_-us6epodDFFGZ-R0BGYHZ8k8inWXMNumL0zQ&sai=AMfl-YRNIZmm5GXgabXuJHZMneyvecViM_dnjNZ1gPyjAi5WENuPM2wjhhQJRU5GBjlrtkc1oaZjtg4x2bD5EkHCUr12jr16dQjkY4l4WMbg3DUNUWFkYdJBfHzZLtSS8YfXChxI7DHfRmm82mMk58k&sig=Cg0ArKJSzC3rZ2776sb7EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
2480297202195357521
tpc.googlesyndication.com/simgad/ Frame 6863 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2480297202195357521
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc075fd28c7c5fe13c0de6252ea367f0b679ad6b5f3a6403111b16539eaee1a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 19:25:50 GMT
x-content-type-options
nosniff
age
574682
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101008
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 10:09:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 24 Aug 2024 19:25:50 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame 6863 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
76173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9067
x-xss-protection
0
server
cafe
etag
16184311534176170479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 13:54:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 6863 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 07:52:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
11486
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Sep 2023 07:52:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6863 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 11:03:52 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012307272333000/ Frame F095 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 19:22:21 GMT
age
229291
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62092
x-xss-protection
0
server
sffe
etag
"72571316e23440c4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 19:22:21 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame F095 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Aug 2023 10:00:11 GMT
age
176621
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5267
x-xss-protection
0
server
sffe
etag
"85c6144a0af9a6d8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Aug 2024 10:00:11 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame F095 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 05:50:45 GMT
age
277987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29055
x-xss-protection
0
server
sffe
etag
"34be4077024c0aa5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 05:50:45 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame F095 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 16:22:50 GMT
age
240062
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1908
x-xss-protection
0
server
sffe
etag
"a56399b21b8bf15b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 16:22:50 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame F095 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 10:05:13 GMT
age
262719
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13018
x-xss-protection
0
server
sffe
etag
"62ea6ad255afcfa9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 10:05:13 GMT
css
fonts.googleapis.com/ Frame F095 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Sep 2023 11:03:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 10:44:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Sep 2023 11:03:52 GMT
ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F095 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 04:27:51 GMT
x-content-type-options
nosniff
server
cafe
age
23761
etag
9421415325968714010
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2737
x-xss-protection
0
expires
Sat, 02 Sep 2023 04:27:51 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F095 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 12:49:12 GMT
x-content-type-options
nosniff
server
cafe
age
80080
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 01 Sep 2023 12:49:12 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7EBF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYm8895FnFNunnR8fKCxexlIgPW8-kiQzj0aSqSBVfFdMEJxAcHWoAzJ0KnU3RVN02-0zryA_P2ZF4RiLbky8acBjwJOQxtjQN-FfmjAJxjWJi78uv7pxRZzkPhmHF6G93UITf2U6yh-9gdDVaj70h_j9NeWTt-31r2zQYdaIa_-mcybM_muszWDBknS4JkaixtqcZycipKZLvS-MAG5Xrn8hc2c-MhzrMthgI7cWGFLGpK9rOBUMe2YawW87JzCXKKORyzzGITe8M-ed9norgq-JbyU0A4JUgHWcgYZ_0CCXUohDkfOKEnT_oLM84_rRJXbZr9mzFfKzkUXBhAe9d3I1A1rrFrALjiGZJLQ&sai=AMfl-YTcuOeIJ7VW_DiOoKrylwj_5sY3ZAP0Z-bplcaH9AgvEF5RHJL6kb-3SZrTXlkXZMTRVqUdJH1ZP8BqomtMzcyzWPk33vjOAdvLxEeDF1AYwqGuwfyD6gcI_0bROVpZz7BvF1gytHUZgdgRRpg&sig=Cg0ArKJSzCBaUpZgd844EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
ads.projectagoraservices.com/ Frame 7EBF 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.projectagoraservices.com/?id=14322&schain=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
HTTP/1.1
Server
2a02:26f0:3100::1735:2899 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
de8500da818ea65726f88690218849735f4d32e528e673d557f1f27895cf1dc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Sep 2023 11:03:52 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
1822
Expires
Fri, 01 Sep 2023 11:03:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7EBF 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 11:03:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C723 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5kpxuVmq4PijQ3tUcMas-ISoiCWBJtzCTnqfN8Rdt3h5VrQilx4VifM61nNIX8sUfPnxgzYZPSB-vJjpxfl8p4icrL343uolpJzBhZovxKEm2JHhOpZSBOe49Bsc7WssTYHeRRRM6fa_-jeWWGDOb0-iRbHEfQaQlZMpmyX9Ebhk-p18_XXmKhZjlD7at5flaLkTL-Ze7gsW5x7tv2_Y8lFnMfg0alInVh5WpDpCk64AKe86qjR-2CJTlK2u1_uSgwrcKJJJUJEUJ8yQyugxYRIM6f8KAiVPvR-go7EJpJucgV7vH9wgHqcHmPAtuIB6mvJvqYMQoLzOpzf2e2MtYsWjT4fLX8bIosg&sai=AMfl-YTZ6G1vSLp7SN18L832G2AqtS_PB34869rZii684SeAHUn835iCvXEeDibDFPpplViuUWiG0MSFkQpZa569nm-i_-_nfZbKj0mB541i6OeJKbHnDpGPMS32IgIN9ect4V-c2Ej2jS4RWpMu_fI&sig=Cg0ArKJSzHAV8f2WlsJ8EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
2480297202195357521
tpc.googlesyndication.com/simgad/ Frame C723 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2480297202195357521
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc075fd28c7c5fe13c0de6252ea367f0b679ad6b5f3a6403111b16539eaee1a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 19:25:50 GMT
x-content-type-options
nosniff
age
574682
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101008
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 10:09:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 24 Aug 2024 19:25:50 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame C723 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
76173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9067
x-xss-protection
0
server
cafe
etag
16184311534176170479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 13:54:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame C723 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 07:52:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
11486
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Sep 2023 07:52:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C723 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 11:03:52 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012307272333000/ Frame B2D1 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 19:22:21 GMT
age
229291
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62092
x-xss-protection
0
server
sffe
etag
"72571316e23440c4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 19:22:21 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame B2D1 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Aug 2023 10:00:11 GMT
age
176621
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5267
x-xss-protection
0
server
sffe
etag
"85c6144a0af9a6d8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Aug 2024 10:00:11 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame B2D1 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 05:50:45 GMT
age
277987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29055
x-xss-protection
0
server
sffe
etag
"34be4077024c0aa5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 05:50:45 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame B2D1 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 16:22:50 GMT
age
240062
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1908
x-xss-protection
0
server
sffe
etag
"a56399b21b8bf15b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 16:22:50 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame B2D1 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 10:05:13 GMT
age
262719
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13018
x-xss-protection
0
server
sffe
etag
"62ea6ad255afcfa9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 10:05:13 GMT
css
fonts.googleapis.com/ Frame B2D1 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Sep 2023 11:03:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 09:28:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Sep 2023 11:03:52 GMT
ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B2D1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 04:27:51 GMT
x-content-type-options
nosniff
server
cafe
age
23761
etag
9421415325968714010
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2737
x-xss-protection
0
expires
Sat, 02 Sep 2023 04:27:51 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B2D1 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 12:49:12 GMT
x-content-type-options
nosniff
server
cafe
age
80080
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 01 Sep 2023 12:49:12 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/1376596168352615375/ Frame F095 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1376596168352615375/14763004658117789537?w=400&h=209
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33d70a655e38e1bbceeec6fa08dfe7b92f1280b39970b4d1bcc86f4d3d13548a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 05:57:34 GMT
x-content-type-options
nosniff
age
536778
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18736
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 14:27:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 25 Aug 2024 05:57:34 GMT
truncated
/ Frame F095 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame F095 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame F095 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
794e3d88441972246ca308a0691e501959dc53954cb2ac2d3405001b587e43ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
14763004658117789537
tpc.googlesyndication.com/simgad/12495168998223581308/ Frame B2D1 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12495168998223581308/14763004658117789537?w=400&h=209
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8d3012d8e716cf826af58c652c98a55a239a643b25740302e26901a5647169b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 04:34:49 GMT
x-content-type-options
nosniff
age
23343
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12209
x-xss-protection
0
last-modified
Thu, 08 Jun 2023 09:38:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 31 Aug 2024 04:34:49 GMT
truncated
/ Frame B2D1 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B2D1 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B2D1 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ea30109dd8ec35390a613a873648ce09e3745078dcbed365d22ec6345f89c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame D60D 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 05:14:28 GMT
x-content-type-options
nosniff
age
193764
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Aug 2024 05:14:28 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame F095 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 05:14:28 GMT
x-content-type-options
nosniff
age
193764
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Aug 2024 05:14:28 GMT
container.html
507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6AFA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 11:03:50 GMT
expires
Sat, 31 Aug 2024 11:03:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
SailPoint-Horizons-MaturityAd1-DE-728x90.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7504746176064661106/728x90/ Frame B6F8 		219 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7504746176064661106/728x90/SailPoint-Horizons-MaturityAd1-DE-728x90.html
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ea94c67f2eb8aa9e96783b491f5cceaabf0294ed397771e8e72f968c48931a3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
348505
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
24207
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 10:15:27 GMT
expires
Tue, 27 Aug 2024 10:15:27 GMT
last-modified
Thu, 13 Jul 2023 19:53:30 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame 4173 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite_fy2021.js
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
76173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9067
x-xss-protection
0
server
cafe
etag
16184311534176170479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 13:54:19 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8366 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2409
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 10:23:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 4173 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 07:52:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
11486
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Sep 2023 07:52:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 4173 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
76173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 13:54:19 GMT
truncated
/ Frame F09D 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4c48883848fe55b523672410eeed2d0a0d19f1f0c095a37b0b62d3cacb6bc41

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame F09D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssC4DTGYSeHHdaENdAwJxZMMcyv0ojyAIc1EuwYGSbajtG8TxXPG3XmEvkTyG20poVhLkJGk1rQXTe2dOpqK5y1fUY2FmOEAr1s9HfDo-zF_vM54VxcQKM7xnWLFkvyFHjq34VrwVHsODjJjZLvd3NbPL40_lYDDfhGLvU2xrDlfYY2KvkAPaVLFIJVc7m6Xk4D6J0Gdgfy-es7bnx4plCvGAEQGwiEZrPFzNU2ssARo6xvLA0gd8EkuJmjxS5BmHot7H9yDdD72dfVb6be7odrCuxj0i7zFF1qns7yfaKlcWHdnXQ7ecdr4clIdh8jxhEP72td_roIJt5Z0aLJ&sai=AMfl-YSAPboWfYA8Gerh6SuBcWmM-o39ck7PIq4nkH3sySMOIRuEKQ_tmTt15gHVGpLui3wHJ-ZGZviajgxbgGJ7jIjVSWWPMj81ZUl1ImBnbkk-WVLl6oA2cVgZlIRIwuiFpK6YWdrgAwc96dq2JqI&sig=Cg0ArKJSzFACrB-5Zj9wEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Sep 2023 11:03:53 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame B2D1 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 05:14:28 GMT
x-content-type-options
nosniff
age
193764
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Aug 2024 05:14:28 GMT
syncframe
gum.criteo.com/ Frame 0809 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.lebanonfiles.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 11:03:52 GMT
server
Kestrel
server-processing-duration-in-ticks
364215
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.134.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Sep 2023 11:03:53 GMT
63e0a2a793d720ddab32c7ad1c79b976.js
www.gstatic.com/mysidia/ Frame B301 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 03:15:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
546507
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3931
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 00:31:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 24 Nov 2023 03:15:26 GMT
ee251732ce1223ff2922bd9f5a6f375b.js
www.gstatic.com/mysidia/ Frame B301 		142 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ee251732ce1223ff2922bd9f5a6f375b.js?tag=video_mra/web_raspberry_ms
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48e2fc9da9fb73a8372b463ddee5a54c51a507759eca852582da61ba40e62ba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 23:55:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53445
x-xss-protection
0
last-modified
Tue, 29 Aug 2023 22:07:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 27 Nov 2023 23:55:34 GMT
css
fonts.googleapis.com/ Frame B301 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Sep 2023 11:03:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 10:20:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Sep 2023 11:03:52 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ Frame B301 		110 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53202a3c73552b3385ff4cc5598c6cdabfa4d37acc87cd2fd8c0577494143285
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 01 Sep 2023 11:03:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32193
x-xss-protection
0
server
sffe
etag
"473971c650298c2f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 01 Sep 2023 11:03:53 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame B301 		2 KB
898 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
76174
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 13:54:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame B301 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite_fy2021.js
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
76174
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9067
x-xss-protection
0
server
cafe
etag
16184311534176170479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 13:54:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame B301 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 07:52:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
11487
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Sep 2023 07:52:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame B301 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
76173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 13:54:19 GMT
3c1ec1505caf618a1f8c049839112e9c.js
www.gstatic.com/mysidia/ Frame B301 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 02:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15058
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 21:27:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 02:09:09 GMT
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/1.8.0/ Frame 5D06 		108 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag/1.8.0/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: http://ads.projectagoraservices.com/?id=14326&schain=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:287b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0192d34daa937cbdfb7ea634aac957a5b2bc6c571706f6130f5800a561d41b61

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:53 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvsG5sWG1B69ZDmT3ralAb0Jctc6KXR87apFQ-GqLQLVR9157Ix-Fd-LDt9dnT4ZcLoIF3lxR3nIrIEpwOIWaq_xA
x-amz-meta-version
1.8.0
x-goog-storage-class
STANDARD
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
content-length
21888
last-modified
Mon, 17 Jul 2023 13:45:29 GMT
server
UploadServer
etag
"e2f61d9dc0b35c9a0fd05ed9898231b5"
vary
Accept-Encoding
x-goog-generation
1689601529860212
content-type
application/javascript
x-goog-hash
crc32c=HaUQcQ==, md5=4vYdncCzXJoP0F7ZiYIxtQ==
cache-control
private, max-age=86400
x-goog-stored-content-length
21888
accept-ranges
bytes
impress
ad.vidverto.io/delivery/ 		59 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.lebanonfiles.com&pzoneid=7471&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.lebanonfiles.com&top_url=http%3A%2F%2Fwww.lebanonfiles.com%2F&domain=www.lebanonfiles.com&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&referrer=&async=1&uid=1028480840&gdpr=0&gdpr_consent=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
HTTP/1.1
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
46234cd27cdffe4b0b922569527a0980d153880afbec215362eb7d8f5151474c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:53 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/1.8.0/ Frame 7EBF 		108 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag/1.8.0/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: http://ads.projectagoraservices.com/?id=14322&schain=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:287b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0192d34daa937cbdfb7ea634aac957a5b2bc6c571706f6130f5800a561d41b61

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:53 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvsG5sWG1B69ZDmT3ralAb0Jctc6KXR87apFQ-GqLQLVR9157Ix-Fd-LDt9dnT4ZcLoIF3lxR3nIrIEpwOIWaq_xA
x-amz-meta-version
1.8.0
x-goog-storage-class
STANDARD
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
content-length
21888
last-modified
Mon, 17 Jul 2023 13:45:29 GMT
server
UploadServer
etag
"e2f61d9dc0b35c9a0fd05ed9898231b5"
vary
Accept-Encoding
x-goog-generation
1689601529860212
content-type
application/javascript
x-goog-hash
crc32c=HaUQcQ==, md5=4vYdncCzXJoP0F7ZiYIxtQ==
cache-control
private, max-age=86400
x-goog-stored-content-length
21888
accept-ranges
bytes
view
securepubads.g.doubleclick.net/pcs/ Frame 6863 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstEH26LW4dLauqS_kNYAFrQcJtLNs_MX6M2p4qXE3LPk0kVNseIjrtmqMbUXcHlWgXgmHOshz3Z_qC0eWt3Sd_1mDHrAtF_CuI7QEsXrbr0xPozN4ol9Oz2ipqDsyucU_eaZ0bDcgAflEymZ0q2XorykrbohDO2cufh7-usMxtU-FO1rbs1cz2ZRY3bvQJm5NsKFtHJ1mEQ1h49IKBAAKWuVpklbqH4-82E4hJCyz81-eMn0zzTfnQ4_kh_zqrVZQU3tj0ZouuCSUqR8oCIJUl4qeYcUT9VwfMouPsI3a3etZ8xk2qdkvWJs1lMw3Wjz6lniHlKUYoJrJrKk76lY5ZF580f9vQ-BbPZucJg&sai=AMfl-YQzjeccjNjlR4Oa8RFgcR2DoGpDTYpDTcttEO4zQggCsnz3MmR9WXfpQAuLZjt7uiaA9MeBuVXvetX01szdPne-hxFc5umQpcFYVjRBHKyvfHE7zY1xfeFw3X2Xyo45t-PXOlnfi1FdlKyadJs&sig=Cg0ArKJSzPXa2GSMP7LJEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Sep 2023 11:03:53 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame B6F8 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7504746176064661106/728x90/SailPoint-Horizons-MaturityAd1-DE-728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 10:14:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
2935
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 02 Sep 2023 10:14:58 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B6F8 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7504746176064661106/728x90/SailPoint-Horizons-MaturityAd1-DE-728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:31:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
77552
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 01 Sep 2023 13:31:21 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame B6F8 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7504746176064661106/728x90/SailPoint-Horizons-MaturityAd1-DE-728x90.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Sep 2023 11:03:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B11A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIV0AJhgsY-G_IoeqOk1RBp80uhVzQE1_8sniB6JNkdJ3s0a8UQKybZsXf8jIGiVLOCYZuwgI11FKmDdPenmzbCutnzwAKYBMyEauCttjtZOLAqK9uiOQzC1p7j3yLsdRf546KS2dbmQkNT6oX0mKBxPL9sEsO81CNIvp3TW2Sndpgwld_PJ-ymWNsF-oLhPZWVniB0_hyDRoptBvSRX1Qx7X9k1rkeX8xXHyl5pa2Bkl2HDd0Ct3qW8rCCGvYzunWNiF-vBWwSHVL-WIcCJF8fitQ4N2oUNnzXhv8MIavdKCugsWIAtM6SLpUORQulRwWbZHtFG6Ry8C4Oobb-7a-RfHmbWkDkT5HatvQ&sai=AMfl-YTagTqore7chscPbI6_RG5jrdFardR3WKxHcuvKVC1ONDLrzxT5Li3gFOcyIrHuZl7eDBVWlrhDO_7B4x2Hit-mLKkiVYK8mnvH-tMCTpfntDnSNmTogTGpSkpQPBQP-ImABkXUqPw22Z9oDaM&sig=Cg0ArKJSzCPefjLoNlK5EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Sep 2023 11:03:53 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6AFA 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 07:32:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
444660
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 26 Aug 2024 07:32:53 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 6AFA 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
16376
x-jsd-version
1.15.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230064-FRA, cache-yyz4549-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5YyUZuY7tL0ae5icpKYeZQpswYitzzAqEMd0%2BUjT1%2Fng1r6A2vhdl87GZDnTZerXdXTbe0DeV%2FXeDQRK1OsJ0DKeHkMUNdcMNBFotkrZBBRbTGGxj%2FcVYvJYNZAI6%2Bbo1B%2BYv2OhXtT7WIqsRA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7ffd077dad4bcaad-HAM
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6AFA 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 11:03:53 GMT
truncated
/ Frame 7EBF 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e34977bf7c86097febb926fec2dc06881eac9c79dbb22ee8e71cc360a0cf94d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame C723 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvalz2-Cp7WPHfB0tXEvKb4h-deiVGsBIfhojrweaDb6LQjl1EBYB3LFBFBJiKbbu42zTHXHZdI7246ZXAgunSTFOmq764T15lO44pzpmlDdkCv2d0KZhhsXrAy3LeuEA3If6y2ubXeWrBPtpJUDbUhQZxKDxKm7azqOv9myw1nsxzhP0oy6y_YBGlLftoEXZJLEw673g8phwmSu102aPL6FTMJNmUWRTY6m5ufIZsVdbjbDH6HcFpEXhDoFGhSY3CwGWirCthO4mpVo3RMYM1hI7vv6ZNMStwwtIt5H7i-orWFqClgSSsP5Qesj00WjRyRzoHGmn5n2Y58cC3aKobpgEsFutPnHlXMYIB5&sai=AMfl-YTjaMu7t_CJwOEzlM7xVLYb_qPY2mG3aJYdjaDw-H34L-RWKz9iZweusEaCa7ay6tiXBSWh3ZQx6_UbTOPQ1f4Z9IzAWs0TKMQrEu-24ivAIo1upY0VWyY6NOPCm3xrTK-9tbWsfY7f0P3YFPo&sig=Cg0ArKJSzEHXsDyPvbdCEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Sep 2023 11:03:53 GMT
sid
mug.criteo.com/ Frame 0809
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=lebanonfiles.com&sn=ChromeSyncframe&so=0&topUrl=www.lebanonfiles.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=_vRfX3xwT0NrZXdwTHdjc2FuNnBhVmg5ZU5sdlNONmF2YmNUdzkxaEdPK2ZVMjdmUG92N3FNUm5ab3UyL09XRElwUTdiNjVxTWNFbjVDdnU4NnlGeUNhb1hUTmJwNkNUVlU4RGVPOExxdjljZWVuazF4SDhoSnZYQkJuMz...
452 B
671 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=_vRfX3xwT0NrZXdwTHdjc2FuNnBhVmg5ZU5sdlNONmF2YmNUdzkxaEdPK2ZVMjdmUG92N3FNUm5ab3UyL09XRElwUTdiNjVxTWNFbjVDdnU4NnlGeUNhb1hUTmJwNkNUVlU4RGVPOExxdjljZWVuazF4SDhoSnZYQkJuMzRMTU9vNElpTXU5QU9IaDJlV2g2ZzZ2L2dsT3FSK3ErdXJXQ2xpNFVGZDJycUtCMkJTRTBPUW1KY3ZUMEZ2T3o3cTFBamtMelphU3RpSlE4R2JWT2grNVBrL2NTdkExdnJGbUxvQWVpdmowakFZdXV6NnJ2bVJ4VEJhUTNVeHZOeTdXUGxMVXpuYkc4OTBkK1BHUE5DUVBGV1RZREQyZGhFVE8yMGJDNlJjV1VJckR6ODAyRT18&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9be831c4bdaea604b35778a4b0469b488a4305db46f47072241168160fde3ee8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1286923
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=_vRfX3xwT0NrZXdwTHdjc2FuNnBhVmg5ZU5sdlNONmF2YmNUdzkxaEdPK2ZVMjdmUG92N3FNUm5ab3UyL09XRElwUTdiNjVxTWNFbjVDdnU4NnlGeUNhb1hUTmJwNkNUVlU4RGVPOExxdjljZWVuazF4SDhoSnZYQkJuMzRMTU9vNElpTXU5QU9IaDJlV2g2ZzZ2L2dsT3FSK3ErdXJXQ2xpNFVGZDJycUtCMkJTRTBPUW1KY3ZUMEZ2T3o3cTFBamtMelphU3RpSlE4R2JWT2grNVBrL2NTdkExdnJGbUxvQWVpdmowakFZdXV6NnJ2bVJ4VEJhUTNVeHZOeTdXUGxMVXpuYkc4OTBkK1BHUE5DUVBGV1RZREQyZGhFVE8yMGJDNlJjV1VJckR6ODAyRT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
333177
content-length
0
expires
0
/
onetag-sys.com/usync/ Frame C3DA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
moxplayer.css
ad.vidverto.io/js/moxplayer/ 		51 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/moxplayer/moxplayer.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:53 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-cbf7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 01 Sep 2023 12:03:53 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		356 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9f0196a37642b04ecaf289a2772042f8d51629c622b87a35b8876315c89f8ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125514
x-xss-protection
0
expires
Fri, 01 Sep 2023 11:03:53 GMT
inview.min.js
ad.vidverto.io/js/ima2/2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:53 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-1389"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 01 Sep 2023 12:03:53 GMT
vast-client.min.js
ad.vidverto.io/js/ima2/2/ 		59 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b682ef87b0ee4f3631fb1d297c2ad373d1e423ab2d1c14dc10a3fb1dd59a1466

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:53 GMT
content-encoding
gzip
last-modified
Fri, 21 Apr 2023 17:10:25 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6442c381-edf4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 01 Sep 2023 12:03:53 GMT
ima.min.js
ad.vidverto.io/js/ima2/2/ 		87 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4dd0d73d5ecadb5b80d3e5a901564b14a90d3436e11f860795ab53098f24b1b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:53 GMT
content-encoding
gzip
last-modified
Mon, 28 Aug 2023 12:02:31 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64ec8cd7-15d84"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 01 Sep 2023 12:03:53 GMT
vidvertoplayer.js
ad.vidverto.io/vidverto/player/ 		129 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:53 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 07:44:44 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdedec-205ff"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 01 Sep 2023 12:03:53 GMT
prebid.js
ad.vidverto.io/js/achernar/ 		318 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/achernar/prebid.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
098edf6f2f040b09a7f932e1824aa3295784a54fd3adf7d53daaf7398052a075

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:53 GMT
content-encoding
gzip
last-modified
Sun, 13 Aug 2023 19:44:06 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64d93286-4f6c3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 01 Sep 2023 12:03:53 GMT
invocation.min.css
ad.vidverto.io/vidverto/ 		3 KB
999 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
HTTP/1.1
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Nov 2020 16:53:37 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"5fac1711-a0a"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
sync
ad.vidverto.io/delivery/v2/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D9fe47168-debf-4cf1-bc31-b3e8292fd01c%26p_id%3D23
  • https://ad.vidverto.io/delivery/v2/sync?userid=9fe47168-debf-4cf1-bc31-b3e8292fd01c&p_id=23
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/sync?userid=9fe47168-debf-4cf1-bc31-b3e8292fd01c&p_id=23
Protocol
H2
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:53 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.vidverto.io/delivery/v2/sync?userid=9fe47168-debf-4cf1-bc31-b3e8292fd01c&p_id=23
date
Fri, 01 Sep 2023 11:03:53 GMT
cache-control
no-store no-transform
server
nginx
content-length
161
content-type
text/html; charset=utf-8
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • http://x.bidswitch.net/sync?ssp=prodoohmox&user_id=9fe47168-debf-4cf1-bc31-b3e8292fd01c&gdpr=0&gdpr_consent=
  • http://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=9fe47168-debf-4cf1-bc31-b3e8292fd01c&gdpr=0&gdpr_consent=
43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=9fe47168-debf-4cf1-bc31-b3e8292fd01c&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
3.126.69.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-69-45.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
http://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=9fe47168-debf-4cf1-bc31-b3e8292fd01c&gdpr=0&gdpr_consent=
Date
Fri, 01 Sep 2023 11:03:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
favicon-16px.png
ad.vidverto.io/images/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ad.vidverto.io/images/favicon-16px.png
Protocol
HTTP/1.1
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:53 GMT
Last-Modified
Wed, 10 Jun 2020 14:52:51 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5ee0f3c3-384"
Content-Type
image/png
Cache-Control
max-age=604800, public, max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
900
Expires
Fri, 08 Sep 2023 11:03:53 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8366
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 11:03:53 GMT
expires
Fri, 01 Sep 2023 11:03:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 11:03:53 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F095 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 04:27:51 GMT
x-content-type-options
nosniff
server
cafe
age
23762
etag
9421415325968714010
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2737
x-xss-protection
0
expires
Sat, 02 Sep 2023 04:27:51 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F095 		344 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 12:49:12 GMT
x-content-type-options
nosniff
server
cafe
age
80081
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 01 Sep 2023 12:49:12 GMT
ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B2D1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 04:27:51 GMT
x-content-type-options
nosniff
server
cafe
age
23762
etag
9421415325968714010
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2737
x-xss-protection
0
expires
Sat, 02 Sep 2023 04:27:51 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B2D1 		344 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 12:49:12 GMT
x-content-type-options
nosniff
server
cafe
age
80081
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 01 Sep 2023 12:49:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4173 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 11:03:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6AFA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstW88qef_oimU9EpBYn8lAkZVWyIS7n14dQPXJFGW-WrgoW97Grrn-t-L3DUCVT4IU31FjZQI8Gl3Zo9mi6-F10WDWkbXM9xcVpplWROpcb7KcRl69yfsqeG2ucnw3H0c83-fO_gizMmpKtCgN7piw-QlyzmGsZZZmx4ha40oIx6eQodlBuZAlle2EIrtsifu5ZgR_PitXXhETrXFLN2fEtAm-0zqqxhoAe5bkwAgcn49L8DY32YZS9z6ARwcB3u6czpxI1_N9UMAkwGKUIh0gOVwsyNHokciwWM4Xd178clyz3sLLO5zTxmf5PjV-C6siyWMFZ3mAesL0SJRUGoAjFa_YkjA&sai=AMfl-YTKN-cIV5uQT4OHQOACK52KIBg5j_tDvfYPAiraZPKrhs1bwk_7icQHbKl4aUfm8uUgoeavRXcfY_Ph4KxerenCiT7_BgmiaVmaeXGY3GrIP5Wk8qrcWzfKvjr1vEY&sig=Cg0ArKJSzCYeFzRI4tnCEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 4173 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83fba236a8ccbeec9a261065fb1242c44017219cc2df249fc04b3ad582f33c3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
14763004658117789537
tpc.googlesyndication.com/simgad/6982510357446163996/ Frame B301 		1017 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6982510357446163996/14763004658117789537?w=100&h=100
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69029c3283440683ca2cc052d3aa9fe1b92af5dd0593921f2ed02c79ea3d06d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:19:42 GMT
x-content-type-options
nosniff
age
74651
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1017
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 15:29:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 30 Aug 2024 14:19:42 GMT
truncated
/ Frame B301 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml
csi
csi.gstatic.com/ Frame B301 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=1~lm0hlx1l&c=6207152677963&slotId=3103576338981.5&qqid=CITp4-yhiYEDFb1YHQkdmaYNog&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1&ua_e=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/ee251732ce1223ff2922bd9f5a6f375b.js?tag=video_mra/web_raspberry_ms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tlv04s04-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/13540830476020244721/ Frame B301 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13540830476020244721/14763004658117789537
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a466aefe7e6de99952b112882fc5fe203612ece52a9dceee05b1b6fdba402138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 05:06:21 GMT
x-content-type-options
nosniff
age
539852
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146662
x-xss-protection
0
last-modified
Fri, 09 Jun 2023 13:47:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 25 Aug 2024 05:06:21 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7EBF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuD7k-aCgJdPgDdS0kWHDdg3sDG3tLeWJcPoxvvPm5bac4HGIWw6H_ZEs0vyuZTf9gfbXPwTlmXg6_VQmuI653iP8VcAeA3hexm9I2h-OXTGwwkBHUU7YFi5QERRkhrQq072Omf_nSau190AqQhfaLv9qL5G5aURqtHY4lyuTzP9SXTfGDq69yOnmnY_nczY1GzJWsPcjgXJ4e9itO4AYBlH7xj2YPmprN0l2TV6zyjWSwakqNj4z1BSRuaW_DA4iBQc5gij7vmy8fGLOWH_AWSAoxNkegpRNNwfytlJ6gylHKSoaRJleUDs4V4gwHN0vPFncUceMiVTJg0IfHgrYWsgSzv8Q1LY6hXvBeuTS7M&sai=AMfl-YQGEO0fekUDfoteg9h6wuhIqgEDLWZizvI46ypJkid5kjYxrOOttQekpthDm54HDv1g8sYD3Q1XjzjMP90j99DhhYu1FtDh4AW_OkRaml-k1qri-5Wkg9Sg_paSN7zyGpO6rT_C-rBqztmBd1g&sig=Cg0ArKJSzMb6ZjL6io7GEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Sep 2023 11:03:53 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/156400/10561/ Frame 7EBF 		230 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.pubmatic.com/AdServer/js/pwt/156400/10561/pwt.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/1.8.0/pav2.min.js
Protocol
HTTP/1.1
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
99c786e0c70e18caa4eab34d207fefb33c91a8fed0ee81569a60d7bb19936267

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Jun 2023 08:32:58 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=147939
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
77899
Expires
Sun, 03 Sep 2023 04:09:32 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5D06 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulqvt4K6CmfRDe6XCZlm0vGlDmnBZ4xyFH3UlfcFKd5QToe7qIb_P6wRDEoWEowOrOfnrvaPP-S0SPPShVMNfaoddsayG1Jap_Dtpprcjqsp8rMS6ML45KY1s9DydjmN6HTHwI2H9hF1A1YyeUlDMhh0fQa_NZ9o-SXCJaQheXxSP7kC5FH6JzjRoRfuPNeSr_6057FJPzvDr0rVVmipcf2AA1blz-VaspHRclTs2-mbpUeZqV_hf76VuilfMZwaOLDDKuQRXwVcYircJTQ95vY50R5JGL42cYZ0QXdifnNfTVfKP3HXcOTYwEUB67IROSbeznpSsz9NQIRq_UNSuOhO0U0qA&sai=AMfl-YSGv5CqKwaI12KOnFBuZ9vdTxWdLJUzgrhhOYOUPZce2rawMyg_ltkErfvV_RzLRYIGjg0enqYZH1mmMnfqPlDrDnCimHlaATU9q_D5Y6rL2C3EsAJ2GQa9QgUKSqzdvzzmKvvzUvCR8LqOnVY&sig=Cg0ArKJSzOoGM53Ke0O7EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Sep 2023 11:03:53 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/156400/10561/ Frame 5D06 		230 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.pubmatic.com/AdServer/js/pwt/156400/10561/pwt.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/1.8.0/pav2.min.js
Protocol
HTTP/1.1
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
99c786e0c70e18caa4eab34d207fefb33c91a8fed0ee81569a60d7bb19936267

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Jun 2023 08:32:58 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=147461
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
77899
Expires
Sun, 03 Sep 2023 04:01:34 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D60D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CIBUsFsXxZL6BOL2x9fgPmc22kAqo8YDZcpX7n73XEWQQASCG6OV1YJX68IGMB6AB467IyAPIAQmpAlMHVOaOMbI-4AIAqAMByAMKqgSlAk_Q2fVTpsMOh5c0Gr3xhkEfPKuCmL21cZ-DNmIWaugx0wHtHHDdU5QkMjB9_jduLnTUvR9Gcpd0o0E7QS5SFoOiowFuQIQvBKvPqbmfN8ZtC08WYPf_usBfBST5O8r2cSJCAFb47R5d5c2Buk1REpW4S4c7bCw1jZFkXjuKKC8ssHb75rTgqMWAC9iGVi3oB9cwH0uypg8jOg4p_dQ6VLpKbY_36q178JnQy18brhTwzcDkwNimg5t0gmhHB7k8RbwBJdgto_H98v0Yh92HBPmejdUR-Fy7pnwC6B2oHGdmrFskWfUHg5W6_tBQRp48FnXDcLN5eg_k0dMsW8aGnZNoR6JckEGeCkKacfoSXxAuUtVkWsfoqFguLWxvPt5p2JoBwr-HwATMupyDtwTgBAGIBZejj_JLkgUECAQYAZIFBAgFGASgBi6AB4XRtzeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCGlS3SCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgk7aHR0cHM6Ly93d3cuZHNhdXRvbW9iaWxlcy5kZS9tb2RlbGxlL2RzNy5odG1sP2djbHNyYz1hdy5kcyaACgHICwHYEwvQFQGYFgGAFwGyFx4KHAgAEhRwdWItODc0NTU5Mzk0NTYwODIwMhiE_3Q&sigh=heHrBkfpJU8&uach_m=[]&ase=2&cid=CAQSSwBpAlJWRfv4jp58gJzl33VHF_B3qGGiist0X2AnFmsCUqxGUDKNenjzw_F0wFik7mDyPNQe0lmltuNbjW6J0bSgbZoTMS4u9M_lEhgB&template_id=5000&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
videoplayback
rr2---sn-5hne6nzs.googlevideo.com/ Frame B301 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://rr2---sn-5hne6nzs.googlevideo.com/videoplayback?expire=1693595032&ei=GMXxZNvoBvT3mLAP79ahwAI&ip=2a03:1b20:b:f011::4e&id=e1b2848961c32ef1&itag=18&source=youtube&requiressl=yes&mh=ei&mm=31&mn=sn-5hne6nzs&ms=au&mv=m&mvi=2&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=30.890&lmt=1690830393159610&mt=1693565609&txp=5310224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgb8HNi8-gr2tWLYDhg3RO0vFnBaRpU_FyPygFvrFR9v8CIQCaO5rxt_F3T5ZOtZwNIsoPdOH_DAtca0G6G_DBz_FSTg==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAL_GIW2rZ6_K03m5wxXclLNrMOR9LoMBXdbJoTv6ADwLAiEAqfk2H91xHuiZ5LkOkMCy6CKRcy2zBT8Vg1AZ6fik1Gk=&cpn=z0QGQTzqAaZyANZT
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:9::7 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
550ad922eea4d88edba9accf2fa1894bea60700886b0624fdab2a0878fe0e53f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 01 Sep 2023 11:03:53 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 31 Jul 2023 19:06:33 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-2356743/2356744
Cache-Control
private, max-age=28499
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
2356744
Expires
Fri, 01 Sep 2023 11:03:53 GMT
truncated
/ Frame B301 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
276a90d4688286da71921232e432b536470de98ba26fc983228c63e28e1a25f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6AFA 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29d33e14740b67ee796b86ecdab930b6caf379fe9ddc74667318f21fc6fdf925

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame F095 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CoQYfFsXxZPqNOL2x9fgPmc22kArIlJ7NcKCpk9XHEGQQASCG6OV1YJX68IGMB6AB4-SdtwPIAQmpAsJYuDXc_bI-4AIAqAMByAMKqgSbAk_QMImpuGOufFYUaDsDsKSvP5Kvkjo4ws90hF89zpzMwSipkpjEKhCUZENyN3fAgbmxsh1XHRQuXvLXG4_R1M2E3CU6zywGt99cJPH1nf6mEPYAX_hAbKyFb9DRZPnqZyOBzhI7OxD6EFrogP5ZgCeoshwhwoYR4sJKsMURjWUGvlNHjQYataMAcAkYKz2fMZN2VAIgSSJruleeiKv7mxPXGWwrSFzrrAIVG1zHxSHHYLvxnILv_dCYgX27YUalQN0ggmbURFBums309cRsTi8PBsq91v06b9GBLQgmq9LZdch6zMy6LLYXe1HJlQjtuVlC6CxUYFaDc_s76NQc_EW-zjdTpCndbD8HMFbrIyrUw2Mtjk571nekP7rABNvjrP66AuAEAYgF7pG1nh6SBQQIBBgBkgUECAUYBKAGLoAHhZviSKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOCAAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCWtodHRwczovL2NvZGU0MS5jb20vZGUvbHBnL3N0YW5kYXJkL2NvZGU0MS10aGUtd2F0Y2htYWtlci1icmVha2luZy1hbGwtb2YtdGhlLXJlY29yZHMvP3V0bV90ZXJtPW1peF9yZWtvcmQwN4AKAcgLAdgTDIgUBNAVAZgWAYAXAbIXHgocCAASFHB1Yi04NzQ1NTkzOTQ1NjA4MjAyGIT_dA&sigh=fmZHAQZxWA4&uach_m=[]&ase=2&cid=CAQSSwBpAlJWRfv4jp58gJzl33VHF_B3qGGiist0X2AnFmsCUqxGUDKNenjzw_F0wFik7mDyPNQe0lmltuNbjW6J0bSgbZoTMS4u9M_lEhgB&template_id=5000&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame B2D1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CjTCcFsXxZN-TOL2x9fgPmc22kArIlJ7NcJW0ubK7EWQQASCG6OV1YJX68IGMB6AB4-SdtwPIAQmpAsJYuDXc_bI-4AIAqAMByAMKqgSbAk_QuPXwRIJtJ-HvmT7jWfdjiQP5gJYhFWX3z6YFN9gUdPnDdM00PFUe4_9lnGTHXV786Nk-gLiEMkGQRGUNO5aMODiTMw97d3UrAs_odZZ7Ty3TGUGJZ4gTlOcO2vMM8G6Qt_p4pvqzId7Bpnb6Mtsn44vMppFdvfpCd4Zq9NZJH0JpNJb8uXQ4tSm3MtvFZ57w2vLkADjfnNwHn0iNQB21oygSB257kyMairM0NuNVmNQdE_agaLps4gfGBiNqrBS6rsS_oFKm3Kv4aNlHjP_wmjYjU5Yw1N39ok7yocfZnWOcODPHoj94ubx2nKV4AfWSiJOrsr-RxikXm046yEx7PNHAXf8HdlwBBjnWW-LWQF5xm3DhTGZiguXABNvjrP66AuAEAYgF7pG1nh6SBQQIBBgBkgUECAUYBKAGLoAHhZviSKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEMN-0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJb2h0dHBzOi8vY29kZTQxLmNvbS9kZS9scGcvc3RhbmRhcmQvY29kZTQxLXRoZS13YXRjaG1ha2VyLWJyZWFraW5nLWFsbC1vZi10aGUtcmVjb3Jkcy8_dXRtX3Rlcm09cmVrb3JkX2NvbW11bml0eYAKAcgLAdgTDIgUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi04NzQ1NTkzOTQ1NjA4MjAyGIT_dA&sigh=O3XdayDN_Pg&uach_m=[]&ase=2&cid=CAQSSwBpAlJWRfv4jp58gJzl33VHF_B3qGGiist0X2AnFmsCUqxGUDKNenjzw_F0wFik7mDyPNQe0lmltuNbjW6J0bSgbZoTMS4u9M_lEhgB&template_id=5000&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C8as3FsXxZISGOL2x9fgPmc22kAq04sybcrry_c33EWQQASCG6OV1YJX68IGMB6ABwJTOhAPIAQmpAlMHVOaOMbI-4AIAqAMByAMKqgSYAk_QGyeoGe5OkAmxeoHEOG7kmGOxJKlzi86bQaKZ9NWqLtO5oXEieJpfM0H44Jf56KGiFKixRZ9Wa2ZCxLIDT_v5wEhWLTGytzTS9V4srp3J2WxUWYrEm0IvHL92yEOe5PalPJgf4JVVYJLxS1r8US6DCukZuFRxYex8W2YYqzIJX8VxM0EgXiKY-QEQHVJYFRgFhOlKHI2czyirWTQ-CMgRyVGxAaD-9CGXfjMSBANATjSgbsPwY4BhSXqr3xfXVjfrRiEY9EtyudGydxIWpkbnwel6eZJ3IqYSGwTX6jiMN8XgVA1QppTvbamZsxUG6f7uuiVB7Mdvot2nsIW3Z07lTdPz5pdrm0Y5b6JhdAjJ92s6f5v13ETABLT1_vrQBOAEAYgFmZep1kuSBQQIBBgBkgUECAUYBKAGLoAHrff_bKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKb6AtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCXVodHRwczovL3d3dy5rcmVzcy5jb20vZGUtZGUvbGFuZGluZy8wMS1lcmZhaHJlbi1zaWUtZ2VuYXVpZ2tlaXQtaW0temVudGltZXRlcmJlcmVpY2gtb2huZS1rYWJlbC1hbnRlbm5lbi1vZGVyLXNlbmRlci-ACgHICwG4E5wb2BMM0BUBgBcBshceChwIABIUcHViLTg3NDU1OTM5NDU2MDgyMDIYhP90&sigh=jIvP3X7u97s&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJWRfv4jp58gJzl33VHF_B3qGGiist0X2AnFmsCUqxGUDKNenjzw_F0wFik7mDyPNQe0lmltuNbjW6J0bSgbZoTMS4u9M_lEhgB&template_id=3484&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 01 Sep 2023 11:03:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame B301
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=C8as3FsXxZISGOL2x9fgPmc22kAq04sybcrry_c33EWQQASCG6OV1YJX68IGMB6ABwJTOhAPIAQmpAlMHVOaOMbI-4AIAqAMByAMKqgSYAk_QGyeoGe5OkAmxeoHEOG7kmGOxJKlzi86b...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225334383172039070273%22,%22debug_reporting%22:true,%22destination%22:%22https://kress.com%22,%22event_report_window%22:%222...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225334383172039070273%22,%22debug_reporting%22:true,%22destination%22:%22https://kress.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22814975552%22],%224%22:[%2209-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216432495493335749249%22}&andc=true
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:54 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"5334383172039070273","debug_reporting":true,"destination":"https://kress.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["814975552"],"4":["09-01"],"6":["true"]},"priority":"500","source_event_id":"16432495493335749249"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Sep 2023 11:03:54 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Sep 2023 11:03:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5334383172039070273","debug_reporting":true,"destination":"https://kress.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["814975552"],"4":["09-01"],"6":["true"]},"priority":"500","source_event_id":"16432495493335749249"}&andc=true
access-control-allow-origin
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usync.html
eus.rubiconproject.com/ Frame 2FC8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Sep 2023 11:03:54 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 01 Sep 2023 11:03:54 GMT
location
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
server
AkamaiGHost
sas-banner-1.3.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame CA8A 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.3.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:ca80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2a5afecad07cf11eca1a3d4c62f41e2a0dee5434f9ada75b51548eab249cbc8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Aug 2023 11:04:50 GMT
Server
AkamaiNetStorage
ETag
"092e680b22fc11d4fc0d1a6a15ded9da:1693309058.057092"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12684
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwww.lebanonfiles.com%2F&domain=www.lebanonfiles.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 01 Sep 2023 11:03:54 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
221455
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame 7EBF 		2 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwww.lebanonfiles.com%2F&domain=www.lebanonfiles.com&cw=1&lsw=1
Requested by
Host: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/pwt/156400/10561/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
236593
expires
0
prebid
id5-sync.com/api/config/ Frame 7EBF 		134 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/pwt/156400/10561/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
5f0b0fc6c27b851bbf9847e0f0892cb4747a23ba81a275ffc3775767e414ae10
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Fri, 01 Sep 2023 11:03:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 7EBF 		0
0
id
id.crwdcntrl.net/ Frame 7EBF 		43 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/pwt/156400/10561/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.174.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-174-162.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache
x-server
10.45.12.142
access-control-allow-credentials
true
content-length
43
expires
0
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame 7EBF 		461 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/1.8.0/pav2.min.js
Protocol
HTTP/1.1
Server
2a02:26f0:3100::1735:2883 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
7f057babecc87f857745379d106f0555cb4fc3b946907d97c9f4f4be73b578c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:54 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ADPycduMKRhyFl1cVGbN_IPD7jYruz53eNDdisJDPO52UyhYyFNDs9Gv9CdgCNSrjCVg7mb7HZWoPh8YRzAeC8x6512DqvdlmYSv
x-amz-meta-version
100.3.0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
148361
Last-Modified
Wed, 05 Apr 2023 11:13:49 GMT
Server
UploadServer
ETag
"51a6d662613cd0e83af4437fd97ba690"
Vary
Accept-Encoding
x-goog-generation
1680693229408865
Content-Type
application/javascript
x-goog-hash
crc32c=USVG7Q==, md5=UabWYmE80Og69EN/2XumkA==
Cache-Control
private, max-age=86400
x-goog-stored-content-length
148361
x-amz-checksum-crc32c
USVG7Q==
Accept-Ranges
bytes
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwww.lebanonfiles.com%2F&domain=www.lebanonfiles.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 01 Sep 2023 11:03:54 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
565097
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame 5D06 		2 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwww.lebanonfiles.com%2F&domain=www.lebanonfiles.com&cw=1&lsw=1
Requested by
Host: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/pwt/156400/10561/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
242714
expires
0
prebid
id5-sync.com/api/config/ Frame 5D06 		134 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/pwt/156400/10561/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
5f0b0fc6c27b851bbf9847e0f0892cb4747a23ba81a275ffc3775767e414ae10
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Fri, 01 Sep 2023 11:03:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 5D06 		43 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/pwt/156400/10561/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.174.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-174-162.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache
x-server
10.45.5.169
access-control-allow-credentials
true
content-length
43
expires
0
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame 5D06 		461 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/1.8.0/pav2.min.js
Protocol
HTTP/1.1
Server
2a02:26f0:3100::1735:2883 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
7f057babecc87f857745379d106f0555cb4fc3b946907d97c9f4f4be73b578c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:54 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ADPycduMKRhyFl1cVGbN_IPD7jYruz53eNDdisJDPO52UyhYyFNDs9Gv9CdgCNSrjCVg7mb7HZWoPh8YRzAeC8x6512DqvdlmYSv
x-amz-meta-version
100.3.0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
148361
Last-Modified
Wed, 05 Apr 2023 11:13:49 GMT
Server
UploadServer
ETag
"51a6d662613cd0e83af4437fd97ba690"
Vary
Accept-Encoding
x-goog-generation
1680693229408865
Content-Type
application/javascript
x-goog-hash
crc32c=USVG7Q==, md5=UabWYmE80Og69EN/2XumkA==
Cache-Control
private, max-age=86400
x-goog-stored-content-length
148361
x-amz-checksum-crc32c
USVG7Q==
Accept-Ranges
bytes
/
www.googleadservices.com/pagead/ar-adview/ Frame 4173
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CZCPbFsXxZKL-N72x9fgPmc22kAqf4p3xcYqMte_xEfHJ_d8FEAEghujldWCV-vCBjAegAazLpuQDyAEJ4AIAqAMByANIqgScAk_QR4OZKezkzPXhA0OzLh5dkf7UZUKN23vCRfXx8QtI...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211802940213948539546%22,%22debug_reporting%22:true,%22destination%22:%22https://sailpoint.com%22,%22event_report_window%22...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211802940213948539546%22,%22debug_reporting%22:true,%22destination%22:%22https://sailpoint.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221015653804%22],%224%22:[%2209-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221090560908628259025%22}&andc=true
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:54 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"11802940213948539546","debug_reporting":true,"destination":"https://sailpoint.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1015653804"],"4":["09-01"],"6":["true"]},"priority":"500","source_event_id":"1090560908628259025"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Sep 2023 11:03:54 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Sep 2023 11:03:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11802940213948539546","debug_reporting":true,"destination":"https://sailpoint.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1015653804"],"4":["09-01"],"6":["true"]},"priority":"500","source_event_id":"1090560908628259025"}&andc=true
access-control-allow-origin
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZCPbFsXxZKL-N72x9fgPmc22kAqf4p3xcYqMte_xEfHJ_d8FEAEghujldWCV-vCBjAegAazLpuQDyAEJ4AIAqAMByANIqgScAk_QR4OZKezkzPXhA0OzLh5dkf7UZUKN23vCRfXx8QtIw861qNEqxzHAM5kOeIfY7D_ukgzsDrA4K6meguUSgITHha8TqMPEBXxoaWGBgL28UT3LST1wLjheZUctVfT4Rc9WLR5udMcrqi6UuIXw_prANIbzIrKzDSMD5tadXKlznmzY6rva-JYgYWx891VC9fcSFnKn5ltEwOnShYu8Mc7OtHqVftnxvKvzanDvm9iUaYTdyxEwzcaHnXtsf4fYN7w-CbDxz_fDSPcwnsvziozufMEU5AfGb6_RlsxDftt8DD9_Ciq-zx0D6R0ILtddAvbikv2lJtuNaXWdZjHsXPzsQCqoJ-V2mCbMQDDWAjy9v22gPdBqqVJr-e2ewATwlK62yATgBAGIBfvE_PBLkgUECAQYAZIFBAgFGASgBi6AB7y02RuoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDtyAPSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgmZAWh0dHBzOi8vd3d3LnNhaWxwb2ludC5jb20vZGUvaWRlbnRpdHktc2VjdXJpdHktbWF0dXJpdHkvP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY29udGVudD1lbWVhLXRvZnUtYWxsLXF1aXotZGUtbWEmdXRtX2lkPTcwMTJKMDAwMDAxRmNsWIAKAcgLAdgTCtAVAYAXAbIXHgocCAASFHB1Yi04NzQ1NTkzOTQ1NjA4MjAyGIT_dA&sigh=oqoHym4WlNM&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJWRfv4jp58gJzl33VHF_B3qGGiist0X2AnFmsCUqxGUDKNenjzw_F0wFik7mDyPNQe0lmltuNbjW6J0bSgbZoTMS4u9M_lEhgB&template_id=419&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 01 Sep 2023 11:03:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
prebid-request
onetag-sys.com/ 		15 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame B301 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 05:14:28 GMT
x-content-type-options
nosniff
age
193766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Aug 2024 05:14:28 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225334383172039070273%22,%22debug_reporting%22:true,%22destination%22:%22https://kress.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22814975552%22],%224%22:[%2209-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216432495493335749249%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 01 Sep 2023 11:03:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 2FC8 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ee89a843e6bb6f32bb96b6eb1b7c64bd83a21a339a47b0732b4f286120ee8115

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Sep 2023 08:41:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=77825
Connection
keep-alive
Content-Length
10122
Expires
Sat, 02 Sep 2023 08:40:59 GMT
y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
pagead2.googlesyndication.com/bg/ Frame B6F8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
246309
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14793
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Aug 2024 14:38:45 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame 7EBF 		33 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/pwt/156400/10561/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
26b355e51d20833eee32de8ae5afbf7012eefc45ae834736ee548d41bed87226
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Fri, 01 Sep 2023 11:03:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lb.eu-1-id5-sync.com/lb/ Frame 5D06 		33 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/pwt/156400/10561/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
7ca3f47554f3cb82f337b0121cd649968e065f349162b635fbfb4088e9cf4877
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Fri, 01 Sep 2023 11:03:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
st.min.html
apps.sascdn.com/rtb/transparency/handler/ Frame E931 		531 B
881 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%2254235b7d-4e44-4fbb-80f1-82730afe910a%22%2c%22adomain%22%3a%22etoro.com%22%2c%22page%22%3a%221728294%22%2c%22format%22%3a%2289191%22%2c%22crid%22%3a%22475426577%22%2c%22dsp%22%3a%2276%22%2c%22buyer%22%3a%22183960%22%2c%22cid%22%3a%2217538752370%22%2c%22adid%22%3a%22475426577%22%2c%22hash%22%3a%22-550614471000202510%22%7d
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:e::210:f104 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
531
Content-Type
text/html
Date
Fri, 01 Sep 2023 11:03:54 GMT
ETag
"cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires
Sat, 02 Sep 2023 11:03:54 GMT
Last-Modified
Thu, 18 Feb 2021 14:12:04 GMT
Server
AkamaiNetStorage
pixel
googleads.g.doubleclick.net/xbbe/ Frame B621 		281 B
124 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhiR3tniATAB&v=APEucNW7T7wCj1kcUrwgfu7AF_bNXOk_-DUh1Fdz-HI7pzvZhnxbLGytxIzw8QOJ5y4MSpKUclS31WWrHqmixPHgP91vAxdsc9M3SJBxKPxRtVieByDoHN4
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
104
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 11:03:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame EAA2 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 01 Sep 2023 11:03:54 GMT
aip
euw1.smartadserver.com/h/ Frame EAA2 		43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://euw1.smartadserver.com/h/aip?uii=8026133378230400097&tmstp=9404838592&ckid=7880629492407760853&systgt=%24qc%3d1311347762%3b%24ql%3dUnknown%3b%24qt%3d144_0_0t%3b%24dma%3d0%3b%24b%3d16999%3b%24o%3d11100%3b%24wpc%3d5387%3b%24wpc%3d1335%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d7823%3b%24wpc%3d6358%3b%24wpc%3d1264%3b%24wpc%3d12050%3b%24wpc%3d11709%3b%24wpc%3d6393%3b%24wpc%3d1263%3b%24wpc%3d6356%3b%24wpc%3d1850%3b%24wpc%3d6330%3b%24wpc%3d1269%3b%24wpc%3d11737%3b%24wpc%3d6360%3b%24wpc%3d12076%3b%24wpc%3d6266%3b%24wpc%3d1262%3b%24wpc%3d1865%3b%24wpc%3d6278%3b%24wpc%3d11748%3b%24wpc%3d11652%3b%24wpc%3d1863%3b%24wpc%3d5245%3b%24wpc%3d7514%3b%24wpc%3d7515%3b%24wpc%3d7516%3b%24wpc%3d7517%3b%24wpc%3d7518%3b%24wpc%3d7519%3b%24wpc%3d7520%3b%24wpc%3d6159%3b%24wpc%3d6163%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5807%3b%24wpc%3d5809%3b%24wpc%3d5810%3b%24wpc%3d6190%3b%24wpc%3d6192%3b%24wpc%3d6195%3b%24wpc%3d6197%3b%24wpc%3d6198%3b%24wpc%3d6201%3b%24wpc%3d6202%3b%24wpc%3d6205%3b%24wpc%3d6207%3b%24wpc%3d6209%3b%24wpc%3d6211%3b%24wpc%3d6213%3b%24wpc%3d6214%3b%24wpc%3d6235%3b%24wpc%3d6237%3b%24wpc%3d6239%3b%24wpc%3d6241%3b%24wpc%3d6243%3b%24wpc%3d6244%3b%24wpc%3d6247%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5973%3b%24wpc%3d12554%3b%24wpc%3d12515%3b%24wpc%3d4082%3b%24wpc%3d3955%3b%24wpc%3d4083%3b%24wpc%3d4236%3b%24wpc%3d4238%3b%24wpc%3d19246%3b%24wpc%3d4838%3b%24wpc%3d4822%3b%24wpc%3d20128%3b%24wpc%3d20135%3b%24wpc%3d18360%3b%24wpc%3d18676%3b%24wpc%3d18955%3b%24wpc%3d23899%3b%24wpc%3d23900%3b%24wpc%3d23901%3b%24wpc%3d24078%3b%24wpc%3d25388%3b%24wpc%3d29624&acd=1693566231432&envtype=0&opid=9b77a40c-6784-4362-92fb-1828d524de24&opdt=1693566231432&siteid=569660&tgt=%24dt%3d1t&gdpr=0&visit=S&statid=3&imptype=0&intgtype=3&pgDomain=http%3a%2f%2fwww.lebanonfiles.com%2f&cappid=7880629492407760853&capp=0&mcrdbt=1&insid=11456041&imgid=0&pgid=1728294&fmtid=89191&isLazy=0&rtb=1&rtbnid=2079&rtbbid=7696366872200749585&rtbh=544086c9ff3a44ab12ff9c965a5829b04f5bd5e8&rtblt=638291630314350816&rtbet=0&rtbptnid=76&cftgid=0959dea12485
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:53 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
gen_204
pagead2.googlesyndication.com/pagead/ Frame EAA2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BLbSso4UfOq-0TEiJgtOA7ntaUYBNTgHR7hcdfJJ7Cs8JBS0ol5ZINKBrkS3RE4VB3ajRgJKRCO6nEN6Q8s7QM5o30CiQfO8bLha-m-d6bAG_OwRU
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EAA2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11994052974245542444&x=60&ct=76
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
action
www8.smartadserver.com/track/ Frame CA8A 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www8.smartadserver.com/track/action?sid=1693566233978&pid=1728294&iid=11456041&fmtid=89191&cid=0&key=impressionOnRender&rtb=1&rtbbid=7696366872200749585&rtbet=0&rtblt=638291630314350816&rtbnid=2079&rtbh=544086c9ff3a44ab12ff9c965a5829b04f5bd5e8&ts=1693566233978
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:53 GMT
transfer-encoding
chunked
content-type
image/gif
video_playlist.js
ad.vidverto.io/vidverto/player/ui/js/ 		111 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1653047028
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:54 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 08:21:47 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdf69b-1bc07"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 01 Sep 2023 12:03:54 GMT
video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:54 GMT
content-encoding
gzip
last-modified
Sun, 28 Feb 2021 22:32:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"603c1a08-f52f"
vary
Accept-Encoding
content-type
text/css
bridge3.587.0_en.html
imasdk.googleapis.com/js/core/ Frame EDDD 		720 KB
232 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ecda44a108d559f69ea5d0687a080fee360eb8ffd118aee7783edc269cd4c5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
314139
Cache-Control
public, max-age=31536000
Content-Encoding
gzip
Content-Length
236429
Content-Type
text/html
Cross-Origin-Opener-Policy
same-origin; report-to="ads-doubleclick-instream-static"
Cross-Origin-Resource-Policy
cross-origin
Date
Mon, 28 Aug 2023 19:48:15 GMT
Expires
Tue, 27 Aug 2024 19:48:15 GMT
Last-Modified
Mon, 28 Aug 2023 19:39:24 GMT
Report-To
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Server
sffe
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Sep 2023 11:03:54 GMT
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame BF6F 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 10:17:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2776
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 01 Sep 2023 11:17:38 GMT
video
ad.vidverto.io/delivery/rtb/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ad.vidverto.io/delivery/rtb/video?data=3LPVvWGiC%2F6YlmQshy1zj2BOkh0xG4cLkAhnx3%2BgdFdNdO8DkGlG01fgaZcKjMzuXcrOL80BRQUk%2FVyJVgvk1%2FTqGo447W99%2BlJ9qv4BOlP4%2FlAwi5MoiqZkV%2F5RByWd5cWoY9vzeaQ6W42jJplOyclJszS5uNs5Zh7DSnDKgSjtaz100utxlljHk13yYn4WB1LefytCbZhhwP6CJKId%2F5oPtuhWvhnxksEcS5tHTLRmGf6oANwistveqVZZ0Xt6Z0vMmJUWaGSwN89DGoWX7kPADPBl6YOcDtyD5l%2F2J6DvaEhQEFVjB8LzV3TRVOvzeA%2BwBIRotjZc3a6xbQn%2B%2FlLO5zKfNt5ZhBpPZe2DRwei2kJBE077SZdZrdrOQIa59vW35zMhpDQjRY%2BfZ9SZ4oz3%2BpvLzu3zN0wWCSZfjPqd%2BgxpEfYZuWLlIYLw2I%2Flt%2F3D%2FPX6Jpac1sj5ztAsVGIcajnXE%2FUrw6jsVTOO69zzF7gW8vFXdXDa5FXUCoDEgs6eqi4eL7E56im44WpIW8GSeSazQ4vY0ffhJ7sgnLG5cVC7BzTknKQK9GXAvJ2wFmjdRN1KlDra7LBGJfx5hQ%3D%3D
Protocol
HTTP/1.1
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
480_650.mp4
cdn.vidverto.io/secured2/uBaJGHmUzEbVGAG3Z3OFnQ:1693569833/1327/video/1823/ 		156 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/uBaJGHmUzEbVGAG3Z3OFnQ:1693569833/1327/video/1823/480_650.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.133 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-133.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
http://www.lebanonfiles.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 01 Sep 2023 11:03:54 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:18 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd46-84f288"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-8712839/8712840
Connection
keep-alive
Content-Length
8712840
wl
t.pubmatic.com/ Frame 7EBF 		17 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=156400
Requested by
Host: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/pwt/156400/10561/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
khaos.jpg
token.rubiconproject.com/ Frame 2FC8 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 7EBF 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230901
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9ea931ae179a9a41f8826287bf803ff573c6aea650579b57e481f88b41485e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 01 Sep 2023 11:03:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
25382
x-jsd-version
1.0.1799
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4561-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"63b-T4+d61p2dctZ+6ErDqpOkcAu7+M"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ET34WFOInPZGJsbTuNqcGUDneX0%2FeiuvXnAeXKzMtxEvz4Skv9LYEiP0ZgxOs926DFvnMqLaIIlOGpo7TAMVMPqpP8262wVUwBWlAICdaw2Iostk%2Ff2j%2BhxDfMFJauMdP7wfd6fiNCwDX5jUx60%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7ffd0785581d2671-TXL
min.js
cdn.kdaimo.com/projectagora-483829/ Frame 7EBF
Redirect Chain
  • http://cdn.kdaimo.com/projectagora-483829/min.js
  • https://cdn.kdaimo.com/projectagora-483829/min.js
3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.kdaimo.com/projectagora-483829/min.js
Protocol
H2
Server
52.222.214.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-35.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94e1ce5a00242c1352435871c46a8f36db344edf4d823234cdce4ccc5f40ca0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 31 Aug 2023 16:51:16 GMT
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
last-modified
Wed, 06 Apr 2022 01:00:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
65559
etag
"61e4dbcc663e6d945cd8b7db1c35a1e6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
2849
x-amz-cf-id
O51MjP4c3TWaAY3Ynx2_unlEi6oGOWXjUznOhSZPoaRH0DYTyMsNRQ==

Redirect headers

Date
Fri, 01 Sep 2023 11:03:54 GMT
Via
1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://cdn.kdaimo.com/projectagora-483829/min.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
y0YtR44_LSIhXIaytNFUXElKQOX2P1VXIvTKl3iinpiWiTobuiEejQ==
localstore.js
script.4dex.io/ Frame 7EBF 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94dc330d7ff3d82152b1ceaa92a712469c9eae969fa025972b1090bfcd9cfb3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:54 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Thu, 31 Aug 2023 12:44:55 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
79953
ETag
W/"f8af1a4095b4bc54b208ebf4d4dca750"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4RrsW%2FRYOjLTy%2FUUkneGzCz2kZYaDdLKdYTF3vRjMx9kQvb%2BbWKM8idfKaQngBL3e3WGbvmDVDKqC8RhmVfW0b6LxdecBC5QpN1BWOCyTRQTqrfVQAWO6DcqlEbzfi%2BVqEa5kpvb2FdovDz"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7ffd0785fcc09960-FRA
auction
tlx.3lift.com/header/ Frame 7EBF 		19 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.26.0&referrer=http%3A%2F%2Fwww.lebanonfiles.com%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.157.81.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-81-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory
x-auction-status
17
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 7EBF 		36 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=660898
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5894d404add881e136e4e885c3b1d11fc3f181273fb9b01908f8e98530556efb

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVodxy3ESiIPRh1ww9gTNAOF2vgppK5KKgPIll8GgRap63GkfXvIRArtZ%2Bjm7X2eGM07P6lwnXMmxb0ozmMiPF4MBaLQO%2F%2B62aCKpL0w0YAnob9Oi6WeriS0JOa7DQ3dWO5G1dH7"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ffd0785ca4aaca1-TXL
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
openrtb
adx.adform.net/adx/ Frame 7EBF 		0
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
arj
projectagora-d.openx.net/w/1.0/ Frame 7EBF 		73 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.lebanonfiles.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=02f97c16-838d-4188-bb77-313dc199a4d1&nocache=1693566234470&schain=1.0%2C0!projectagora.com%2C102200%2C1%2C%2C%2C&aus=970x90&divids=21105920_lebanonfiles.com_ros-3_970x90_1693566233498&aucs=&auid=543974601
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
45a1fece3b1fc6b50c940b65528a438de1440d08f9254809ec4028d3d507945e

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 7EBF 		137 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7b6ed5e6a8a844dc3ab71db2fe35a8e9945c61cdc2470d3811f8fe372b1dfe4a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
an-x-request-uuid
7ad52eb6-2cbf-483b-acb1-8ca267940826
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.248; 193.32.248.248; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
137
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 7EBF 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:53 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7EBF 		241 B
768 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=302206&zone_id=1987614&size_id=55&rp_schain=1.0,0!projectagora.com,102200,1,,,&rf=https%3A%2F%2Fwww.lebanonfiles.com%2F&tk_flint=pbjs_lite_v7.26.0&x_source.tid=02f97c16-838d-4188-bb77-313dc199a4d1&l_pb_bid_id=147cabe26df07be&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7046777938653435
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e4628dfdad8ca5961a5b3810deac59cf7144d015b8bf3718d8540a4594447a38

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
241
expires
Wed, 17 Sep 1975 21:32:10 GMT
ROS
pbjs.e-planning.net/pbjs/1/58d04/1/www.lebanonfiles.com/ Frame 7EBF 		1 KB
873 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/58d04/1/www.lebanonfiles.com/ROS?rnd=0.02579351590800627&e=21105920%3A970x90&ur=https%3A%2F%2Fwww.lebanonfiles.com%2F&pbv=7.26.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.lebanonfiles.com%2F
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b2180d4a59447bea00847f9155a7950240291940000ac1ddd7da2477148bd656

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

expires
Fri, 01 Sep 2023 11:03:54 GMT
date
Fri, 01 Sep 2023 11:03:54 GMT
content-encoding
gzip
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
http://www.lebanonfiles.com
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
x-sid
AMS-929
prebid
mp.4dex.io/ Frame 7EBF 		60 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7ffd07860ccfca70-HAM
expires
0
v1
btlr.sharethrough.com/universal/ Frame 7EBF 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.118.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-118-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Fri, 01 Sep 2023 11:03:54 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 5D06 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230901
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9ea931ae179a9a41f8826287bf803ff573c6aea650579b57e481f88b41485e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 01 Sep 2023 11:03:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
25382
x-jsd-version
1.0.1799
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4561-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"63b-T4+d61p2dctZ+6ErDqpOkcAu7+M"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbQgHKdJnvLzxMhl6B9ES81q1Pi46sAnUlrcIourhBw%2FrVSJaY3kWZa0iJaFBjocR%2Bt64SIymFmPMTfs3bStUC5Rk6O%2FuyC1Jmd7YmsV5FXwFwdf3y1F20z%2FZuaqpAfDGcnu6EXw5enm8j9%2FiOs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7ffd0785aa81cab9-HAM
min.js
cdn.kdaimo.com/projectagora-483829/ Frame 5D06
Redirect Chain
  • http://cdn.kdaimo.com/projectagora-483829/min.js
  • https://cdn.kdaimo.com/projectagora-483829/min.js
3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.kdaimo.com/projectagora-483829/min.js
Protocol
H2
Server
52.222.214.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-35.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94e1ce5a00242c1352435871c46a8f36db344edf4d823234cdce4ccc5f40ca0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 31 Aug 2023 16:51:16 GMT
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
last-modified
Wed, 06 Apr 2022 01:00:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
65559
etag
"61e4dbcc663e6d945cd8b7db1c35a1e6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
2849
x-amz-cf-id
cQF9-wIVp2QXuCTWeurZ8zSmsVLi2ZVmdv5ABn1vrVY15nFjSmo14w==

Redirect headers

Date
Fri, 01 Sep 2023 11:03:54 GMT
Via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://cdn.kdaimo.com/projectagora-483829/min.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
0Pm7sZzFA7vDwRWtYxt17JWw3_uO1X8ayFTt5VgGYosDX8EY28vVUw==
localstore.js
script.4dex.io/ Frame 5D06 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94dc330d7ff3d82152b1ceaa92a712469c9eae969fa025972b1090bfcd9cfb3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:54 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Thu, 31 Aug 2023 12:44:55 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
79953
ETag
W/"f8af1a4095b4bc54b208ebf4d4dca750"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B21lNrNVEIYM7b2mvliv%2FODCrNeggPXMPbgGkr5hkfOC%2FOz%2BM1fB4s6bEW7e4WYmGqkiJD9DMWbtMXJLR4GkrngcTDYgPgEe9sQvJHdsYDFc%2Bsm%2FHFtHf1uAW3y94596U%2B%2BShQ%2FFIo6jI8%2Bz"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7ffd078619bd39ee-FRA
pbjs
htlb.casalemedia.com/openrtb/ Frame 5D06 		36 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=660920
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acb3fc3255a86bf16a940304f66f743c367cc01d3b6d6a28a0c4faa80c605930

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbzzizMpGiN%2BcHpsDPPSUJmomgGPNWthK8oVA3C6vSxJZXcfIaZ9DPEqVVichmUuu9vqwdPu14xoE7AMbY79jty6dAfvjyoD3Xhdbv1dFvrALZdIZ42PMSYIBrElvKpbMAhn4TFB"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ffd0785ca4daca1-TXL
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
arj
projectagora-d.openx.net/w/1.0/ Frame 5D06 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.lebanonfiles.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=756f5fe9-9073-49f4-aa6d-c9bb6647226d&nocache=1693566234500&schain=1.0%2C0!projectagora.com%2C102200%2C1%2C%2C%2C&aus=300x250&divids=21105852_lebanonfiles.com_ros-2_300x250_1693566233508&aucs=&auid=543974610
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
98a627d81f9dca1e3fc11685c881c6543a8652834b4bd63c40d921a03dc671d2

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
btlr.sharethrough.com/universal/ Frame 5D06 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.118.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-118-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Fri, 01 Sep 2023 11:03:54 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/ Frame 5D06 		138 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ddda17da3e459d2b08ddbf187631e6a12c685e847697e4e41001e17fb00149c6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
an-x-request-uuid
f620f64e-c48d-46d1-9252-980cd9a02705
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.248; 193.32.248.248; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ Frame 5D06 		15 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
v1
prg.smartadserver.com/prebid/ Frame 5D06 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
auction
tlx.3lift.com/header/ Frame 5D06 		19 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.26.0&referrer=http%3A%2F%2Fwww.lebanonfiles.com%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.157.81.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-81-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
accept-ch
sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent
x-auction-status
17
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5D06 		241 B
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=302206&zone_id=1987606&size_id=15&rp_schain=1.0,0!projectagora.com,102200,1,,,&rf=https%3A%2F%2Fwww.lebanonfiles.com%2F&tk_flint=pbjs_lite_v7.26.0&x_source.tid=756f5fe9-9073-49f4-aa6d-c9bb6647226d&l_pb_bid_id=16f1576ebded393&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.38455100111995777
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
32f7661668968ca1ddefa862d6cbefd845d9f9649e12dd4b8626bcf55a4bca27

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
241
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
mp.4dex.io/ Frame 5D06 		60 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7ffd07860cd4ca70-HAM
expires
0
ROS
pbjs.e-planning.net/pbjs/1/58d04/1/www.lebanonfiles.com/ Frame 5D06 		1 KB
874 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/58d04/1/www.lebanonfiles.com/ROS?rnd=0.44214210878325355&e=21105852%3A300x250&ur=https%3A%2F%2Fwww.lebanonfiles.com%2F&pbv=7.26.0&ncb=1&vs=F&crs=UTF-8&fr=http%3A%2F%2Fwww.lebanonfiles.com%2F
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
e36d2c513c3043703f506aa20adfed339dbe9461df400ded949c0af23558250e

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

expires
Fri, 01 Sep 2023 11:03:54 GMT
date
Fri, 01 Sep 2023 11:03:54 GMT
content-encoding
gzip
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
http://www.lebanonfiles.com
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
x-sid
AMS-929
23.json
id5-sync.com/g/v2/ Frame 7EBF 		276 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/23.json
Requested by
Host: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/pwt/156400/10561/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
22a6a146e4e0b4301cadabf5b6c942dae6b4e883e152aaaf9e81284ce35cfe68
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Fri, 01 Sep 2023 11:03:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
23.json
id5-sync.com/g/v2/ Frame 5D06 		276 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/23.json
Requested by
Host: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/pwt/156400/10561/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
2f7a98b9c8d492e1c53f294ce4b1a068d527d2a83b189f0d378d4fe204f2ccba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Fri, 01 Sep 2023 11:03:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211802940213948539546%22,%22debug_reporting%22:true,%22destination%22:%22https://sailpoint.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221015653804%22],%224%22:[%2209-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221090560908628259025%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 01 Sep 2023 11:03:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/ Frame B621
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEOgjQzKJ2R4WX1BogBbpSqk&google_cver=1
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEOgjQzKJ2R4WX1BogBbpSqk&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=786b4a3bec89987139dd6174c3ef78c6&uid=786b4a3bec89987139dd6174c3ef7...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhiR3tniATAB&v=APEucNW7T7wCj1kcUrwgfu7AF_bNXOk_-DUh1Fdz-HI7pzvZhnxbLGytxIzw8QOJ5y4MSpKUclS31WWrHqmixPHgP91vAxdsc9M3SJBxKPxRtVieByDoHN4
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Fri, 01 Sep 2023 11:03:55 GMT
Last-Modified
Fri, 01 Sep 2023 11:03:55 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B621 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhiR3tniATAB&v=APEucNW7T7wCj1kcUrwgfu7AF_bNXOk_-DUh1Fdz-HI7pzvZhnxbLGytxIzw8QOJ5y4MSpKUclS31WWrHqmixPHgP91vAxdsc9M3SJBxKPxRtVieByDoHN4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EAA2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4369662345387&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EAA2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4369662345387&version=m202307240101&ct=76&x=60&cor=11994052974245542000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame EAA2 		76 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BERwRk3_wD-t3c-maL_nqWkHiUd78yoQ3J0CsdQesPphR1-2kCTq6WDbTj9G-cPoUQTNCknenxJ_dVtrYMMVc1ozkZ7d747wBva0rrtLFrNNS54D2Whx61AlXmzskS1O5a_2jDGeux5HbPQ7_FFpY6CihMsQLweg5Xpkoc_cNbZ6Us0ME&dbm_d=AKAmf-AK430rST9Jl93e9oKCJTZrnV0KD9nYFOAmRgM8AgitBksWH_bLo-aKD00yH1BQijXfrdR_6a185gY_T38LZSmP12P-5JMQb2p0OsfYsQMTFDjGqDmz77IY5zn_y9R1iK_YDyIUV5kSbCkSXZE8_T42pZRcvw_7H5SS5zcrfVZBTcgIBud85Kon5xH1BMO559kKjIF95vnhP47S9FN1ASMji4YEog7Vu9KMMnGWqGPwjtwiRP1Np-IdlF2gqHVSnjFMWKStUf_wpG3DLaxaH1qTRQxqeNSlfAh8fZZKjkUL8eMx8aOChLpfL5UVTFasiY5-lX3ZZQXGgYEaF-LRveGFmjN9DHmDhHwYgc0CEe05YNIiLUFIk5NtB2Q3QoWa6q4NIZcZ1SO2aAVqa8tLUPu1hvkMvY8E97QWL_nc62kKxvK7ncnUbEAWcQmejUXadTLEsKxh5tXVuWDAGXmDiFWajiYA5e1davePBSUKHlSAwHf6BOfKmbhnBZa018OLiHq_F8gESfBI-zInxCtJdWP9tJ0-XzLEDd4QnJdoeEvaNNEiqohYCxrR1q2Jgf3JIiJ74_mX2Hq-vFWjTwtSsL0zG4itytMxHq9NnTG_3BtJYcSjLvbJ8zZA3hz4JK9cRVOEpC2kFtZfDdg3T0t3IH6DaWcuZEFT_8NDYIz2MgGWQmEaIBGQ2_Eyo7OX66v65_tY-8PiZzH93zOOqmK5OKFwYOcYX81p991dl41oquuOWRclfU2F9RrZTVow4Cgp_s2Fa_dI5d_XeNYYgaLVAiIHaIH3KH0e6bgs5ALbJLwsXG_v30BaGZG0_nOwUKWLvYxD-IAJbGCT77jFHWxKn_MVCNjPkON2A_CHOsg27-bqP-lYq9Lr6E_PIAQib4FbxwOpZnm5W35c79CMxWr3rpvzlg23fAHis2pD2y5g9ghv9z2beGh5NeMf7wXog66coXk_tvldas6aFEG5wMymhbU2she6Kkpq-RbspdUKHLO3ngD-ojdd67CFSNhS1pBtd9f8dk8kW5UhyLHX-3t7f3263qGByz7KEmt_EzuGR-5_dHGs1lcTtUsczE0890yjA7sCQKghkCQsmhRAxm2dEiGoqlDVDgZ7MFvBQ8T1R87vgA0FbBd6tdsIe60OhKyg7-57c1SCEjNtVZQZPZFE9E8MSBiygBffOkLEEF52px0cs6eKEiEoTf9_Yc_T1ybkEuaaTdpmmsTGV5w_sFYDgJKnq_65KORLnvzb8B9mjm6_ni48hf9G-g6-JUCiTxw479wC06H9TTxqhhBr4Zm1_GKKRBNNenw0IOXZ8cgy6pWNYqPR0QVBPTu0lvsBIxMMAyWKU6g0vK0fAT7ZLQDA6l7c2WhZQOsNLD2B7-wk6omamqKnaoOnU-LM0pae8YptRkktF5Haupmg3fFS2a1RL0X1XRNMgTKgPTjcjKG4yWtl9PNkmY6mlN0mrmOvs5u27gJbSC7HgwYX3P3r9uPepeGDuhpCEAxqubTDlYXwA8ZsxJcp-ZOcV8dVs1WyNBr3nOJ1Nm8rye2H-bKZMZwCHb6dojooesP3XW9eFhNPuBwcsV0UUzq_n3hKcL0ZTDUGeqssEMuZsWQ71wwJ-r-w8Bk0lO6KP_Q_0_HfeQWCkOXha4ztRErcMev4NucmmzMdT0KUZfAIGq-9BnVTX8yZqqOLVItui1pSXu8YemrszqIYu3E8XbQ4XHDHi5kqdolJBFk92d4KnXKFCp3mjLvPbo6jI49z_jb_g-3mBWkvFIS-_7uDIYLzsmOxjvw98X2xmKTgjPdvL4p6hOuCvkLNt37P2BT_nmiE7-pRylkpnGup_aR7eOEuCADLJo1A66uGrElFD9xE2SLABAtwgD1RERAdQjpsnFI1WwhuEc_J0h0RQHWC2Gy8FrCg_HYDQyZIsytVclAk41Q_xJSn3VTiTU2GtZbzmVYRMhoT3rHMrV5rn-4oVa8t77xDCnPnWFiXk3o0KkoxcxrQ__oWFNxGwMejaWWxGPffF_ERDNeM-AHAM8I0b2Ah20EAmivI7PdIB_b-q3D0QKje2g5kpUKKLaAZamPk9OZa78dTqttsDUAg-IngeZWlv-Nb-r67MC8Jc8cAc4mj8kk__XyHi9spIYPId4_D17JHo91MXf3EPd57D-HA7kO_Gtb2-kvTkW3r7tRYDL6GjecDdqIc5ZD35e45vHaO_wkDRSwSyccRrW6apAKhU1XYvULHxB0RTYPHj5KYfKltHTclnTYvXjC0z3yi6dYK-rHu_nq_QbSuEIy5NJYLPUImJgI75aWrof9toISX_VvNi2d7RV-C4q_MMdlcTgiYN7YwRkyhYX1UbGCH9dnc5ayZ6GphHKUbXD9PYRv_pbsQOip6amlXwUe2HqcYIKykCMJali0-Zcdo1Bw2fC3pAo0T6H9vBdeTu9ahANZKKlzZrl8JM6Pza0LBuyze7e311yZ8jkV_LWMC9TdCV8uMKE8ub8BDfh4T4cqgtqbR4-pfn4z4G-Mo2M-LiqOLXfqYC6DZdUvg9Bgmfrb5DpP-uxu6lLyCfBVKuVBq9SMARTDMF7wrn6JvWTubslMro1Fpp4cypbHeHF5JjInn3IoM2e5u1kysjH1cdCsd9D8TSJKXpedNLN-M7LAAD7sSOjtTlqCKuaePcIV7iYLVi6ypb37p23k1n5Nz09U3nXIfyyuMZmK-qvURb3SUxkmb0TInTxyJrtnZQU9WIcFkT1lUbx4Nq_Bs-CkzDAdt5TRCpJoCf8CLtK7r1LdZ1sEb__iyi8Tn_DcWbYMk4WgURe9lfsTE17e8IlRsjYISD_KZfTEJ7P_wUBKc96GDDz6gyprmIVnjRrLp4rfCVcvedBsDhzKhyTE719TdRlVeBmxTlSsJPbMjooEdBtCmbVgqfeH05qYiVT_8rairqoHdUo2Bnfnqms6GkWFmZfwZqGMGCqmS07C3ydhkLMRfWBPUmRLqDrzV7VpuTDoWlAM33FHtvKIlg1T5f8YOpZLrDn-boqVxJQIditmukN3vAXv36LDUreHpMq6lm7R9wkC8SMoB-n7Hcei3yYzVKhUJBVlgpcs6MNUk0BgvP5DAmSeEeQDNgR8tH0I7LfTTKeF6qfru50YM_RBQFA4k2goJlgWs1VwXeZCwVBVDk7qHvPQhKVSlNESeM4U-5tFXxrqxqiq2yZ_PXN5p1srA74rqFkS2rivBlOW3tfxjo5vZ0yG0psULEW_WGxtIYUxyAfPanZHyusaFfcctt6YkMbEkV9v-koQQphvrRnm-a3qCRZy7aHObIXCDePztbdigGjdb1hHwLzxoCEo3BvnPeE6lKZDsAwMuU4GSz5byaJMNLBKlNz43mmuN6FxVTNohL0NalQxaQTirsMkdbP1eizPL3nhUqwVMPQQECshNDhzRISe4ZG7TutVEhrKOjgnyy80ReDsOqtH17GANPwsWPgJ5tPpxXMNUNbXKJ2SykYESxejMxtsGAO9a8zdEK2hJlybKN4WwH8RMubPqEC8vuBLaC912Jko0fb_XIUIQOJdFh8_feV3gv7tVvC2qxDv94FQ2hI0raDsXu7JVJ7pndiJDfAgxtUCj5vOAfQ7CKCjUNIBtudeaTgk58b8UgnpvrX_a5o8hPUI&pr=60%3A0.172088&cid=CAQSMgBpAlJWma13lA7lR1xKdbDboMWeIDcKgMv-T5ma-2j8vRwLdFehHr6WuvS-A-yo1fccGAE&dv3_ver=m202307240101&rfl=http%3A%2F%2Fwww.lebanonfiles.com%2F&ds=l&xdt=1&iif=1&cor=11994052974245542000&adk=3946491188&idt=174&cac=0&dtd=35
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
310e42b9231c04801d275fda37e9baa6ff08f23498d49eeb15af35bec210829c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34943
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
http://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 06:17:50 GMT
x-content-type-options
nosniff
age
535564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18684
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:24:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 06:17:50 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
http://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 04:55:47 GMT
x-content-type-options
nosniff
age
540487
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18956
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 04:55:47 GMT
logo.svg
ad.vidverto.io/vidverto/player/ 		414 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/player/logo.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:54 GMT
last-modified
Wed, 04 May 2022 14:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62729019-19e"
content-length
414
content-type
image/svg+xml
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 6565 		103 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/1.8.0/pav2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
feb80efbbbfba9a8b76f1c51cbaf6c090eb99c23d1a9492800cd96b02529b641
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29608
x-xss-protection
0
server
cafe
etag
77 / 19601 / m202308240101 / config-hash: 9283820109230677264
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 01 Sep 2023 11:03:54 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame CBE9 		103 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/1.8.0/pav2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5799c80112f6b166223cea0531c4d09ff77e4f72323b3298fe110344db1dfe08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29607
x-xss-protection
0
server
cafe
etag
10 / 19601 / m202308240101 / config-hash: 9283820109230677264
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 01 Sep 2023 11:03:55 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 2FC8 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=smartadserver&khaos=LM0HLXVR-3-HH89
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
480_650.mp4
cdn.vidverto.io/secured2/uBaJGHmUzEbVGAG3Z3OFnQ:1693569833/1327/video/1823/ 		8 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/uBaJGHmUzEbVGAG3Z3OFnQ:1693569833/1327/video/1823/480_650.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.133 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-133.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
http://www.lebanonfiles.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 01 Sep 2023 11:03:55 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:18 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd46-84f288"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-8712839/8712840
Connection
keep-alive
Content-Length
8712840
activeview
pagead2.googlesyndication.com/pcs/ Frame D60D 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPlnvGZ7K-v4LZS772MaEMDWFx2oOL4DRSbetTSnYIAKoeiXOK1D9Ohte-IXoeIPx_bT2fZZbZNlzsOvV-4VHDgBVMLBT8rbO-iKOSQ-hhhZ__gs9JqtXc5ePm8MPFfsfY6bMX3e0cmxhY&sai=AMfl-YSMRyPsHv-IG07fDq1MAIONr6V3uFAKJQ1bTZ4V3IAJUzPtL8cPKb_ZoFRv72Upz7jgOrwsjpjOUJDcg0_R84Wb9QuRWMyZlcgrfT5ZCsUaouDX9TUO8_qVf5u7LX5SIwTw2GlQxoih-U-w&sig=Cg0ArKJSzLvjzS9Me0ChEAE&cid=CAQSSwBpAlJWRfv4jp58gJzl33VHF_B3qGGiist0X2AnFmsCUqxGUDKNenjzw_F0wFik7mDyPNQe0lmltuNbjW6J0bSgbZoTMS4u9M_lEhgB&id=ampim&o=315,246&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1134&mtos=0,0,0,1134,1134&tos=0,0,0,1134,0&tfs=1378&tls=2512&g=100&h=100&tt=2512&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		3 B
435 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
server
cloudflare
age
0
etag
W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
cf-ray
7ffd07893f2dcab5-HAM
content-length
3
adagio.js
script.4dex.io/ Frame 7EBF 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
958622e2ce103c663883a5e931b64fe435a4f6cb60e151242416727ea8529448

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:55 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
79776
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Thu, 31 Aug 2023 12:44:55 GMT
Server
cloudflare
ETag
W/"69d6e69258e345d4df1e72d8a9065e99"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSaWlbKzLICbnZFDtEJZAUX8EY%2FUmS7%2BylYuBmLxXz%2F8PQ25LCp887pxilTjcYtzVtodls%2F29ghTbYKTwCNAQC%2BQqahs7K0JlsO4xplUcdMmvkMecK2UTk6baJIUw%2B3omtT5U25EF6O0YN9O"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7ffd07892e2a925f-FRA
adagio.js
script.4dex.io/ Frame 5D06 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
958622e2ce103c663883a5e931b64fe435a4f6cb60e151242416727ea8529448

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:55 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
79776
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Thu, 31 Aug 2023 12:44:55 GMT
Server
cloudflare
ETag
W/"69d6e69258e345d4df1e72d8a9065e99"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJKnROU88iF%2FeQAveCCzf%2FipqQD0BCXkETy4mc5jmA%2BZuWydcLD6kAmT%2FshkezjEv94VQ1zMbUmABzUMiWCAXkhmA%2BmNmYlJ9gunvyr1LoePLpFl5IdCUxM%2BHvRDXmEq81yXEBDUdNRP4Csa"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7ffd07892bd2bb35-FRA
480_650.mp4
cdn.vidverto.io/secured2/uBaJGHmUzEbVGAG3Z3OFnQ:1693569833/1327/video/1823/ 		93 KB
93 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/uBaJGHmUzEbVGAG3Z3OFnQ:1693569833/1327/video/1823/480_650.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.133 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-133.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
29f307f6b027d5c45c184fa155450971294eae602297f220ee69175c05efdf19

Request headers

Referer
http://www.lebanonfiles.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Range
bytes=8617984-

Response headers

Date
Fri, 01 Sep 2023 11:03:55 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:18 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd46-84f288"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 8617984-8712839/8712840
Connection
keep-alive
Content-Length
94856
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame EAA2 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BERwRk3_wD-t3c-maL_nqWkHiUd78yoQ3J0CsdQesPphR1-2kCTq6WDbTj9G-cPoUQTNCknenxJ_dVtrYMMVc1ozkZ7d747wBva0rrtLFrNNS54D2Whx61AlXmzskS1O5a_2jDGeux5HbPQ7_FFpY6CihMsQLweg5Xpkoc_cNbZ6Us0ME&dbm_d=AKAmf-AK430rST9Jl93e9oKCJTZrnV0KD9nYFOAmRgM8AgitBksWH_bLo-aKD00yH1BQijXfrdR_6a185gY_T38LZSmP12P-5JMQb2p0OsfYsQMTFDjGqDmz77IY5zn_y9R1iK_YDyIUV5kSbCkSXZE8_T42pZRcvw_7H5SS5zcrfVZBTcgIBud85Kon5xH1BMO559kKjIF95vnhP47S9FN1ASMji4YEog7Vu9KMMnGWqGPwjtwiRP1Np-IdlF2gqHVSnjFMWKStUf_wpG3DLaxaH1qTRQxqeNSlfAh8fZZKjkUL8eMx8aOChLpfL5UVTFasiY5-lX3ZZQXGgYEaF-LRveGFmjN9DHmDhHwYgc0CEe05YNIiLUFIk5NtB2Q3QoWa6q4NIZcZ1SO2aAVqa8tLUPu1hvkMvY8E97QWL_nc62kKxvK7ncnUbEAWcQmejUXadTLEsKxh5tXVuWDAGXmDiFWajiYA5e1davePBSUKHlSAwHf6BOfKmbhnBZa018OLiHq_F8gESfBI-zInxCtJdWP9tJ0-XzLEDd4QnJdoeEvaNNEiqohYCxrR1q2Jgf3JIiJ74_mX2Hq-vFWjTwtSsL0zG4itytMxHq9NnTG_3BtJYcSjLvbJ8zZA3hz4JK9cRVOEpC2kFtZfDdg3T0t3IH6DaWcuZEFT_8NDYIz2MgGWQmEaIBGQ2_Eyo7OX66v65_tY-8PiZzH93zOOqmK5OKFwYOcYX81p991dl41oquuOWRclfU2F9RrZTVow4Cgp_s2Fa_dI5d_XeNYYgaLVAiIHaIH3KH0e6bgs5ALbJLwsXG_v30BaGZG0_nOwUKWLvYxD-IAJbGCT77jFHWxKn_MVCNjPkON2A_CHOsg27-bqP-lYq9Lr6E_PIAQib4FbxwOpZnm5W35c79CMxWr3rpvzlg23fAHis2pD2y5g9ghv9z2beGh5NeMf7wXog66coXk_tvldas6aFEG5wMymhbU2she6Kkpq-RbspdUKHLO3ngD-ojdd67CFSNhS1pBtd9f8dk8kW5UhyLHX-3t7f3263qGByz7KEmt_EzuGR-5_dHGs1lcTtUsczE0890yjA7sCQKghkCQsmhRAxm2dEiGoqlDVDgZ7MFvBQ8T1R87vgA0FbBd6tdsIe60OhKyg7-57c1SCEjNtVZQZPZFE9E8MSBiygBffOkLEEF52px0cs6eKEiEoTf9_Yc_T1ybkEuaaTdpmmsTGV5w_sFYDgJKnq_65KORLnvzb8B9mjm6_ni48hf9G-g6-JUCiTxw479wC06H9TTxqhhBr4Zm1_GKKRBNNenw0IOXZ8cgy6pWNYqPR0QVBPTu0lvsBIxMMAyWKU6g0vK0fAT7ZLQDA6l7c2WhZQOsNLD2B7-wk6omamqKnaoOnU-LM0pae8YptRkktF5Haupmg3fFS2a1RL0X1XRNMgTKgPTjcjKG4yWtl9PNkmY6mlN0mrmOvs5u27gJbSC7HgwYX3P3r9uPepeGDuhpCEAxqubTDlYXwA8ZsxJcp-ZOcV8dVs1WyNBr3nOJ1Nm8rye2H-bKZMZwCHb6dojooesP3XW9eFhNPuBwcsV0UUzq_n3hKcL0ZTDUGeqssEMuZsWQ71wwJ-r-w8Bk0lO6KP_Q_0_HfeQWCkOXha4ztRErcMev4NucmmzMdT0KUZfAIGq-9BnVTX8yZqqOLVItui1pSXu8YemrszqIYu3E8XbQ4XHDHi5kqdolJBFk92d4KnXKFCp3mjLvPbo6jI49z_jb_g-3mBWkvFIS-_7uDIYLzsmOxjvw98X2xmKTgjPdvL4p6hOuCvkLNt37P2BT_nmiE7-pRylkpnGup_aR7eOEuCADLJo1A66uGrElFD9xE2SLABAtwgD1RERAdQjpsnFI1WwhuEc_J0h0RQHWC2Gy8FrCg_HYDQyZIsytVclAk41Q_xJSn3VTiTU2GtZbzmVYRMhoT3rHMrV5rn-4oVa8t77xDCnPnWFiXk3o0KkoxcxrQ__oWFNxGwMejaWWxGPffF_ERDNeM-AHAM8I0b2Ah20EAmivI7PdIB_b-q3D0QKje2g5kpUKKLaAZamPk9OZa78dTqttsDUAg-IngeZWlv-Nb-r67MC8Jc8cAc4mj8kk__XyHi9spIYPId4_D17JHo91MXf3EPd57D-HA7kO_Gtb2-kvTkW3r7tRYDL6GjecDdqIc5ZD35e45vHaO_wkDRSwSyccRrW6apAKhU1XYvULHxB0RTYPHj5KYfKltHTclnTYvXjC0z3yi6dYK-rHu_nq_QbSuEIy5NJYLPUImJgI75aWrof9toISX_VvNi2d7RV-C4q_MMdlcTgiYN7YwRkyhYX1UbGCH9dnc5ayZ6GphHKUbXD9PYRv_pbsQOip6amlXwUe2HqcYIKykCMJali0-Zcdo1Bw2fC3pAo0T6H9vBdeTu9ahANZKKlzZrl8JM6Pza0LBuyze7e311yZ8jkV_LWMC9TdCV8uMKE8ub8BDfh4T4cqgtqbR4-pfn4z4G-Mo2M-LiqOLXfqYC6DZdUvg9Bgmfrb5DpP-uxu6lLyCfBVKuVBq9SMARTDMF7wrn6JvWTubslMro1Fpp4cypbHeHF5JjInn3IoM2e5u1kysjH1cdCsd9D8TSJKXpedNLN-M7LAAD7sSOjtTlqCKuaePcIV7iYLVi6ypb37p23k1n5Nz09U3nXIfyyuMZmK-qvURb3SUxkmb0TInTxyJrtnZQU9WIcFkT1lUbx4Nq_Bs-CkzDAdt5TRCpJoCf8CLtK7r1LdZ1sEb__iyi8Tn_DcWbYMk4WgURe9lfsTE17e8IlRsjYISD_KZfTEJ7P_wUBKc96GDDz6gyprmIVnjRrLp4rfCVcvedBsDhzKhyTE719TdRlVeBmxTlSsJPbMjooEdBtCmbVgqfeH05qYiVT_8rairqoHdUo2Bnfnqms6GkWFmZfwZqGMGCqmS07C3ydhkLMRfWBPUmRLqDrzV7VpuTDoWlAM33FHtvKIlg1T5f8YOpZLrDn-boqVxJQIditmukN3vAXv36LDUreHpMq6lm7R9wkC8SMoB-n7Hcei3yYzVKhUJBVlgpcs6MNUk0BgvP5DAmSeEeQDNgR8tH0I7LfTTKeF6qfru50YM_RBQFA4k2goJlgWs1VwXeZCwVBVDk7qHvPQhKVSlNESeM4U-5tFXxrqxqiq2yZ_PXN5p1srA74rqFkS2rivBlOW3tfxjo5vZ0yG0psULEW_WGxtIYUxyAfPanZHyusaFfcctt6YkMbEkV9v-koQQphvrRnm-a3qCRZy7aHObIXCDePztbdigGjdb1hHwLzxoCEo3BvnPeE6lKZDsAwMuU4GSz5byaJMNLBKlNz43mmuN6FxVTNohL0NalQxaQTirsMkdbP1eizPL3nhUqwVMPQQECshNDhzRISe4ZG7TutVEhrKOjgnyy80ReDsOqtH17GANPwsWPgJ5tPpxXMNUNbXKJ2SykYESxejMxtsGAO9a8zdEK2hJlybKN4WwH8RMubPqEC8vuBLaC912Jko0fb_XIUIQOJdFh8_feV3gv7tVvC2qxDv94FQ2hI0raDsXu7JVJ7pndiJDfAgxtUCj5vOAfQ7CKCjUNIBtudeaTgk58b8UgnpvrX_a5o8hPUI&pr=60%3A0.172088&cid=CAQSMgBpAlJWma13lA7lR1xKdbDboMWeIDcKgMv-T5ma-2j8vRwLdFehHr6WuvS-A-yo1fccGAE&dv3_ver=m202307240101&rfl=http%3A%2F%2Fwww.lebanonfiles.com%2F&ds=l&xdt=1&iif=1&cor=11994052974245542000&adk=3946491188&idt=174&cac=0&dtd=35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:57:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
75965
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11511
x-xss-protection
0
server
cafe
etag
961974302080011826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 13:57:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EAA2 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BERwRk3_wD-t3c-maL_nqWkHiUd78yoQ3J0CsdQesPphR1-2kCTq6WDbTj9G-cPoUQTNCknenxJ_dVtrYMMVc1ozkZ7d747wBva0rrtLFrNNS54D2Whx61AlXmzskS1O5a_2jDGeux5HbPQ7_FFpY6CihMsQLweg5Xpkoc_cNbZ6Us0ME&dbm_d=AKAmf-AK430rST9Jl93e9oKCJTZrnV0KD9nYFOAmRgM8AgitBksWH_bLo-aKD00yH1BQijXfrdR_6a185gY_T38LZSmP12P-5JMQb2p0OsfYsQMTFDjGqDmz77IY5zn_y9R1iK_YDyIUV5kSbCkSXZE8_T42pZRcvw_7H5SS5zcrfVZBTcgIBud85Kon5xH1BMO559kKjIF95vnhP47S9FN1ASMji4YEog7Vu9KMMnGWqGPwjtwiRP1Np-IdlF2gqHVSnjFMWKStUf_wpG3DLaxaH1qTRQxqeNSlfAh8fZZKjkUL8eMx8aOChLpfL5UVTFasiY5-lX3ZZQXGgYEaF-LRveGFmjN9DHmDhHwYgc0CEe05YNIiLUFIk5NtB2Q3QoWa6q4NIZcZ1SO2aAVqa8tLUPu1hvkMvY8E97QWL_nc62kKxvK7ncnUbEAWcQmejUXadTLEsKxh5tXVuWDAGXmDiFWajiYA5e1davePBSUKHlSAwHf6BOfKmbhnBZa018OLiHq_F8gESfBI-zInxCtJdWP9tJ0-XzLEDd4QnJdoeEvaNNEiqohYCxrR1q2Jgf3JIiJ74_mX2Hq-vFWjTwtSsL0zG4itytMxHq9NnTG_3BtJYcSjLvbJ8zZA3hz4JK9cRVOEpC2kFtZfDdg3T0t3IH6DaWcuZEFT_8NDYIz2MgGWQmEaIBGQ2_Eyo7OX66v65_tY-8PiZzH93zOOqmK5OKFwYOcYX81p991dl41oquuOWRclfU2F9RrZTVow4Cgp_s2Fa_dI5d_XeNYYgaLVAiIHaIH3KH0e6bgs5ALbJLwsXG_v30BaGZG0_nOwUKWLvYxD-IAJbGCT77jFHWxKn_MVCNjPkON2A_CHOsg27-bqP-lYq9Lr6E_PIAQib4FbxwOpZnm5W35c79CMxWr3rpvzlg23fAHis2pD2y5g9ghv9z2beGh5NeMf7wXog66coXk_tvldas6aFEG5wMymhbU2she6Kkpq-RbspdUKHLO3ngD-ojdd67CFSNhS1pBtd9f8dk8kW5UhyLHX-3t7f3263qGByz7KEmt_EzuGR-5_dHGs1lcTtUsczE0890yjA7sCQKghkCQsmhRAxm2dEiGoqlDVDgZ7MFvBQ8T1R87vgA0FbBd6tdsIe60OhKyg7-57c1SCEjNtVZQZPZFE9E8MSBiygBffOkLEEF52px0cs6eKEiEoTf9_Yc_T1ybkEuaaTdpmmsTGV5w_sFYDgJKnq_65KORLnvzb8B9mjm6_ni48hf9G-g6-JUCiTxw479wC06H9TTxqhhBr4Zm1_GKKRBNNenw0IOXZ8cgy6pWNYqPR0QVBPTu0lvsBIxMMAyWKU6g0vK0fAT7ZLQDA6l7c2WhZQOsNLD2B7-wk6omamqKnaoOnU-LM0pae8YptRkktF5Haupmg3fFS2a1RL0X1XRNMgTKgPTjcjKG4yWtl9PNkmY6mlN0mrmOvs5u27gJbSC7HgwYX3P3r9uPepeGDuhpCEAxqubTDlYXwA8ZsxJcp-ZOcV8dVs1WyNBr3nOJ1Nm8rye2H-bKZMZwCHb6dojooesP3XW9eFhNPuBwcsV0UUzq_n3hKcL0ZTDUGeqssEMuZsWQ71wwJ-r-w8Bk0lO6KP_Q_0_HfeQWCkOXha4ztRErcMev4NucmmzMdT0KUZfAIGq-9BnVTX8yZqqOLVItui1pSXu8YemrszqIYu3E8XbQ4XHDHi5kqdolJBFk92d4KnXKFCp3mjLvPbo6jI49z_jb_g-3mBWkvFIS-_7uDIYLzsmOxjvw98X2xmKTgjPdvL4p6hOuCvkLNt37P2BT_nmiE7-pRylkpnGup_aR7eOEuCADLJo1A66uGrElFD9xE2SLABAtwgD1RERAdQjpsnFI1WwhuEc_J0h0RQHWC2Gy8FrCg_HYDQyZIsytVclAk41Q_xJSn3VTiTU2GtZbzmVYRMhoT3rHMrV5rn-4oVa8t77xDCnPnWFiXk3o0KkoxcxrQ__oWFNxGwMejaWWxGPffF_ERDNeM-AHAM8I0b2Ah20EAmivI7PdIB_b-q3D0QKje2g5kpUKKLaAZamPk9OZa78dTqttsDUAg-IngeZWlv-Nb-r67MC8Jc8cAc4mj8kk__XyHi9spIYPId4_D17JHo91MXf3EPd57D-HA7kO_Gtb2-kvTkW3r7tRYDL6GjecDdqIc5ZD35e45vHaO_wkDRSwSyccRrW6apAKhU1XYvULHxB0RTYPHj5KYfKltHTclnTYvXjC0z3yi6dYK-rHu_nq_QbSuEIy5NJYLPUImJgI75aWrof9toISX_VvNi2d7RV-C4q_MMdlcTgiYN7YwRkyhYX1UbGCH9dnc5ayZ6GphHKUbXD9PYRv_pbsQOip6amlXwUe2HqcYIKykCMJali0-Zcdo1Bw2fC3pAo0T6H9vBdeTu9ahANZKKlzZrl8JM6Pza0LBuyze7e311yZ8jkV_LWMC9TdCV8uMKE8ub8BDfh4T4cqgtqbR4-pfn4z4G-Mo2M-LiqOLXfqYC6DZdUvg9Bgmfrb5DpP-uxu6lLyCfBVKuVBq9SMARTDMF7wrn6JvWTubslMro1Fpp4cypbHeHF5JjInn3IoM2e5u1kysjH1cdCsd9D8TSJKXpedNLN-M7LAAD7sSOjtTlqCKuaePcIV7iYLVi6ypb37p23k1n5Nz09U3nXIfyyuMZmK-qvURb3SUxkmb0TInTxyJrtnZQU9WIcFkT1lUbx4Nq_Bs-CkzDAdt5TRCpJoCf8CLtK7r1LdZ1sEb__iyi8Tn_DcWbYMk4WgURe9lfsTE17e8IlRsjYISD_KZfTEJ7P_wUBKc96GDDz6gyprmIVnjRrLp4rfCVcvedBsDhzKhyTE719TdRlVeBmxTlSsJPbMjooEdBtCmbVgqfeH05qYiVT_8rairqoHdUo2Bnfnqms6GkWFmZfwZqGMGCqmS07C3ydhkLMRfWBPUmRLqDrzV7VpuTDoWlAM33FHtvKIlg1T5f8YOpZLrDn-boqVxJQIditmukN3vAXv36LDUreHpMq6lm7R9wkC8SMoB-n7Hcei3yYzVKhUJBVlgpcs6MNUk0BgvP5DAmSeEeQDNgR8tH0I7LfTTKeF6qfru50YM_RBQFA4k2goJlgWs1VwXeZCwVBVDk7qHvPQhKVSlNESeM4U-5tFXxrqxqiq2yZ_PXN5p1srA74rqFkS2rivBlOW3tfxjo5vZ0yG0psULEW_WGxtIYUxyAfPanZHyusaFfcctt6YkMbEkV9v-koQQphvrRnm-a3qCRZy7aHObIXCDePztbdigGjdb1hHwLzxoCEo3BvnPeE6lKZDsAwMuU4GSz5byaJMNLBKlNz43mmuN6FxVTNohL0NalQxaQTirsMkdbP1eizPL3nhUqwVMPQQECshNDhzRISe4ZG7TutVEhrKOjgnyy80ReDsOqtH17GANPwsWPgJ5tPpxXMNUNbXKJ2SykYESxejMxtsGAO9a8zdEK2hJlybKN4WwH8RMubPqEC8vuBLaC912Jko0fb_XIUIQOJdFh8_feV3gv7tVvC2qxDv94FQ2hI0raDsXu7JVJ7pndiJDfAgxtUCj5vOAfQ7CKCjUNIBtudeaTgk58b8UgnpvrX_a5o8hPUI&pr=60%3A0.172088&cid=CAQSMgBpAlJWma13lA7lR1xKdbDboMWeIDcKgMv-T5ma-2j8vRwLdFehHr6WuvS-A-yo1fccGAE&dv3_ver=m202307240101&rfl=http%3A%2F%2Fwww.lebanonfiles.com%2F&ds=l&xdt=1&iif=1&cor=11994052974245542000&adk=3946491188&idt=174&cac=0&dtd=35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 11:03:55 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230830/r20110914/elements/html/ Frame EAA2 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230830/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BERwRk3_wD-t3c-maL_nqWkHiUd78yoQ3J0CsdQesPphR1-2kCTq6WDbTj9G-cPoUQTNCknenxJ_dVtrYMMVc1ozkZ7d747wBva0rrtLFrNNS54D2Whx61AlXmzskS1O5a_2jDGeux5HbPQ7_FFpY6CihMsQLweg5Xpkoc_cNbZ6Us0ME&dbm_d=AKAmf-AK430rST9Jl93e9oKCJTZrnV0KD9nYFOAmRgM8AgitBksWH_bLo-aKD00yH1BQijXfrdR_6a185gY_T38LZSmP12P-5JMQb2p0OsfYsQMTFDjGqDmz77IY5zn_y9R1iK_YDyIUV5kSbCkSXZE8_T42pZRcvw_7H5SS5zcrfVZBTcgIBud85Kon5xH1BMO559kKjIF95vnhP47S9FN1ASMji4YEog7Vu9KMMnGWqGPwjtwiRP1Np-IdlF2gqHVSnjFMWKStUf_wpG3DLaxaH1qTRQxqeNSlfAh8fZZKjkUL8eMx8aOChLpfL5UVTFasiY5-lX3ZZQXGgYEaF-LRveGFmjN9DHmDhHwYgc0CEe05YNIiLUFIk5NtB2Q3QoWa6q4NIZcZ1SO2aAVqa8tLUPu1hvkMvY8E97QWL_nc62kKxvK7ncnUbEAWcQmejUXadTLEsKxh5tXVuWDAGXmDiFWajiYA5e1davePBSUKHlSAwHf6BOfKmbhnBZa018OLiHq_F8gESfBI-zInxCtJdWP9tJ0-XzLEDd4QnJdoeEvaNNEiqohYCxrR1q2Jgf3JIiJ74_mX2Hq-vFWjTwtSsL0zG4itytMxHq9NnTG_3BtJYcSjLvbJ8zZA3hz4JK9cRVOEpC2kFtZfDdg3T0t3IH6DaWcuZEFT_8NDYIz2MgGWQmEaIBGQ2_Eyo7OX66v65_tY-8PiZzH93zOOqmK5OKFwYOcYX81p991dl41oquuOWRclfU2F9RrZTVow4Cgp_s2Fa_dI5d_XeNYYgaLVAiIHaIH3KH0e6bgs5ALbJLwsXG_v30BaGZG0_nOwUKWLvYxD-IAJbGCT77jFHWxKn_MVCNjPkON2A_CHOsg27-bqP-lYq9Lr6E_PIAQib4FbxwOpZnm5W35c79CMxWr3rpvzlg23fAHis2pD2y5g9ghv9z2beGh5NeMf7wXog66coXk_tvldas6aFEG5wMymhbU2she6Kkpq-RbspdUKHLO3ngD-ojdd67CFSNhS1pBtd9f8dk8kW5UhyLHX-3t7f3263qGByz7KEmt_EzuGR-5_dHGs1lcTtUsczE0890yjA7sCQKghkCQsmhRAxm2dEiGoqlDVDgZ7MFvBQ8T1R87vgA0FbBd6tdsIe60OhKyg7-57c1SCEjNtVZQZPZFE9E8MSBiygBffOkLEEF52px0cs6eKEiEoTf9_Yc_T1ybkEuaaTdpmmsTGV5w_sFYDgJKnq_65KORLnvzb8B9mjm6_ni48hf9G-g6-JUCiTxw479wC06H9TTxqhhBr4Zm1_GKKRBNNenw0IOXZ8cgy6pWNYqPR0QVBPTu0lvsBIxMMAyWKU6g0vK0fAT7ZLQDA6l7c2WhZQOsNLD2B7-wk6omamqKnaoOnU-LM0pae8YptRkktF5Haupmg3fFS2a1RL0X1XRNMgTKgPTjcjKG4yWtl9PNkmY6mlN0mrmOvs5u27gJbSC7HgwYX3P3r9uPepeGDuhpCEAxqubTDlYXwA8ZsxJcp-ZOcV8dVs1WyNBr3nOJ1Nm8rye2H-bKZMZwCHb6dojooesP3XW9eFhNPuBwcsV0UUzq_n3hKcL0ZTDUGeqssEMuZsWQ71wwJ-r-w8Bk0lO6KP_Q_0_HfeQWCkOXha4ztRErcMev4NucmmzMdT0KUZfAIGq-9BnVTX8yZqqOLVItui1pSXu8YemrszqIYu3E8XbQ4XHDHi5kqdolJBFk92d4KnXKFCp3mjLvPbo6jI49z_jb_g-3mBWkvFIS-_7uDIYLzsmOxjvw98X2xmKTgjPdvL4p6hOuCvkLNt37P2BT_nmiE7-pRylkpnGup_aR7eOEuCADLJo1A66uGrElFD9xE2SLABAtwgD1RERAdQjpsnFI1WwhuEc_J0h0RQHWC2Gy8FrCg_HYDQyZIsytVclAk41Q_xJSn3VTiTU2GtZbzmVYRMhoT3rHMrV5rn-4oVa8t77xDCnPnWFiXk3o0KkoxcxrQ__oWFNxGwMejaWWxGPffF_ERDNeM-AHAM8I0b2Ah20EAmivI7PdIB_b-q3D0QKje2g5kpUKKLaAZamPk9OZa78dTqttsDUAg-IngeZWlv-Nb-r67MC8Jc8cAc4mj8kk__XyHi9spIYPId4_D17JHo91MXf3EPd57D-HA7kO_Gtb2-kvTkW3r7tRYDL6GjecDdqIc5ZD35e45vHaO_wkDRSwSyccRrW6apAKhU1XYvULHxB0RTYPHj5KYfKltHTclnTYvXjC0z3yi6dYK-rHu_nq_QbSuEIy5NJYLPUImJgI75aWrof9toISX_VvNi2d7RV-C4q_MMdlcTgiYN7YwRkyhYX1UbGCH9dnc5ayZ6GphHKUbXD9PYRv_pbsQOip6amlXwUe2HqcYIKykCMJali0-Zcdo1Bw2fC3pAo0T6H9vBdeTu9ahANZKKlzZrl8JM6Pza0LBuyze7e311yZ8jkV_LWMC9TdCV8uMKE8ub8BDfh4T4cqgtqbR4-pfn4z4G-Mo2M-LiqOLXfqYC6DZdUvg9Bgmfrb5DpP-uxu6lLyCfBVKuVBq9SMARTDMF7wrn6JvWTubslMro1Fpp4cypbHeHF5JjInn3IoM2e5u1kysjH1cdCsd9D8TSJKXpedNLN-M7LAAD7sSOjtTlqCKuaePcIV7iYLVi6ypb37p23k1n5Nz09U3nXIfyyuMZmK-qvURb3SUxkmb0TInTxyJrtnZQU9WIcFkT1lUbx4Nq_Bs-CkzDAdt5TRCpJoCf8CLtK7r1LdZ1sEb__iyi8Tn_DcWbYMk4WgURe9lfsTE17e8IlRsjYISD_KZfTEJ7P_wUBKc96GDDz6gyprmIVnjRrLp4rfCVcvedBsDhzKhyTE719TdRlVeBmxTlSsJPbMjooEdBtCmbVgqfeH05qYiVT_8rairqoHdUo2Bnfnqms6GkWFmZfwZqGMGCqmS07C3ydhkLMRfWBPUmRLqDrzV7VpuTDoWlAM33FHtvKIlg1T5f8YOpZLrDn-boqVxJQIditmukN3vAXv36LDUreHpMq6lm7R9wkC8SMoB-n7Hcei3yYzVKhUJBVlgpcs6MNUk0BgvP5DAmSeEeQDNgR8tH0I7LfTTKeF6qfru50YM_RBQFA4k2goJlgWs1VwXeZCwVBVDk7qHvPQhKVSlNESeM4U-5tFXxrqxqiq2yZ_PXN5p1srA74rqFkS2rivBlOW3tfxjo5vZ0yG0psULEW_WGxtIYUxyAfPanZHyusaFfcctt6YkMbEkV9v-koQQphvrRnm-a3qCRZy7aHObIXCDePztbdigGjdb1hHwLzxoCEo3BvnPeE6lKZDsAwMuU4GSz5byaJMNLBKlNz43mmuN6FxVTNohL0NalQxaQTirsMkdbP1eizPL3nhUqwVMPQQECshNDhzRISe4ZG7TutVEhrKOjgnyy80ReDsOqtH17GANPwsWPgJ5tPpxXMNUNbXKJ2SykYESxejMxtsGAO9a8zdEK2hJlybKN4WwH8RMubPqEC8vuBLaC912Jko0fb_XIUIQOJdFh8_feV3gv7tVvC2qxDv94FQ2hI0raDsXu7JVJ7pndiJDfAgxtUCj5vOAfQ7CKCjUNIBtudeaTgk58b8UgnpvrX_a5o8hPUI&pr=60%3A0.172088&cid=CAQSMgBpAlJWma13lA7lR1xKdbDboMWeIDcKgMv-T5ma-2j8vRwLdFehHr6WuvS-A-yo1fccGAE&dv3_ver=m202307240101&rfl=http%3A%2F%2Fwww.lebanonfiles.com%2F&ds=l&xdt=1&iif=1&cor=11994052974245542000&adk=3946491188&idt=174&cac=0&dtd=35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
75984
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 13:57:31 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame EAA2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuCC_NkUUsSacXDhpjVBEn1JE6p8f_h0cSvId6vZ_EnVLJabX80Bvgj8Oo4VuzQxdV-toZ3TIlAUUpX_b9EV6GAXADv-z-kfREn-M_w2Batp1r2eyyhvlV4kgDMQ9uUOgxxIuObKYpG9WgU1JSPjEae9xu2HaTOr_vptr3hXlqeX_y-F7H_zuRT84dlc0Uzu3F01Uh8jCXAnkI_429leZ0upvr_rwAyLV6VTYjv2yGw6WAKRlT0LN8xDO-umvdERqw-v8o3OrXzDXqaXWdHDIfopxsIbPT8WedCFWjZLVtZxlsMTOxVojltgbLepk_EAltf20VV3yCn5PlEhN-08Jt3_cDnfuBEwhku2GNGmLAoj137CfWyK-Phl2SlVxislwV6LGHzfYw3CFWnX7Cg-LfEiEzv17BHcfpVYSeBCrGH8w700CI2zyoh9LvXucjiDs5zj8PL4XrCGMrqxnXptzRBRKp1CyUFa-YczoeS1QlCM4pyFIGaUhOVdSveVxYfY2kv0evpnIIpK0hXgOph8v7BtL-tToqIJK_EPfmopdBvak97ebqyTyh40kJWMSWChhsvAZh2tKxLiCFtx3t6C_xD6FTl17prUHWOAuC3Q8iNCfaRmFQluaCf1T7NsgyYDBOzKxyRzVMZm2ad2NXb5Je62SHcgMDkDlnnDcGHUU-EUWdRBpP80d_l1e0WQeLCqtRi88ZmNJImPHhPwQB6OLeWi-xjst_8qI99kHijYP6i5X2ckMYABWjQF4y4qinexgnDC9UMZHy12w0vyOLzYDMD9SAedvDedDgrfjt15-PSYM9Kgw6c52KpG-Ga6q-DLPkaHmvWrM3yDsVUdeK6GoUXYF9WfiMXu4ZEwpfgYViMCXpHNWg41upohRuIX5-dLCujBKZ5Xdk4-AIZN7XBTJEMki-WCuF5S8eiOgzOXCc7LDtz0o4XWwHdscHLXSSELtnZOht9o0HQkxf7v88IMctw34FYnFAMbcS3O0rlkEEirWGH3wUtom8oMdX0fMF7m3kqR6m-K2oexpXL3DYW6BdZ5FwY36U20sdbnrizOwBJnDHXdFQCNsG3cTC0SYls4vS1GPDFnV1fKnkMLtieBoyOkwZoEuXgqYA9eVa7hdUHSUFTogd978PlGxa-L-a6vBenJp2vuMa21wIdR2J-jMg0L1Eothp8U-IxwxeCd_nmrIsV8KYw70wIIVpw_Yq0nzDKjrCCeFhGAczvvLfReWBRn7cPoW30J9FNUXkLbe8vdTBDfZw8OHWLOMoLN3TQ28zOav2IlvpMXcPstqxQVDHPgKCRWapA-3gxOJvZxwRdqeAn-8oN6n6VfpaBS3c0hCSfp3CddHdnGlDl_uSkgezagVlDqNXWTTeKAlfu0MW6fDiT&sai=AMfl-YT9tcI1VvSE5UJtxDGjjZai-GOaFGCNQd2OulU-ctp4PYKBDazX58NGdVEGBI5FYFjyJYNXbuyw0Pb84jtoGtXmkzGgriddFeFD-_uL2cBluWvpG2HwI79xr1qGZVze0Zf6WVK3Px7owpsJdADuGzzo-vmevKZuXkLLb1YE2mcT25bku5bjh_VEb9BuH6zNsLnvSO2LSZi2NGZwiMiA_f8nS_MdoczZMnRiTNuTbt38xVwwNr7_Pl6MDZCWfIVoeo59ynz2EyzMSW5bdjw&sig=Cg0ArKJSzA6k9PBugz93EAE&uach_m=[UACH]&pr=60:0.172088&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230830.33738&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BERwRk3_wD-t3c-maL_nqWkHiUd78yoQ3J0CsdQesPphR1-2kCTq6WDbTj9G-cPoUQTNCknenxJ_dVtrYMMVc1ozkZ7d747wBva0rrtLFrNNS54D2Whx61AlXmzskS1O5a_2jDGeux5HbPQ7_FFpY6CihMsQLweg5Xpkoc_cNbZ6Us0ME&dbm_d=AKAmf-AK430rST9Jl93e9oKCJTZrnV0KD9nYFOAmRgM8AgitBksWH_bLo-aKD00yH1BQijXfrdR_6a185gY_T38LZSmP12P-5JMQb2p0OsfYsQMTFDjGqDmz77IY5zn_y9R1iK_YDyIUV5kSbCkSXZE8_T42pZRcvw_7H5SS5zcrfVZBTcgIBud85Kon5xH1BMO559kKjIF95vnhP47S9FN1ASMji4YEog7Vu9KMMnGWqGPwjtwiRP1Np-IdlF2gqHVSnjFMWKStUf_wpG3DLaxaH1qTRQxqeNSlfAh8fZZKjkUL8eMx8aOChLpfL5UVTFasiY5-lX3ZZQXGgYEaF-LRveGFmjN9DHmDhHwYgc0CEe05YNIiLUFIk5NtB2Q3QoWa6q4NIZcZ1SO2aAVqa8tLUPu1hvkMvY8E97QWL_nc62kKxvK7ncnUbEAWcQmejUXadTLEsKxh5tXVuWDAGXmDiFWajiYA5e1davePBSUKHlSAwHf6BOfKmbhnBZa018OLiHq_F8gESfBI-zInxCtJdWP9tJ0-XzLEDd4QnJdoeEvaNNEiqohYCxrR1q2Jgf3JIiJ74_mX2Hq-vFWjTwtSsL0zG4itytMxHq9NnTG_3BtJYcSjLvbJ8zZA3hz4JK9cRVOEpC2kFtZfDdg3T0t3IH6DaWcuZEFT_8NDYIz2MgGWQmEaIBGQ2_Eyo7OX66v65_tY-8PiZzH93zOOqmK5OKFwYOcYX81p991dl41oquuOWRclfU2F9RrZTVow4Cgp_s2Fa_dI5d_XeNYYgaLVAiIHaIH3KH0e6bgs5ALbJLwsXG_v30BaGZG0_nOwUKWLvYxD-IAJbGCT77jFHWxKn_MVCNjPkON2A_CHOsg27-bqP-lYq9Lr6E_PIAQib4FbxwOpZnm5W35c79CMxWr3rpvzlg23fAHis2pD2y5g9ghv9z2beGh5NeMf7wXog66coXk_tvldas6aFEG5wMymhbU2she6Kkpq-RbspdUKHLO3ngD-ojdd67CFSNhS1pBtd9f8dk8kW5UhyLHX-3t7f3263qGByz7KEmt_EzuGR-5_dHGs1lcTtUsczE0890yjA7sCQKghkCQsmhRAxm2dEiGoqlDVDgZ7MFvBQ8T1R87vgA0FbBd6tdsIe60OhKyg7-57c1SCEjNtVZQZPZFE9E8MSBiygBffOkLEEF52px0cs6eKEiEoTf9_Yc_T1ybkEuaaTdpmmsTGV5w_sFYDgJKnq_65KORLnvzb8B9mjm6_ni48hf9G-g6-JUCiTxw479wC06H9TTxqhhBr4Zm1_GKKRBNNenw0IOXZ8cgy6pWNYqPR0QVBPTu0lvsBIxMMAyWKU6g0vK0fAT7ZLQDA6l7c2WhZQOsNLD2B7-wk6omamqKnaoOnU-LM0pae8YptRkktF5Haupmg3fFS2a1RL0X1XRNMgTKgPTjcjKG4yWtl9PNkmY6mlN0mrmOvs5u27gJbSC7HgwYX3P3r9uPepeGDuhpCEAxqubTDlYXwA8ZsxJcp-ZOcV8dVs1WyNBr3nOJ1Nm8rye2H-bKZMZwCHb6dojooesP3XW9eFhNPuBwcsV0UUzq_n3hKcL0ZTDUGeqssEMuZsWQ71wwJ-r-w8Bk0lO6KP_Q_0_HfeQWCkOXha4ztRErcMev4NucmmzMdT0KUZfAIGq-9BnVTX8yZqqOLVItui1pSXu8YemrszqIYu3E8XbQ4XHDHi5kqdolJBFk92d4KnXKFCp3mjLvPbo6jI49z_jb_g-3mBWkvFIS-_7uDIYLzsmOxjvw98X2xmKTgjPdvL4p6hOuCvkLNt37P2BT_nmiE7-pRylkpnGup_aR7eOEuCADLJo1A66uGrElFD9xE2SLABAtwgD1RERAdQjpsnFI1WwhuEc_J0h0RQHWC2Gy8FrCg_HYDQyZIsytVclAk41Q_xJSn3VTiTU2GtZbzmVYRMhoT3rHMrV5rn-4oVa8t77xDCnPnWFiXk3o0KkoxcxrQ__oWFNxGwMejaWWxGPffF_ERDNeM-AHAM8I0b2Ah20EAmivI7PdIB_b-q3D0QKje2g5kpUKKLaAZamPk9OZa78dTqttsDUAg-IngeZWlv-Nb-r67MC8Jc8cAc4mj8kk__XyHi9spIYPId4_D17JHo91MXf3EPd57D-HA7kO_Gtb2-kvTkW3r7tRYDL6GjecDdqIc5ZD35e45vHaO_wkDRSwSyccRrW6apAKhU1XYvULHxB0RTYPHj5KYfKltHTclnTYvXjC0z3yi6dYK-rHu_nq_QbSuEIy5NJYLPUImJgI75aWrof9toISX_VvNi2d7RV-C4q_MMdlcTgiYN7YwRkyhYX1UbGCH9dnc5ayZ6GphHKUbXD9PYRv_pbsQOip6amlXwUe2HqcYIKykCMJali0-Zcdo1Bw2fC3pAo0T6H9vBdeTu9ahANZKKlzZrl8JM6Pza0LBuyze7e311yZ8jkV_LWMC9TdCV8uMKE8ub8BDfh4T4cqgtqbR4-pfn4z4G-Mo2M-LiqOLXfqYC6DZdUvg9Bgmfrb5DpP-uxu6lLyCfBVKuVBq9SMARTDMF7wrn6JvWTubslMro1Fpp4cypbHeHF5JjInn3IoM2e5u1kysjH1cdCsd9D8TSJKXpedNLN-M7LAAD7sSOjtTlqCKuaePcIV7iYLVi6ypb37p23k1n5Nz09U3nXIfyyuMZmK-qvURb3SUxkmb0TInTxyJrtnZQU9WIcFkT1lUbx4Nq_Bs-CkzDAdt5TRCpJoCf8CLtK7r1LdZ1sEb__iyi8Tn_DcWbYMk4WgURe9lfsTE17e8IlRsjYISD_KZfTEJ7P_wUBKc96GDDz6gyprmIVnjRrLp4rfCVcvedBsDhzKhyTE719TdRlVeBmxTlSsJPbMjooEdBtCmbVgqfeH05qYiVT_8rairqoHdUo2Bnfnqms6GkWFmZfwZqGMGCqmS07C3ydhkLMRfWBPUmRLqDrzV7VpuTDoWlAM33FHtvKIlg1T5f8YOpZLrDn-boqVxJQIditmukN3vAXv36LDUreHpMq6lm7R9wkC8SMoB-n7Hcei3yYzVKhUJBVlgpcs6MNUk0BgvP5DAmSeEeQDNgR8tH0I7LfTTKeF6qfru50YM_RBQFA4k2goJlgWs1VwXeZCwVBVDk7qHvPQhKVSlNESeM4U-5tFXxrqxqiq2yZ_PXN5p1srA74rqFkS2rivBlOW3tfxjo5vZ0yG0psULEW_WGxtIYUxyAfPanZHyusaFfcctt6YkMbEkV9v-koQQphvrRnm-a3qCRZy7aHObIXCDePztbdigGjdb1hHwLzxoCEo3BvnPeE6lKZDsAwMuU4GSz5byaJMNLBKlNz43mmuN6FxVTNohL0NalQxaQTirsMkdbP1eizPL3nhUqwVMPQQECshNDhzRISe4ZG7TutVEhrKOjgnyy80ReDsOqtH17GANPwsWPgJ5tPpxXMNUNbXKJ2SykYESxejMxtsGAO9a8zdEK2hJlybKN4WwH8RMubPqEC8vuBLaC912Jko0fb_XIUIQOJdFh8_feV3gv7tVvC2qxDv94FQ2hI0raDsXu7JVJ7pndiJDfAgxtUCj5vOAfQ7CKCjUNIBtudeaTgk58b8UgnpvrX_a5o8hPUI&pr=60%3A0.172088&cid=CAQSMgBpAlJWma13lA7lR1xKdbDboMWeIDcKgMv-T5ma-2j8vRwLdFehHr6WuvS-A-yo1fccGAE&dv3_ver=m202307240101&rfl=http%3A%2F%2Fwww.lebanonfiles.com%2F&ds=l&xdt=1&iif=1&cor=11994052974245542000&adk=3946491188&idt=174&cac=0&dtd=35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Sep 2023 11:03:55 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Sep 2023 11:03:55 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EAA2 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BERwRk3_wD-t3c-maL_nqWkHiUd78yoQ3J0CsdQesPphR1-2kCTq6WDbTj9G-cPoUQTNCknenxJ_dVtrYMMVc1ozkZ7d747wBva0rrtLFrNNS54D2Whx61AlXmzskS1O5a_2jDGeux5HbPQ7_FFpY6CihMsQLweg5Xpkoc_cNbZ6Us0ME&dbm_d=AKAmf-AK430rST9Jl93e9oKCJTZrnV0KD9nYFOAmRgM8AgitBksWH_bLo-aKD00yH1BQijXfrdR_6a185gY_T38LZSmP12P-5JMQb2p0OsfYsQMTFDjGqDmz77IY5zn_y9R1iK_YDyIUV5kSbCkSXZE8_T42pZRcvw_7H5SS5zcrfVZBTcgIBud85Kon5xH1BMO559kKjIF95vnhP47S9FN1ASMji4YEog7Vu9KMMnGWqGPwjtwiRP1Np-IdlF2gqHVSnjFMWKStUf_wpG3DLaxaH1qTRQxqeNSlfAh8fZZKjkUL8eMx8aOChLpfL5UVTFasiY5-lX3ZZQXGgYEaF-LRveGFmjN9DHmDhHwYgc0CEe05YNIiLUFIk5NtB2Q3QoWa6q4NIZcZ1SO2aAVqa8tLUPu1hvkMvY8E97QWL_nc62kKxvK7ncnUbEAWcQmejUXadTLEsKxh5tXVuWDAGXmDiFWajiYA5e1davePBSUKHlSAwHf6BOfKmbhnBZa018OLiHq_F8gESfBI-zInxCtJdWP9tJ0-XzLEDd4QnJdoeEvaNNEiqohYCxrR1q2Jgf3JIiJ74_mX2Hq-vFWjTwtSsL0zG4itytMxHq9NnTG_3BtJYcSjLvbJ8zZA3hz4JK9cRVOEpC2kFtZfDdg3T0t3IH6DaWcuZEFT_8NDYIz2MgGWQmEaIBGQ2_Eyo7OX66v65_tY-8PiZzH93zOOqmK5OKFwYOcYX81p991dl41oquuOWRclfU2F9RrZTVow4Cgp_s2Fa_dI5d_XeNYYgaLVAiIHaIH3KH0e6bgs5ALbJLwsXG_v30BaGZG0_nOwUKWLvYxD-IAJbGCT77jFHWxKn_MVCNjPkON2A_CHOsg27-bqP-lYq9Lr6E_PIAQib4FbxwOpZnm5W35c79CMxWr3rpvzlg23fAHis2pD2y5g9ghv9z2beGh5NeMf7wXog66coXk_tvldas6aFEG5wMymhbU2she6Kkpq-RbspdUKHLO3ngD-ojdd67CFSNhS1pBtd9f8dk8kW5UhyLHX-3t7f3263qGByz7KEmt_EzuGR-5_dHGs1lcTtUsczE0890yjA7sCQKghkCQsmhRAxm2dEiGoqlDVDgZ7MFvBQ8T1R87vgA0FbBd6tdsIe60OhKyg7-57c1SCEjNtVZQZPZFE9E8MSBiygBffOkLEEF52px0cs6eKEiEoTf9_Yc_T1ybkEuaaTdpmmsTGV5w_sFYDgJKnq_65KORLnvzb8B9mjm6_ni48hf9G-g6-JUCiTxw479wC06H9TTxqhhBr4Zm1_GKKRBNNenw0IOXZ8cgy6pWNYqPR0QVBPTu0lvsBIxMMAyWKU6g0vK0fAT7ZLQDA6l7c2WhZQOsNLD2B7-wk6omamqKnaoOnU-LM0pae8YptRkktF5Haupmg3fFS2a1RL0X1XRNMgTKgPTjcjKG4yWtl9PNkmY6mlN0mrmOvs5u27gJbSC7HgwYX3P3r9uPepeGDuhpCEAxqubTDlYXwA8ZsxJcp-ZOcV8dVs1WyNBr3nOJ1Nm8rye2H-bKZMZwCHb6dojooesP3XW9eFhNPuBwcsV0UUzq_n3hKcL0ZTDUGeqssEMuZsWQ71wwJ-r-w8Bk0lO6KP_Q_0_HfeQWCkOXha4ztRErcMev4NucmmzMdT0KUZfAIGq-9BnVTX8yZqqOLVItui1pSXu8YemrszqIYu3E8XbQ4XHDHi5kqdolJBFk92d4KnXKFCp3mjLvPbo6jI49z_jb_g-3mBWkvFIS-_7uDIYLzsmOxjvw98X2xmKTgjPdvL4p6hOuCvkLNt37P2BT_nmiE7-pRylkpnGup_aR7eOEuCADLJo1A66uGrElFD9xE2SLABAtwgD1RERAdQjpsnFI1WwhuEc_J0h0RQHWC2Gy8FrCg_HYDQyZIsytVclAk41Q_xJSn3VTiTU2GtZbzmVYRMhoT3rHMrV5rn-4oVa8t77xDCnPnWFiXk3o0KkoxcxrQ__oWFNxGwMejaWWxGPffF_ERDNeM-AHAM8I0b2Ah20EAmivI7PdIB_b-q3D0QKje2g5kpUKKLaAZamPk9OZa78dTqttsDUAg-IngeZWlv-Nb-r67MC8Jc8cAc4mj8kk__XyHi9spIYPId4_D17JHo91MXf3EPd57D-HA7kO_Gtb2-kvTkW3r7tRYDL6GjecDdqIc5ZD35e45vHaO_wkDRSwSyccRrW6apAKhU1XYvULHxB0RTYPHj5KYfKltHTclnTYvXjC0z3yi6dYK-rHu_nq_QbSuEIy5NJYLPUImJgI75aWrof9toISX_VvNi2d7RV-C4q_MMdlcTgiYN7YwRkyhYX1UbGCH9dnc5ayZ6GphHKUbXD9PYRv_pbsQOip6amlXwUe2HqcYIKykCMJali0-Zcdo1Bw2fC3pAo0T6H9vBdeTu9ahANZKKlzZrl8JM6Pza0LBuyze7e311yZ8jkV_LWMC9TdCV8uMKE8ub8BDfh4T4cqgtqbR4-pfn4z4G-Mo2M-LiqOLXfqYC6DZdUvg9Bgmfrb5DpP-uxu6lLyCfBVKuVBq9SMARTDMF7wrn6JvWTubslMro1Fpp4cypbHeHF5JjInn3IoM2e5u1kysjH1cdCsd9D8TSJKXpedNLN-M7LAAD7sSOjtTlqCKuaePcIV7iYLVi6ypb37p23k1n5Nz09U3nXIfyyuMZmK-qvURb3SUxkmb0TInTxyJrtnZQU9WIcFkT1lUbx4Nq_Bs-CkzDAdt5TRCpJoCf8CLtK7r1LdZ1sEb__iyi8Tn_DcWbYMk4WgURe9lfsTE17e8IlRsjYISD_KZfTEJ7P_wUBKc96GDDz6gyprmIVnjRrLp4rfCVcvedBsDhzKhyTE719TdRlVeBmxTlSsJPbMjooEdBtCmbVgqfeH05qYiVT_8rairqoHdUo2Bnfnqms6GkWFmZfwZqGMGCqmS07C3ydhkLMRfWBPUmRLqDrzV7VpuTDoWlAM33FHtvKIlg1T5f8YOpZLrDn-boqVxJQIditmukN3vAXv36LDUreHpMq6lm7R9wkC8SMoB-n7Hcei3yYzVKhUJBVlgpcs6MNUk0BgvP5DAmSeEeQDNgR8tH0I7LfTTKeF6qfru50YM_RBQFA4k2goJlgWs1VwXeZCwVBVDk7qHvPQhKVSlNESeM4U-5tFXxrqxqiq2yZ_PXN5p1srA74rqFkS2rivBlOW3tfxjo5vZ0yG0psULEW_WGxtIYUxyAfPanZHyusaFfcctt6YkMbEkV9v-koQQphvrRnm-a3qCRZy7aHObIXCDePztbdigGjdb1hHwLzxoCEo3BvnPeE6lKZDsAwMuU4GSz5byaJMNLBKlNz43mmuN6FxVTNohL0NalQxaQTirsMkdbP1eizPL3nhUqwVMPQQECshNDhzRISe4ZG7TutVEhrKOjgnyy80ReDsOqtH17GANPwsWPgJ5tPpxXMNUNbXKJ2SykYESxejMxtsGAO9a8zdEK2hJlybKN4WwH8RMubPqEC8vuBLaC912Jko0fb_XIUIQOJdFh8_feV3gv7tVvC2qxDv94FQ2hI0raDsXu7JVJ7pndiJDfAgxtUCj5vOAfQ7CKCjUNIBtudeaTgk58b8UgnpvrX_a5o8hPUI&pr=60%3A0.172088&cid=CAQSMgBpAlJWma13lA7lR1xKdbDboMWeIDcKgMv-T5ma-2j8vRwLdFehHr6WuvS-A-yo1fccGAE&dv3_ver=m202307240101&rfl=http%3A%2F%2Fwww.lebanonfiles.com%2F&ds=l&xdt=1&iif=1&cor=11994052974245542000&adk=3946491188&idt=174&cac=0&dtd=35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 04:22:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
456087
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 26 Aug 2024 04:22:28 GMT
1626615090233789805
s0.2mdn.net/simgad/ Frame EAA2 		244 KB
244 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1626615090233789805
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15afa297399fa3b4ac5c6f0dd1991fd68b6d8fe03629e45757ceadd88d7abbc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 05:47:58 GMT
x-content-type-options
nosniff
age
537357
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249828
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 13:00:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Aug 2024 05:47:58 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4173 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjk_QgbuCSUL4L2LV2IqUaqQC2eXVfk2yzVimxO-ojH5Dp50u4qgHNiCVxFB2Dbi8-SO1tYH04FX3gLyGpUYWDI96GHjn2t1Ut8reVt7Er-Ef0Y916p7hfGxtN0EwCxp72bnebvCmCgJUa&sai=AMfl-YRNERMO70zF6QImd5xwPtpmjopYALgtwIc8sYEjtnZwPjvyjuPmB04K5ymA8Zqu7tosRVeNcV0H65PuAskjMPTJaFfIL2yjanP6bTV1s_1TMWFiHNhrMYagzP1Ii8ZXpqKp8xCisZOgDSxU&sig=Cg0ArKJSzLoNNlQg1335EAE&cid=CAQSSwBpAlJWRfv4jp58gJzl33VHF_B3qGGiist0X2AnFmsCUqxGUDKNenjzw_F0wFik7mDyPNQe0lmltuNbjW6J0bSgbZoTMS4u9M_lEhgB&id=lidar2&mcvt=1044&p=10,115,100,843&mtos=1044,1044,1044,1044,1044&tos=1044,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1915962503&rs=4&la=0&cr=0&vs=4&r=v&rst=1693566232414&rpt=1532&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2FC8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YThlMmU0ZTQ5MDMwNGVjMDhiODQ1OWVlN2Y5NGNjM2RkY2FiNDZlNQ
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YThlMmU0ZTQ5MDMwNGVjMDhiODQ1OWVlN2Y5NGNjM2RkY2FiNDZlNQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
H2
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YThlMmU0ZTQ5MDMwNGVjMDhiODQ1OWVlN2Y5NGNjM2RkY2FiNDZlNQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 2FC8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM0HLXVR-3-HH89
0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM0HLXVR-3-HH89
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: C3583F8437B4428F9B572367C6E4EE43 Ref B: FRAEDGE1715 Ref C: 2023-09-01T11:03:55Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYESh3ciAdy5tvDPhirnA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM0HLXVR-3-HH89
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2FC8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/kcRJt26R3MAYxcso2BT5yg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-lRexlktE2oL3q8PwIkglihSsfRhrdATHU0YAwA--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-lRexlktE2oL3q8PwIkglihSsfRhrdATHU0YAwA--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 01 Sep 2023 11:03:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-lRexlktE2oL3q8PwIkglihSsfRhrdATHU0YAwA--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 2FC8
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=I-TjIRvgRL6jrG-vk9sotQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=I-TjIRvgRL6jrG-vk9sotQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=I-TjIRvgRL6jrG-vk9sotQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Sep 2023 11:03:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
89Q5PBDJQAT0Z4VWFTV0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=I-TjIRvgRL6jrG-vk9sotQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2FC8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJ39f9uD43Lr5varnHPUa9I&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJ39f9uD43Lr5varnHPUa9I&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJ39f9uD43Lr5varnHPUa9I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 2FC8 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 2FC8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE0wSExYVlItMy1ISDg5
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMfU8gXIgtpBp4qSypfo5s0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE0wSExYVlItMy1ISDg5&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE0wSExYVlItMy1ISDg5&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE0wSExYVlItMy1ISDg5&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 2FC8
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Ry4RqGV1R2u91duYoMOMFQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Ry4RqGV1R2u91duYoMOMFQ
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Ry4RqGV1R2u91duYoMOMFQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Sep 2023 11:03:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
X1H0GJ62A04G76DDK4XG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Ry4RqGV1R2u91duYoMOMFQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/ Frame 6565 		404 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 06:17:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
17207
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129934
x-xss-protection
0
server
cafe
etag
17007686020673988365
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 31 Aug 2024 06:17:08 GMT
jn8Ayft4RUkWRSUiHmzWzQIdbGQvdfZKc8ohbm50um%2FSzB10uXI7D0vkeOPslwsm%2FQbsQNs0anxlHoK02CsnqXrKxSzSMQmnlN4wbEhSq40gq3uthviER1F9S06a4D4%2FcOWqtEaYc9bFKqlsCUwKds%2Fkl7CwZ22yno%2FL6M3HjBPfgIDCFZRlLzEotVG...
ad.vidverto.io/delivery/video/pod/ Frame EDDD 		39 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/video/pod/jn8Ayft4RUkWRSUiHmzWzQIdbGQvdfZKc8ohbm50um%2FSzB10uXI7D0vkeOPslwsm%2FQbsQNs0anxlHoK02CsnqXrKxSzSMQmnlN4wbEhSq40gq3uthviER1F9S06a4D4%2FcOWqtEaYc9bFKqlsCUwKds%2Fkl7CwZ22yno%2FL6M3HjBPfgIDCFZRlLzEotVGFDp2S6FaQptRoLgEI33UZv8KociRUphFonXoaD161zgldl4yAtqq8%2FHnSJFC6%2Bzs%2B7un3lZDKyKd68k4411Ea%2BCyKDj2irQKh07zFSQrV4LcuLj7J7sximZIpVGY9hHJ0EQVja7sov7IhuEojfRr6hGdNfgY1Yh4f4c1adX1OCPwSYmmCqhSKdcElQutm2GPe0v3L9704wZBOhjJxOjNZ95lSt8uvZkUcDgBwcqf7psgDD6kujmc4YzIayKyvCTZ5IQtcHvt38q9GFT7oexfqiLIc%2FaRXTjvRuzRKporiQv5LptSwy6XUm7Cu%2F%2FSWnr%2FigTnMsd%2BgPFmKI1INkztrj%2BZFSsW8%2FQqyVPAXdCQhwBcb4NxCmmr4EXLxntFzKew1%2BsPov%2FQarxm1MaOWyjGJYc08UkU0H3DUGwX9kHMR%2BrphxGM%3D?bids=%7B%7D
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d1fc0a819b52695aa13a983735a80158be26feb7f7165a186fff47b64d772295

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
http://imasdk.googleapis.com
date
Fri, 01 Sep 2023 11:03:55 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/xml;charset=UTF-8
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwww.lebanonfiles.com%2F&domain=www.lebanonfiles.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 01 Sep 2023 11:03:54 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
310420
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwww.lebanonfiles.com%2F&domain=www.lebanonfiles.com&cw=1&pbt=1&lsw=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
203483
expires
0
rid
match.adsrvr.org/track/ 		0
0
pbjs
sync.quantumdex.io/usersync/ Frame A142 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f792c997d72f15d754ddfdd292e79d2ab956d979b9eea179d83d131ed5eb572d

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7ffd078989011cab-FRA
content-encoding
gzip
content-type
text/html
date
Fri, 01 Sep 2023 11:03:55 GMT
server
cloudflare
cookie
cm.adform.net/ Frame EAC7 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Fri, 01 Sep 2023 11:03:50 GMT
server
nginx
/
spl.zeotap.com/ Frame 62EE 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1acee5ad44f4be0f7aada5a762a21c52eb60e9d563007ea0b97a216bba8e20cf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
http://www.lebanonfiles.com
cf-cache-status
DYNAMIC
cf-ray
7ffd0789dc1f5c62-FRA
content-encoding
br
content-type
text/html
date
Fri, 01 Sep 2023 11:03:55 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
d
ic.tynt.com/r/ Frame 8BC5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D%26gpp%3D%5Breplace_me%5D%26gpp_sid%3D%5Breplace_me%5D
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Fri, 01 Sep 2023 11:03:55 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
sync-all.html
adxbid.info/ Frame C15B 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ffd078a2c03bb41-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 01 Sep 2023 11:03:55 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n75r401gEggcSRABwT3qQYyzjSY6%2BJmH3H%2BwPGsbLeL%2BrTtAa5lzt9wS%2FWDB7dBDkuMv6khKgKraJBokt6SaUw7c4jKAqp3QsI5Hvjos7tZxAoybTQGfJaGqqHSjAlIVV90UHfEJWlQ9cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9720 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.168.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-168-226.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 01 Sep 2023 11:03:55 GMT
ETag
"623de86a-cf34"
Expires
Sat, 02 Sep 2023 11:03:57 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
occ
ups.analytics.yahoo.com/ups/58531/ 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=undefined
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=vidoomy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.210.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-210-119.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=0bb90bcf-07ee-4bef-ac3b-a4b7f48491f9&gdpr=0&gdpr_consent=
43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=0bb90bcf-07ee-4bef-ac3b-a4b7f48491f9&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=0bb90bcf-07ee-4bef-ac3b-a4b7f48491f9&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1059892
content-length
0
expires
Fri, 01 Sep 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=Nzg4MDYyOTQ5MjQwNzc2MDg1Mw==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=Nzg4MDYyOTQ5MjQwNzc2MDg1Mw==&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=Nzg4MDYyOTQ5MjQwNzc2MDg1Mw==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cookie
cm.adform.net/ 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:50 GMT
server
nginx
content-length
43
content-type
image/gif
setuid
a-prebid.vidoomy.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fa-prebid.vidoomy.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253Dundefined%2526uid%253D%2524UID
  • https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=6913797373196767614
86 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=6913797373196767614
Protocol
HTTP/1.1
Server
212.36.83.245 Terrassa, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb1.vdmy.dtic.es
Software
nginx /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Sep 2023 11:03:55 GMT
Server
nginx
Vary
Accept-Encoding, Origin
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
86
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
an-x-request-uuid
44c14996-4941-4bc1-b8cb-f50b815fce3f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=6913797373196767614
x-proxy-origin
193.32.248.248; 193.32.248.248; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=3375610941547449351&gdpr=0&gdpr_consent=
43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=3375610941547449351&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=3375610941547449351&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=Nzg4MDYyOTQ5MjQwNzc2MDg1Mw==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPzxmmaABqF1OwUiZkweeV0&gdpr=0&gdpr_consent=&google_cver=1
43 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPzxmmaABqF1OwUiZkweeV0&gdpr=0&gdpr_consent=&google_cver=1
Protocol
H2
Server
185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPzxmmaABqF1OwUiZkweeV0&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=undefined&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
ddos.com
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%2...
  • https://eu-u.openx.net/w/1.0/cm?cc=1&id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=5d0501f9-e3c3-0bae-10e0-969cffa7fbfd&gdpr=0&gdpr_consent=
43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=5d0501f9-e3c3-0bae-10e0-969cffa7fbfd&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Fri, 01 Sep 2023 11:03:55 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=5d0501f9-e3c3-0bae-10e0-969cffa7fbfd&gdpr=0&gdpr_consent=
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 11B4 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
456085
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 04:22:30 GMT
expires
Mon, 26 Aug 2024 04:22:30 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame EDDD 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=1~lm0hly5i&c=3471207935890&slotId=1735603967945&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tlv04s04-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/ Frame CBE9 		404 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 06:17:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
17207
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129934
x-xss-protection
0
server
cafe
etag
17007686020673988365
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 31 Aug 2024 06:17:08 GMT
getuid
ib.adnxs.com/ Frame 62EE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 62EE 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 62EE
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=ab5980be-a108-4a25-a2b4-bb48ab98ecb2&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=ab5980be-a108-4a25-a2b4-bb48ab98ecb2&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7ffd078c4f3c5c62-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Fri, 01 Sep 2023 11:03:55 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?cid=ab5980be-a108-4a25-a2b4-bb48ab98ecb2&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 62EE 		0
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 62EE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D953a2b3d-5dbd-4c11-5a79-f9fef21b859d%26reqId%3D37706181-b8c1-4e57-5017-426ec88882e0%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame 62EE 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Fri, 01 Sep 2023 11:03:55 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230021-FRA
server
nginx
x-timer
S1693566235.399947,VS0,VE8
x-fastly-to-nlb-rtt
7248
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0
u
dmp.v.fwmrm.net/ad/ Frame 62EE 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:e61:3f02:77d9:b48f:f0d0:e412 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Sep 2023 11:03:55 GMT
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 62EE 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D953a2b3d-5dbd-4c11-5a79-f9fef21b859d%26reqId%3D37706181-b8c1-4e57-5017-426ec88882e0%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 01 Sep 2023 11:03:55 GMT
content-length
0
content-type
text/html; charset=UTF-8
genericusersync.ashx
sync.tidaltv.com/ Frame 62EE 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:24:b002:d052:5c52:5326:4d26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
mw
mwzeom.zeotap.com/ Frame 62EE
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=72145796973904721492166289012063486841&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=72145796973904721492166289012063486841&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7ffd078cf8125c62-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v050-0f8dcfc1c.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
M4zUbP1qQkg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=72145796973904721492166289012063486841&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 62EE 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 62EE
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7273811592946841743&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-...
95 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7273811592946841743&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7ffd078bae735c62-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7273811592946841743&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Date
Fri, 01 Sep 2023 11:03:55 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 62EE
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=953a2b3d-5dbd-4c11-5a79-f9fef21b859d
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=953a2b3d-5dbd-4c11-5a79-f9fef21b859d
95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=953a2b3d-5dbd-4c11-5a79-f9fef21b859d
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Fri, 01 Sep 2023 11:03:55 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=953a2b3d-5dbd-4c11-5a79-f9fef21b859d
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
mw
mwzeom.zeotap.com/ Frame 62EE
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://mwzeom.zeotap.com/mw?webouuid=QsJUka5DAFDEIdePGvibEu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=QsJUka5DAFDEIdePGvibEu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7ffd078ccfc45c62-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
via
1.1 google
last-modified
Fri, 01 Sep 2023 11:03:55 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=QsJUka5DAFDEIdePGvibEu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 62EE
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=953a2b3d-5dbd-4c11-5a79-f9fef21b859d?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7ffd078c3f2d5c62-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
cache-control
no-cache
x-server
10.45.29.21
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 62EE
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-v_2Md1NE2oo2XdOpZdP7E.yxTxPIez.YYw--~A&zpartnerid=570&env=mWeb
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-v_2Md1NE2oo2XdOpZdP7E.yxTxPIez.YYw--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7ffd078c4f3e5c62-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-v_2Md1NE2oo2XdOpZdP7E.yxTxPIez.YYw--~A&zpartnerid=570&env=mWeb
date
Fri, 01 Sep 2023 11:03:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame 62EE
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=SWE&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=SWE&zdid=1361&cid=5XIzeCvVCnd9VYy1iJ1gWKBkVp6OziEi%2BS41iYitP1U%3D
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=SWE&zdid=1361&cid=5XIzeCvVCnd9VYy1iJ1gWKBkVp6OziEi%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7ffd078d588d5c62-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=SWE&zdid=1361&cid=5XIzeCvVCnd9VYy1iJ1gWKBkVp6OziEi%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 62EE 		42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame 62EE 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.14.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-14-156.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-served-by
beacon-n001-dub-prod.krxd.net
date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1693566235
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 62EE 		95 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
date
Fri, 01 Sep 2023 11:03:50 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
mw
mwzeom.zeotap.com/ Frame 62EE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZPHFGwAJwnUCQQBV&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426...
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZPHFGwAJwnUCQQBV&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:56 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7ffd078feba05c62-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-fra-eddf8230037-FRA
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1693566236.896664,VS0,VE89
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZPHFGwAJwnUCQQBV&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
v1
engine.widespace.com/map/ext/api/trackingcallback/ Frame 62EE 		0
0
usermatch.gif
beacon.krxd.net/ Frame 62EE
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec888...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
18.202.14.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-14-156.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-served-by
beacon-n007-dub-prod.krxd.net
date
Fri, 01 Sep 2023 11:03:56 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1693566236
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
date
Fri, 01 Sep 2023 11:03:55 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a015-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 62EE
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a7...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a7...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Sep 2023 11:03:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FY4E6A5R91A294DBH70N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Sep 2023 11:03:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
746GNCQ0XNQ2AWS2DX13
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 62EE 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 62EE
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=41544&puid=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b...
  • https://mwzeom.zeotap.com/mw?cid=LM0HLXVR-3-HH89&env=mWeb&zpartnerid=1770&gdpr=1
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=LM0HLXVR-3-HH89&env=mWeb&zpartnerid=1770&gdpr=1
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7ffd078d98e75c62-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=LM0HLXVR-3-HH89&env=mWeb&zpartnerid=1770&gdpr=1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
mw
mwzeom.zeotap.com/ Frame 62EE 		95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7ffd078d487d5c62-FRA
access-control-allow-headers
*
content-length
95
cmp.min.js
spl.zeotap.com/ Frame 62EE 		557 B
470 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82cece24628b41b342e64f2be9fa3d9d7ae40ab1d06c97b83ffbd28abb6d9eaf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7ffd078add8a5c62-FRA
access-control-allow-headers
*
ads
pubads.g.doubleclick.net/gampad/ Frame EDDD 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22679584040%2Flebanonfiles.com_%2Fvast_15&description_url=http%3A%2F%2Flebanonfiles.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2364875358931373&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=4132464886&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FuBaJGHmUzEbVGAG3Z3OFnQ%3A1693569833%2F1327%2Fvideo%2F1823%2F480_650.mp4&sid=44EB10F7-E60A-449F-A3F1-4A01C0953D4F&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735%2C45786216&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&dt=1693566235273&cookie=ID%3D665a0bdd65695e9b%3AT%3D1693566230%3ART%3D1693566230%3AS%3DALNI_MbxOnCpqBOJUxUsRWeV1iYR8xLRNg&gpic=UID%3D00000c94e2703003%3AT%3D1693566230%3ART%3D1693566230%3AS%3DALNI_MbHm2tplRfyPHW6D_IZakKlnjCeRg&scor=554910441541881&ged=ve4_td5_tt0_pd5_la5000_er3714.440.3715.1160_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
http://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame EDDD 		156 B
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22679584040%2Flebanonfiles.com_video_preroll&description_url=https%3A%2F%2Flebanonfiles.com&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2364875358931373&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=4132464886&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FuBaJGHmUzEbVGAG3Z3OFnQ%3A1693569833%2F1327%2Fvideo%2F1823%2F480_650.mp4&sid=44EB10F7-E60A-449F-A3F1-4A01C0953D4F&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735%2C45786216&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&dt=1693566235277&cookie=ID%3D665a0bdd65695e9b%3AT%3D1693566230%3ART%3D1693566230%3AS%3DALNI_MbxOnCpqBOJUxUsRWeV1iYR8xLRNg&gpic=UID%3D00000c94e2703003%3AT%3D1693566230%3ART%3D1693566230%3AS%3DALNI_MbHm2tplRfyPHW6D_IZakKlnjCeRg&scor=554910441541881&ged=ve4_td5_tt0_pd5_la5000_er3714.440.3715.1160_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
http://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame EDDD 		86 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C53923969%2Fivm_video%2Fivm_lebanonfiles.com_video&description_url=http%3A%2F%2Flebanonfiles.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2364875358931373&cust_params=mt_fln%3D0.8&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=4132464886&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FuBaJGHmUzEbVGAG3Z3OFnQ%3A1693569833%2F1327%2Fvideo%2F1823%2F480_650.mp4&sid=44EB10F7-E60A-449F-A3F1-4A01C0953D4F&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735%2C45786216&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&dt=1693566235280&cookie=ID%3D665a0bdd65695e9b%3AT%3D1693566230%3ART%3D1693566230%3AS%3DALNI_MbxOnCpqBOJUxUsRWeV1iYR8xLRNg&gpic=UID%3D00000c94e2703003%3AT%3D1693566230%3ART%3D1693566230%3AS%3DALNI_MbHm2tplRfyPHW6D_IZakKlnjCeRg&scor=554910441541881&ged=ve4_td5_tt0_pd5_la5000_er3714.440.3715.1160_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
61b5366d80fbc92d5a5edc500e1af1789724072f42c6dab4328cb30674ac6c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20499
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
http://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame EDDD 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22679584040%2Flebanonfiles.com_%2Fvast_07&description_url=http%3A%2F%2Flebanonfiles.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2364875358931373&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=4132464886&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FuBaJGHmUzEbVGAG3Z3OFnQ%3A1693569833%2F1327%2Fvideo%2F1823%2F480_650.mp4&sid=44EB10F7-E60A-449F-A3F1-4A01C0953D4F&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735%2C45786216&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&dt=1693566235282&cookie=ID%3D665a0bdd65695e9b%3AT%3D1693566230%3ART%3D1693566230%3AS%3DALNI_MbxOnCpqBOJUxUsRWeV1iYR8xLRNg&gpic=UID%3D00000c94e2703003%3AT%3D1693566230%3ART%3D1693566230%3AS%3DALNI_MbHm2tplRfyPHW6D_IZakKlnjCeRg&scor=554910441541881&ged=ve4_td5_tt0_pd5_la5000_er3714.440.3715.1160_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
http://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame EDDD 		99 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C53923969%2Fmt_video_NPR%2Fmt_lebanonfiles.com_video&description_url=http%3A%2F%2Flebanonfiles.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2364875358931373&cust_params=mt_fln%3D0.5&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=4132464886&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FuBaJGHmUzEbVGAG3Z3OFnQ%3A1693569833%2F1327%2Fvideo%2F1823%2F480_650.mp4&sid=44EB10F7-E60A-449F-A3F1-4A01C0953D4F&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735%2C45786216&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&dt=1693566235285&cookie=ID%3D665a0bdd65695e9b%3AT%3D1693566230%3ART%3D1693566230%3AS%3DALNI_MbxOnCpqBOJUxUsRWeV1iYR8xLRNg&gpic=UID%3D00000c94e2703003%3AT%3D1693566230%3ART%3D1693566230%3AS%3DALNI_MbHm2tplRfyPHW6D_IZakKlnjCeRg&scor=554910441541881&ged=ve4_td5_tt0_pd5_la5000_er3714.440.3715.1160_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
0275fd9c31398a6f74dae09fab0e77492e54528b23a58b5235916fcff9ef3e3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21154
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
http://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame EDDD 		156 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C53923969%2Fivm_video%2Fivm_lebanonfiles.com_video&description_url=http%3A%2F%2Flebanonfiles.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2364875358931373&cust_params=mt_fln%3D0.3&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=4132464886&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FuBaJGHmUzEbVGAG3Z3OFnQ%3A1693569833%2F1327%2Fvideo%2F1823%2F480_650.mp4&sid=44EB10F7-E60A-449F-A3F1-4A01C0953D4F&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735%2C45786216&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&dt=1693566235287&cookie=ID%3D665a0bdd65695e9b%3AT%3D1693566230%3ART%3D1693566230%3AS%3DALNI_MbxOnCpqBOJUxUsRWeV1iYR8xLRNg&gpic=UID%3D00000c94e2703003%3AT%3D1693566230%3ART%3D1693566230%3AS%3DALNI_MbHm2tplRfyPHW6D_IZakKlnjCeRg&scor=554910441541881&ged=ve4_td5_tt0_pd5_la5000_er3714.440.3715.1160_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
http://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame A142
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-e755f5a5-d945-37eb-8b12-dce486826668
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-e755f5a5-d945-37eb-8b12-dce486826668
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7ffd078d9e861cab-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-e755f5a5-d945-37eb-8b12-dce486826668
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
no-store
content-length
0
expires
0
setuid
sync.quantumdex.io/ Frame A142
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=-6564974426313112687
  • https://sync.quantumdex.io/setuid?bidder=between&uid=e3c2486d-9af6-52f4-a3c0-e8aec7312db5
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=e3c2486d-9af6-52f4-a3c0-e8aec7312db5
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7ffd078c4cd61cab-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=e3c2486d-9af6-52f4-a3c0-e8aec7312db5
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
v1
match.sharethrough.com/FGMrCMMc/ Frame A142 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.18.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-18-147.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
0.gif
id5-sync.com/i/495/ Frame A142 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 01 Sep 2023 11:03:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
/
s.ad.smaato.net/c/ Frame A142 		0
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:da00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:35 GMT
via
1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
age
20
x-cache
Hit from cloudfront
cache-control
no-cache, must-revalidate
x-amz-cf-id
pPX6hZShyUmUiQ1lK8ZqKBS3qi3CSlFXBLqkh7kScVHU5pyxuk5qXQ==
pixel
ap.lijit.com/ Frame A142 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.152 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 01 Sep 2023 11:03:55 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
setuid
sync.quantumdex.io/ Frame A142
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6913797373196767614
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6913797373196767614
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7ffd078bbc061cab-FRA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
an-x-request-uuid
8332ce36-bc38-498a-926a-95e23e9ef5f6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6913797373196767614
x-proxy-origin
193.32.248.248; 193.32.248.248; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame EAA2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuCC_NkUUsSacXDhpjVBEn1JE6p8f_h0cSvId6vZ_EnVLJabX80Bvgj8Oo4VuzQxdV-toZ3TIlAUUpX_b9EV6GAXADv-z-kfREn-M_w2Batp1r2eyyhvlV4kgDMQ9uUOgxxIuObKYpG9WgU1JSPjEae9xu2HaTOr_vptr3hXlqeX_y-F7H_zuRT84dlc0Uzu3F01Uh8jCXAnkI_429leZ0upvr_rwAyLV6VTYjv2yGw6WAKRlT0LN8xDO-umvdERqw-v8o3OrXzDXqaXWdHDIfopxsIbPT8WedCFWjZLVtZxlsMTOxVojltgbLepk_EAltf20VV3yCn5PlEhN-08Jt3_cDnfuBEwhku2GNGmLAoj137CfWyK-Phl2SlVxislwV6LGHzfYw3CFWnX7Cg-LfEiEzv17BHcfpVYSeBCrGH8w700CI2zyoh9LvXucjiDs5zj8PL4XrCGMrqxnXptzRBRKp1CyUFa-YczoeS1QlCM4pyFIGaUhOVdSveVxYfY2kv0evpnIIpK0hXgOph8v7BtL-tToqIJK_EPfmopdBvak97ebqyTyh40kJWMSWChhsvAZh2tKxLiCFtx3t6C_xD6FTl17prUHWOAuC3Q8iNCfaRmFQluaCf1T7NsgyYDBOzKxyRzVMZm2ad2NXb5Je62SHcgMDkDlnnDcGHUU-EUWdRBpP80d_l1e0WQeLCqtRi88ZmNJImPHhPwQB6OLeWi-xjst_8qI99kHijYP6i5X2ckMYABWjQF4y4qinexgnDC9UMZHy12w0vyOLzYDMD9SAedvDedDgrfjt15-PSYM9Kgw6c52KpG-Ga6q-DLPkaHmvWrM3yDsVUdeK6GoUXYF9WfiMXu4ZEwpfgYViMCXpHNWg41upohRuIX5-dLCujBKZ5Xdk4-AIZN7XBTJEMki-WCuF5S8eiOgzOXCc7LDtz0o4XWwHdscHLXSSELtnZOht9o0HQkxf7v88IMctw34FYnFAMbcS3O0rlkEEirWGH3wUtom8oMdX0fMF7m3kqR6m-K2oexpXL3DYW6BdZ5FwY36U20sdbnrizOwBJnDHXdFQCNsG3cTC0SYls4vS1GPDFnV1fKnkMLtieBoyOkwZoEuXgqYA9eVa7hdUHSUFTogd978PlGxa-L-a6vBenJp2vuMa21wIdR2J-jMg0L1Eothp8U-IxwxeCd_nmrIsV8KYw70wIIVpw_Yq0nzDKjrCCeFhGAczvvLfReWBRn7cPoW30J9FNUXkLbe8vdTBDfZw8OHWLOMoLN3TQ28zOav2IlvpMXcPstqxQVDHPgKCRWapA-3gxOJvZxwRdqeAn-8oN6n6VfpaBS3c0hCSfp3CddHdnGlDl_uSkgezagVlDqNXWTTeKAlfu0MW6fDiT&sai=AMfl-YT9tcI1VvSE5UJtxDGjjZai-GOaFGCNQd2OulU-ctp4PYKBDazX58NGdVEGBI5FYFjyJYNXbuyw0Pb84jtoGtXmkzGgriddFeFD-_uL2cBluWvpG2HwI79xr1qGZVze0Zf6WVK3Px7owpsJdADuGzzo-vmevKZuXkLLb1YE2mcT25bku5bjh_VEb9BuH6zNsLnvSO2LSZi2NGZwiMiA_f8nS_MdoczZMnRiTNuTbt38xVwwNr7_Pl6MDZCWfIVoeo59ynz2EyzMSW5bdjw&sig=Cg0ArKJSzA6k9PBugz93EAE&uach_m=[UACH]&pr=60:0.172088&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=322&vt=11&dtpt=320&dett=2&cstd=0&cisv=r20230830.33738&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BERwRk3_wD-t3c-maL_nqWkHiUd78yoQ3J0CsdQesPphR1-2kCTq6WDbTj9G-cPoUQTNCknenxJ_dVtrYMMVc1ozkZ7d747wBva0rrtLFrNNS54D2Whx61AlXmzskS1O5a_2jDGeux5HbPQ7_FFpY6CihMsQLweg5Xpkoc_cNbZ6Us0ME&dbm_d=AKAmf-AK430rST9Jl93e9oKCJTZrnV0KD9nYFOAmRgM8AgitBksWH_bLo-aKD00yH1BQijXfrdR_6a185gY_T38LZSmP12P-5JMQb2p0OsfYsQMTFDjGqDmz77IY5zn_y9R1iK_YDyIUV5kSbCkSXZE8_T42pZRcvw_7H5SS5zcrfVZBTcgIBud85Kon5xH1BMO559kKjIF95vnhP47S9FN1ASMji4YEog7Vu9KMMnGWqGPwjtwiRP1Np-IdlF2gqHVSnjFMWKStUf_wpG3DLaxaH1qTRQxqeNSlfAh8fZZKjkUL8eMx8aOChLpfL5UVTFasiY5-lX3ZZQXGgYEaF-LRveGFmjN9DHmDhHwYgc0CEe05YNIiLUFIk5NtB2Q3QoWa6q4NIZcZ1SO2aAVqa8tLUPu1hvkMvY8E97QWL_nc62kKxvK7ncnUbEAWcQmejUXadTLEsKxh5tXVuWDAGXmDiFWajiYA5e1davePBSUKHlSAwHf6BOfKmbhnBZa018OLiHq_F8gESfBI-zInxCtJdWP9tJ0-XzLEDd4QnJdoeEvaNNEiqohYCxrR1q2Jgf3JIiJ74_mX2Hq-vFWjTwtSsL0zG4itytMxHq9NnTG_3BtJYcSjLvbJ8zZA3hz4JK9cRVOEpC2kFtZfDdg3T0t3IH6DaWcuZEFT_8NDYIz2MgGWQmEaIBGQ2_Eyo7OX66v65_tY-8PiZzH93zOOqmK5OKFwYOcYX81p991dl41oquuOWRclfU2F9RrZTVow4Cgp_s2Fa_dI5d_XeNYYgaLVAiIHaIH3KH0e6bgs5ALbJLwsXG_v30BaGZG0_nOwUKWLvYxD-IAJbGCT77jFHWxKn_MVCNjPkON2A_CHOsg27-bqP-lYq9Lr6E_PIAQib4FbxwOpZnm5W35c79CMxWr3rpvzlg23fAHis2pD2y5g9ghv9z2beGh5NeMf7wXog66coXk_tvldas6aFEG5wMymhbU2she6Kkpq-RbspdUKHLO3ngD-ojdd67CFSNhS1pBtd9f8dk8kW5UhyLHX-3t7f3263qGByz7KEmt_EzuGR-5_dHGs1lcTtUsczE0890yjA7sCQKghkCQsmhRAxm2dEiGoqlDVDgZ7MFvBQ8T1R87vgA0FbBd6tdsIe60OhKyg7-57c1SCEjNtVZQZPZFE9E8MSBiygBffOkLEEF52px0cs6eKEiEoTf9_Yc_T1ybkEuaaTdpmmsTGV5w_sFYDgJKnq_65KORLnvzb8B9mjm6_ni48hf9G-g6-JUCiTxw479wC06H9TTxqhhBr4Zm1_GKKRBNNenw0IOXZ8cgy6pWNYqPR0QVBPTu0lvsBIxMMAyWKU6g0vK0fAT7ZLQDA6l7c2WhZQOsNLD2B7-wk6omamqKnaoOnU-LM0pae8YptRkktF5Haupmg3fFS2a1RL0X1XRNMgTKgPTjcjKG4yWtl9PNkmY6mlN0mrmOvs5u27gJbSC7HgwYX3P3r9uPepeGDuhpCEAxqubTDlYXwA8ZsxJcp-ZOcV8dVs1WyNBr3nOJ1Nm8rye2H-bKZMZwCHb6dojooesP3XW9eFhNPuBwcsV0UUzq_n3hKcL0ZTDUGeqssEMuZsWQ71wwJ-r-w8Bk0lO6KP_Q_0_HfeQWCkOXha4ztRErcMev4NucmmzMdT0KUZfAIGq-9BnVTX8yZqqOLVItui1pSXu8YemrszqIYu3E8XbQ4XHDHi5kqdolJBFk92d4KnXKFCp3mjLvPbo6jI49z_jb_g-3mBWkvFIS-_7uDIYLzsmOxjvw98X2xmKTgjPdvL4p6hOuCvkLNt37P2BT_nmiE7-pRylkpnGup_aR7eOEuCADLJo1A66uGrElFD9xE2SLABAtwgD1RERAdQjpsnFI1WwhuEc_J0h0RQHWC2Gy8FrCg_HYDQyZIsytVclAk41Q_xJSn3VTiTU2GtZbzmVYRMhoT3rHMrV5rn-4oVa8t77xDCnPnWFiXk3o0KkoxcxrQ__oWFNxGwMejaWWxGPffF_ERDNeM-AHAM8I0b2Ah20EAmivI7PdIB_b-q3D0QKje2g5kpUKKLaAZamPk9OZa78dTqttsDUAg-IngeZWlv-Nb-r67MC8Jc8cAc4mj8kk__XyHi9spIYPId4_D17JHo91MXf3EPd57D-HA7kO_Gtb2-kvTkW3r7tRYDL6GjecDdqIc5ZD35e45vHaO_wkDRSwSyccRrW6apAKhU1XYvULHxB0RTYPHj5KYfKltHTclnTYvXjC0z3yi6dYK-rHu_nq_QbSuEIy5NJYLPUImJgI75aWrof9toISX_VvNi2d7RV-C4q_MMdlcTgiYN7YwRkyhYX1UbGCH9dnc5ayZ6GphHKUbXD9PYRv_pbsQOip6amlXwUe2HqcYIKykCMJali0-Zcdo1Bw2fC3pAo0T6H9vBdeTu9ahANZKKlzZrl8JM6Pza0LBuyze7e311yZ8jkV_LWMC9TdCV8uMKE8ub8BDfh4T4cqgtqbR4-pfn4z4G-Mo2M-LiqOLXfqYC6DZdUvg9Bgmfrb5DpP-uxu6lLyCfBVKuVBq9SMARTDMF7wrn6JvWTubslMro1Fpp4cypbHeHF5JjInn3IoM2e5u1kysjH1cdCsd9D8TSJKXpedNLN-M7LAAD7sSOjtTlqCKuaePcIV7iYLVi6ypb37p23k1n5Nz09U3nXIfyyuMZmK-qvURb3SUxkmb0TInTxyJrtnZQU9WIcFkT1lUbx4Nq_Bs-CkzDAdt5TRCpJoCf8CLtK7r1LdZ1sEb__iyi8Tn_DcWbYMk4WgURe9lfsTE17e8IlRsjYISD_KZfTEJ7P_wUBKc96GDDz6gyprmIVnjRrLp4rfCVcvedBsDhzKhyTE719TdRlVeBmxTlSsJPbMjooEdBtCmbVgqfeH05qYiVT_8rairqoHdUo2Bnfnqms6GkWFmZfwZqGMGCqmS07C3ydhkLMRfWBPUmRLqDrzV7VpuTDoWlAM33FHtvKIlg1T5f8YOpZLrDn-boqVxJQIditmukN3vAXv36LDUreHpMq6lm7R9wkC8SMoB-n7Hcei3yYzVKhUJBVlgpcs6MNUk0BgvP5DAmSeEeQDNgR8tH0I7LfTTKeF6qfru50YM_RBQFA4k2goJlgWs1VwXeZCwVBVDk7qHvPQhKVSlNESeM4U-5tFXxrqxqiq2yZ_PXN5p1srA74rqFkS2rivBlOW3tfxjo5vZ0yG0psULEW_WGxtIYUxyAfPanZHyusaFfcctt6YkMbEkV9v-koQQphvrRnm-a3qCRZy7aHObIXCDePztbdigGjdb1hHwLzxoCEo3BvnPeE6lKZDsAwMuU4GSz5byaJMNLBKlNz43mmuN6FxVTNohL0NalQxaQTirsMkdbP1eizPL3nhUqwVMPQQECshNDhzRISe4ZG7TutVEhrKOjgnyy80ReDsOqtH17GANPwsWPgJ5tPpxXMNUNbXKJ2SykYESxejMxtsGAO9a8zdEK2hJlybKN4WwH8RMubPqEC8vuBLaC912Jko0fb_XIUIQOJdFh8_feV3gv7tVvC2qxDv94FQ2hI0raDsXu7JVJ7pndiJDfAgxtUCj5vOAfQ7CKCjUNIBtudeaTgk58b8UgnpvrX_a5o8hPUI&pr=60%3A0.172088&cid=CAQSMgBpAlJWma13lA7lR1xKdbDboMWeIDcKgMv-T5ma-2j8vRwLdFehHr6WuvS-A-yo1fccGAE&dv3_ver=m202307240101&rfl=http%3A%2F%2Fwww.lebanonfiles.com%2F&ds=l&xdt=1&iif=1&cor=11994052974245542000&adk=3946491188&idt=174&cac=0&dtd=35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Sep 2023 11:03:55 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 6565 		61 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=333115261010236&correlator=4161882214518756&eid=31076398&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=21894097782%2CLfiles_AgoraPB_970x90(3)&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=1&didk=2879619547&sfv=1-0-40&eri=4&sc=0&cookie=ID%3D665a0bdd65695e9b%3AT%3D1693566230%3ART%3D1693566230%3AS%3DALNI_MbxOnCpqBOJUxUsRWeV1iYR8xLRNg&cdm=www.lebanonfiles.com&gpic=UID%3D00000c94e2703003%3AT%3D1693566230%3ART%3D1693566230%3AS%3DALNI_MbHm2tplRfyPHW6D_IZakKlnjCeRg&abxe=1&dt=1693566235378&adxs=315&adys=5768&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=jbcxm8izw6s&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&bc=23&nvt=1&nhd=2&url=lebanonfiles.com&loc=http%3A%2F%2Fwww.lebanonfiles.com%2F&top=www.lebanonfiles.com&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=514337933.1693566231&ga_sid=1693566235&ga_hid=751923637&ga_fc=true&dlt=1693566233492&idt=1847&adks=3538406259&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a5731c7ae45c851f611eb368487935d40317bbfb174378c3c0e659d34d1218d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24067
x-xss-protection
0
google-lineitem-id
5436026142
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138420588006
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6565 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308240101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83d806c88d8b26b6d03bf78c810da51a82e5c018a4cd4b332dd51696ec48490a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11823
x-xss-protection
0
container.html
c34d8e1ae512c01cdaf6d8af50b8937d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 09FB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c34d8e1ae512c01cdaf6d8af50b8937d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 11:03:55 GMT
expires
Sat, 31 Aug 2024 11:03:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 2437 		0
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
44.193.104.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-104-224.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://sync.quantumdex.io/
content-length
0
content-type
text/html
date
Fri, 01 Sep 2023 11:03:55 GMT
server
istio-envoy
x-envoy-upstream-service-time
1
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
usermatch
ssum-sec.casalemedia.com/ Frame D29F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
799 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa5086dbe06cda16510b76fed86660bba2625a234d4f9e744579f15617ef72f

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7ffd078c2d8aaca1-TXL
content-encoding
br
content-type
text/html
date
Fri, 01 Sep 2023 11:03:55 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfFOrUF70z9FHSN2ECmadDVgvEIOfpMV5CRl2SSqdIYtjv3foNB1ZthyZqORJDfA6bC8UjL6lN9t7HvdReCv3VG%2BALuqhKw4QoNr0E%2Br6Od%2FfXIAWnJp0cI%2Fhm6x19mwHRMiCmPo5agV1g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7ffd078b7c65aca1-TXL
content-length
0
date
Fri, 01 Sep 2023 11:03:55 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7jg1jDBBnkFL5tzqn%2F6lkJ6v1wQG4PTV%2FTo%2FPPt7zwPw54DXt6HMrYb%2BtkMK69EyqXrNokAntauG7yWdU4i51xTJkccyq4f0xH7yjfU9RhdmR9BJxZoFXpitgna4NZl%2B%2B1yxT3%2Fo2vQ9A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 0DA3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
setuid
sync.quantumdex.io/ Frame 545A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7ffd078c6d031cab-FRA
content-length
43
content-type
image/gif
date
Fri, 01 Sep 2023 11:03:55 GMT
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Fri, 01 Sep 2023 11:03:55 GMT
etag
OPTOUT
expires
0
location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
pragma
no-cache
sync
eb2.3lift.com/ Frame 1735
Redirect Chain
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
ec03d1a75f43b5c273016b00dfcaa3f5a318527652d67e00e0d6734338fa8bbe

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1279
content-type
text/html; charset=utf-8
date
Fri, 01 Sep 2023 11:03:55 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 01 Sep 2023 11:03:55 GMT
location
/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3423 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=41430
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 01 Sep 2023 11:03:55 GMT
expires
Fri, 01 Sep 2023 22:34:25 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 9720 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
an-x-request-uuid
e11d2a1d-9c2e-42cb-b835-7fed0940a2be
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
193.32.248.248; 193.32.248.248; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
eb2.3lift.com/ Frame C15B 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
pagead2.googlesyndication.com/bg/ Frame 11B4 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
246310
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14793
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Aug 2024 14:38:45 GMT
action
www8.smartadserver.com/track/ Frame CA8A 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www8.smartadserver.com/track/action?sid=1693566233978&pid=1728294&iid=11456041&fmtid=89191&cid=0&key=impressions1px&rtb=1&rtbbid=7696366872200749585&rtbet=0&rtblt=638291630314350816&rtbnid=2079&rtbh=544086c9ff3a44ab12ff9c965a5829b04f5bd5e8&ts=1693566233978
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
transfer-encoding
chunked
content-type
image/gif
action
www8.smartadserver.com/track/ Frame CA8A 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www8.smartadserver.com/track/action?sid=1693566233978&pid=1728294&iid=11456041&fmtid=89191&cid=0&key=viewcount&rtb=1&rtbbid=7696366872200749585&rtbet=0&rtblt=638291630314350816&rtbnid=2079&rtbh=544086c9ff3a44ab12ff9c965a5829b04f5bd5e8&ts=1693566233978
Requested by
Host: 507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
URL: https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
transfer-encoding
chunked
content-type
image/gif
csi
csi.gstatic.com/ Frame B301 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=2~lm0hlx5t&c=6207152677963&slotId=3103576338981.5&qqid=CITp4-yhiYEDFb1YHQkdmaYNog&umsem=0&ape=1&ple=1&met.4=vfl.lm0hlxq9~vil.lm0hlxqj
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/ee251732ce1223ff2922bd9f5a6f375b.js?tag=video_mra/web_raspberry_ms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tlv04s04-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		356 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9f0196a37642b04ecaf289a2772042f8d51629c622b87a35b8876315c89f8ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125514
x-xss-protection
0
expires
Fri, 01 Sep 2023 11:03:55 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame CBE9 		37 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1340710480238468&correlator=2106489044527395&eid=31075592&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=21894097782%2CLfiles_AgoraPB_300x250(2)_Desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&didk=2879619547&sfv=1-0-40&eri=4&sc=0&cookie=ID%3D665a0bdd65695e9b%3AT%3D1693566230%3ART%3D1693566230%3AS%3DALNI_MbxOnCpqBOJUxUsRWeV1iYR8xLRNg&cdm=www.lebanonfiles.com&gpic=UID%3D00000c94e2703003%3AT%3D1693566230%3ART%3D1693566230%3AS%3DALNI_MbHm2tplRfyPHW6D_IZakKlnjCeRg&abxe=1&dt=1693566235527&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9zts3mx53rz6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&bc=23&nvt=1&nhd=2&url=lebanonfiles.com&loc=http%3A%2F%2Fwww.lebanonfiles.com%2F&top=www.lebanonfiles.com&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=514337933.1693566231&ga_sid=1693566236&ga_hid=137796368&ga_fc=true&dlt=1693566233502&idt=1995&adks=495412103&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c31415cc249dfae9d5f351225ec858c49518464cbfbce6fec3d1428627da7fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15625
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame CBE9 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308240101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37b816ab9205d7d5d3feb60625d45792c40a1f895344a5f24bbb31df5cd2ea2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11775
x-xss-protection
0
container.html
cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E595 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 11:03:55 GMT
expires
Sat, 31 Aug 2024 11:03:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6565 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Sep 2023 11:03:55 GMT
setuid
user-sync.adxpremium.services/ Frame C15B
Redirect Chain
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=ed8f39ebc1dd63af53b15e4529903236867b9622442926dc6c70a2a6c300f747
86 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=ed8f39ebc1dd63af53b15e4529903236867b9622442926dc6c70a2a6c300f747
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:56 GMT
content-length
86
content-type
image/png

Redirect headers

Location
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=ed8f39ebc1dd63af53b15e4529903236867b9622442926dc6c70a2a6c300f747
Pragma
no-cache
Date
Fri, 01 Sep 2023 11:03:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 3423 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6187577&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
204e5904763b3e2c69360354c116945cc848d0b976490f24f2e57819ed8428dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 01 Sep 2023 11:03:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generic
match.adsrvr.org/track/cmf/ Frame 1735 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ebda
eb2.3lift.com/ Frame 1735
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjkwOTk1MDg5ODg1OTExMjg0MDM5
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 1735
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJgSYn--94qqsZi8ovpCotw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJgSYn--94qqsZi8ovpCotw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJgSYn--94qqsZi8ovpCotw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1735
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjkwOTk1MDg5ODg1OTExMjg0MDM5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjkwOTk1MDg5ODg1OTExMjg0MDM5
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjkwOTk1MDg5ODg1OTExMjg0MDM5
date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 1735 		0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=690995089885911284039&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 40088C3C23A04502BBAAC57B6764D3E7 Ref B: FRAEDGE1715 Ref C: 2023-09-01T11:03:55Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYESh3iDABsmDTnGHA9pA==
sync
x.bidswitch.net/ Frame 1735
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=690995089885911284039&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=690995089885911284039&gdpr=0&gdpr_consent=
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=${BSW_USER_UD}&bsw_param=0e6106d9-cb1a-488f-8355-e1be61655f1d&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=0e6106d9-cb1a-488f-8355-e1be61655f1d
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=0e6106d9-cb1a-488f-8355-e1be61655f1d
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
18.185.210.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-210-119.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=0e6106d9-cb1a-488f-8355-e1be61655f1d
date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
xuid
eb2.3lift.com/ Frame 1735
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/690995089885911284039?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-ujze11JE2oQodrfsJCXClhEoGVQgLPtez7NID7D7Hw--~A&dongle=0883
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-ujze11JE2oQodrfsJCXClhEoGVQgLPtez7NID7D7Hw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

date
Fri, 01 Sep 2023 11:03:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-ujze11JE2oQodrfsJCXClhEoGVQgLPtez7NID7D7Hw--~A&dongle=0883
content-length
0
c.gif
c.bing.com/ Frame 1735 		42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=690995089885911284039&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
last-modified
Wed, 30 Aug 2023 19:01:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E178AA5F722546ADAC18F4FD8D9BE26E Ref B: FRAEDGE1415 Ref C: 2023-09-01T11:03:55Z
etag
"8d59566974dbd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 1735
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=0bb90bcf-07ee-4bef-ac3b-a4b7f48491f9&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=0bb90bcf-07ee-4bef-ac3b-a4b7f48491f9&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:54 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=0bb90bcf-07ee-4bef-ac3b-a4b7f48491f9&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
698428
content-length
0
expires
Fri, 01 Sep 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 1735
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6913797373196767614&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=6913797373196767614&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
an-x-request-uuid
758bb7db-e79b-4144-9cf4-17aa406e2a90
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=6913797373196767614&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
193.32.248.248; 193.32.248.248; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame D29F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPHFGz0IGCvxrvg0RKIHOQAADK0AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBvqywSJ3gwv961sx1xy7Gc&google_cver=1
43 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBvqywSJ3gwv961sx1xy7Gc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WD5AcGL1qhTKJolchW9ImUmpxVbd6j18NarxO3QdXnqOysJk%2BgeEF7E%2BdakeZ5acPye2DShrlp7rMgy8PCke%2BdkzFQSqi8wKmFTs%2B40U7YG8yAsuYkIiqZuzwk3KN00a9drHtfvY1wrgDg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7ffd078d8cf42681-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBvqywSJ3gwv961sx1xy7Gc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame D29F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame D29F 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPHFGz0IGCvxrvg0RKIHOQAADK0AAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Sep 2023 11:03:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R64ASGFKD7RASYJ2R6H4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D29F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZPHFGz0IGCvxrvg0RKIHOQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE_pPrCVCSzw1rWdKSzVZz0&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE_pPrCVCSzw1rWdKSzVZz0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4WLk49a3D2EJ4S1tFrOU51FuNQqEpbGOS2y3nbdiAP6wNvof9ErhO9PO7xo6O8qgLB26tRHvr4YrgjkKbeNgVSRlOywKscAqfPoZRIN2%2BbCfKwTT%2BNALWzSivgtuRE1mhzOMQkRnThBAA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7ffd078e8ec02681-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE_pPrCVCSzw1rWdKSzVZz0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame D29F
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1693652635
43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1693652635
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FV0uYKbCtkYxhXMVAa8HAXT5GzQQ7of56MukQGIjv89ITVroi3yAUC0nbpHqVvRYTNo3BsL6hF5jBiZssmce8sGg2q95KcUz%2BszLDolEXsI5VLoygzieecOW4scYWTE2PuSRS3hM"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7ffd078e7986aca1-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1693652635
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
sync
x.bidswitch.net/ Frame D29F 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.210.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-210-119.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame D29F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=TzQf0P2KVUdxXR8QejjcL8Eg-Pg
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=TzQf0P2KVUdxXR8QejjcL8Eg-Pg
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRGsmgS7Y14Dk4VlUug6BlT0CKTH3d9nRBMU5Oxf12rxxuc%2B%2BYKFBGzDscgApP%2BgU5zGdXTssvmF3Pxl45xsck4lu0LwV93Jlu3vqC%2FGi9GYQvI%2BYXnYqXM5GpFOtuyOd6A2anVQ%2FBS%2Ftg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7ffd0790ab342681-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=TzQf0P2KVUdxXR8QejjcL8Eg-Pg
Date
Fri, 01 Sep 2023 11:03:56 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame D29F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7061777754893075511
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7061777754893075511
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1DQVC%2F9fu5MhOR2XNYD%2BgqnjsWMbyUWobcKSApmUpg5D8l0ETU%2FKUJXepOpsP0FZDM5R1S1tWL97aRm59h450deEgq1B%2FsotMW36tdiLcTFZR7BucJfJPziZ3t76CpuM0Rg%2Bc0rjYO6Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7ffd078e3e312681-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7061777754893075511
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
setuid
sync.quantumdex.io/ Frame D29F 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=ZPHFGz0IGCvxrvg0RKIHOQAADK0AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7ffd078cfdc81cab-FRA
content-length
43
content-type
image/gif
Pug
simage2.pubmatic.com/AdServer/ Frame 1A6A
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 01 Sep 2023 11:03:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 11:03:55 GMT
expires
Fri, 01 Sep 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
562296
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 1026 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0181DC67-EB40-4A05-A565-44BE2E17BD8B&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 01 Sep 2023 11:03:55 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
AS15WAZ8PE7MHYG4RBYR
Pug
image2.pubmatic.com/AdServer/ Frame 0D2D
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=am8-pT9uafZxOTvwOj11oW5tbPFxYj6lPj_aaM7n
42 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=am8-pT9uafZxOTvwOj11oW5tbPFxYj6lPj_aaM7n
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 01 Sep 2023 11:03:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 01 Sep 2023 11:03:55 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=am8-pT9uafZxOTvwOj11oW5tbPFxYj6lPj_aaM7n
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
setuid
sync.quantumdex.io/ Frame 9F97 		43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=0181DC67-EB40-4A05-A565-44BE2E17BD8B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7ffd078d0de31cab-FRA
content-length
43
content-type
image/gif
date
Fri, 01 Sep 2023 11:03:55 GMT
server
cloudflare
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3423
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AYHcZ-tASgWlZUS-Lhe9iw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=41430
accept-ranges
bytes
content-length
5606
expires
Fri, 01 Sep 2023 22:34:25 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 3423 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0181DC67-EB40-4A05-A565-44BE2E17BD8B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.174.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-174-162.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.1.220
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 3423
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=0181DC67-EB40-4A05-A565-44BE2E17BD8B
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=0181DC67-EB40-4A05-A565-44BE2E17BD8B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H3
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
via
1.1 google
last-modified
Fri, 01 Sep 2023 11:03:56 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=0181DC67-EB40-4A05-A565-44BE2E17BD8B
date
Fri, 01 Sep 2023 11:03:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 3423
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=0181DC67-EB40-4A05-A565-44BE2E17BD8B
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OTBla2ItMS13bWVTUW1xQ0Z2VHpsYXowZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=3375610941547449351&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Server
54.147.123.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-123-103.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:04:02 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 01 Sep 2023 11:03:59 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 3423
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDE4MURDNjctRUI0MC00QTA1LUE1NjUtNDRCRTJFMTdCRDhC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3423
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAFDW_I0UzM5UUSUpm5oMvw&google_cver=1
42 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAFDW_I0UzM5UUSUpm5oMvw&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAFDW_I0UzM5UUSUpm5oMvw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 3423 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 31 Aug 2023 11:03:55 GMT
generic
match.adsrvr.org/track/cmf/ Frame 3423 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 3423
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3375610941547449351
42 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3375610941547449351
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 01 Sep 2023 11:03:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3375610941547449351
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
0181DC67-EB40-4A05-A565-44BE2E17BD8B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3423 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/0181DC67-EB40-4A05-A565-44BE2E17BD8B?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:94c2:7e1f:39b:9367 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame 3423 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0181DC67-EB40-4A05-A565-44BE2E17BD8B&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
csi
csi.gstatic.com/ Frame EDDD 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=2~lm0hlyc1&c=3471207935890&slotId=1735603967945&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735%2C45786216&vast_v=4.0
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tlv04s04-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame EDDD 		42 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
csi
csi.gstatic.com/ Frame EDDD 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=3~lm0hlyrs&c=3471207935890&slotId=1735603967945&faa=1
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tlv04s04-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame EDDD 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0738 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1642
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 10:36:33 GMT
expires
Sat, 31 Aug 2024 10:36:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EBB5 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fb17c7b554cedaf29230a3bcc3a19623fc43cc108a9dd224fa0ed431e572eb26
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Tf8Ay1UaeHR2_zfS3rfmhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-Tf8Ay1UaeHR2_zfS3rfmhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 11:03:55 GMT
expires
Fri, 01 Sep 2023 11:03:55 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CBE9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Sep 2023 11:03:55 GMT
bridge3.587.0_en.html
imasdk.googleapis.com/js/core/ Frame 83EF 		720 KB
232 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ecda44a108d559f69ea5d0687a080fee360eb8ffd118aee7783edc269cd4c5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
314140
Cache-Control
public, max-age=31536000
Content-Encoding
gzip
Content-Length
236429
Content-Type
text/html
Cross-Origin-Opener-Policy
same-origin; report-to="ads-doubleclick-instream-static"
Cross-Origin-Resource-Policy
cross-origin
Date
Mon, 28 Aug 2023 19:48:15 GMT
Expires
Tue, 27 Aug 2024 19:48:15 GMT
Last-Modified
Mon, 28 Aug 2023 19:39:24 GMT
Report-To
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Server
sffe
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D8F4 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 10:17:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2777
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 01 Sep 2023 11:17:38 GMT
container.html
cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F300 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 11:03:55 GMT
expires
Sat, 31 Aug 2024 11:03:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
ad.vidverto.io/vidverto/test/ Frame EDDD 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
csi
csi.gstatic.com/ Frame EDDD 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=4~lm0hlyrx&c=3471207935890&slotId=1735603967945&fas=1&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1&ytext_viu=1&ytext_hd=0&ytext_vi=a5Z3jCHiUMw&hghme=1
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4002:806::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame EDDD 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=5~lm0hlywq&c=3471207935890&slotId=1735603967945&met.4=ghmsh_s.lm0hlyx3~ghmsh_s.lm0hlyx5~ghmsh_s.lm0hlyx5&ghmsh_hd=1&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=-lDuXMdhG6NsLmuT
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4002:806::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame EDDD 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:55 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
csi
csi.gstatic.com/ Frame EDDD 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=6~lm0hlyyo&c=3471207935890&slotId=1735603967945&ytext_vi=5OYSVe7VGYc
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4002:806::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dr
as.ad4m.at/ad/ Frame DF03 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hp087sqahtfe3cv85xgpjx6tfz90dadm44c5vn1252p416ptxcbqhcbepp0e4w8kgzpkq5pa4vq3mjmxhw13zh9kn1gycmmdys70xcw4shqry26cvek1p9np4vch838erjpzs89cy9503h0388417pr6x51n6pnmhkbzwjm5mvk7xag1v06qjc5pmyq76g621qr5gp9skq9xypf8y72b8np400r21gd6wd915g3gyhjfy4ek2bj0r1ajvfe00avx48yr7c4pdd6q88n5sf5ppvz86s5x7znxhkwq22430ajw6d2f13sbgwv84rtqf368w1fvxngs2ye8merxrjw2vxh1czgs1jxg2dyah9pmbyk7gwqne3m5v9mh1hq3ky7x4p1n0xez65h5za018ppsr754bwmbfh1d92kmaf2v8a44sx79a5jc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRYYvG8XxZOv9I-qJ9fgP1K68gAOQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NzQ1NTkzOTQ1NjA4MjAyyAEJqQJTB1TmjjGyPuACAKgDAcgDAqoEngJP0GWJM0qfjVb0z5-owycBjjBBriK-AyOzUDgtL39HSZcuk9VIeNIJh2HPLOen3_-EChJO9uktMOAjDHcIoGfq_Wkwzy0eSbawjLIjvDziReG7vqC90cHx8wpIpbNE5Qo-j5OAylseYfPSW1zytis6NC6XpNAsPIJIUV7kFIlrNFN1RCVRRexf_aUIxqeWGaI1ypeXZdVZSOUN3xK7csXEBSTpXixRQ-Xmlx524_m_UA5dUAPPjIdppLv42fM__aHCqeRLXLBaIq1uyq-9RKmUY-ULY2qZox35uDWijOorXnBI-TVpBEHOntc7FOH7AlM7o7f-CSmgLLVEMqFcsTZCwOdBOMLHCfhgfA3TefQYsEoOqVZtN4DjJ-CfOBz34AQBgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1NU2TL0eVsj6idZy8bUHJkct6-NQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Requested by
Host: cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
URL: https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92c74ac042d0a4004c726f12f20be6d94e11ad8067dbaea8d62e99ad8c2b9c6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ffd07906e4c1c20-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 11:03:56 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame F300 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
URL: https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 07:52:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
11490
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Sep 2023 07:52:26 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BE86 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
URL: https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
7629
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 08:56:47 GMT
etag
48472445140208031
expires
Sat, 02 Sep 2023 08:56:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame F300 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
URL: https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
76177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 13:54:19 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F300 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
URL: https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 07:32:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
444663
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 26 Aug 2024 07:32:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F300 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
URL: https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 11:03:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 07B1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvp7g5RVQCHjSFYdNGRziG83o2kdsDNAVpeOQTTfjJCyRy94HgeSW7t11xBaJjhogTvUncQEQLnqmKpzDPanobRnlEyJ4Gv7yc9CZgsLB0jccbH22OYnTIVZAkjPhCV5_k8iWy-1k_bChDdT1ceiLe2_HdCeLkUrh0MBrb7vBvzYnVqFSZPHn1YmurJG1RoHkE2eVg8QDFNi2bbjfoHUR9Ju6K5wI_OShkyOE8TW_IoBGpXCLZf9ou-1wmEyvi63ipMgz1Zv5IB18WqU-nxRButTMI-dOgWkIxDJGvQWXASei9bOEgpEB8fnZ8XReu8GI-FyKPQmLYfbC2H6w6Kp4MYNjA&sai=AMfl-YRArW3zGFvaIUCIG7JOdrSOWtEXk5pcctoAFPxrKMMYdPDQZdpVropunJCtwUyTezoRyqhHh-waQ1RzWM9j-yP7gYq_sAtyXsOfHjYzoMlXTWdBWIMfWQR1vQFSbw&sig=Cg0ArKJSzCjtVm9lelgSEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame 07B1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
76177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9067
x-xss-protection
0
server
cafe
etag
16184311534176170479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 13:54:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 07B1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 07:52:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
11490
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Sep 2023 07:52:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 07B1 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 11:03:56 GMT
6715560556445682455
tpc.googlesyndication.com/simgad/ Frame 07B1 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6715560556445682455
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd62a3605eede3a1175a2aacb441df716cf0f3bdef64a9e693d344726f4e8d1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 02:51:52 GMT
x-content-type-options
nosniff
age
547924
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130164
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 10:21:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 25 Aug 2024 02:51:52 GMT
truncated
/ 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d34083a65ff0e36a3d645ece2161f69414caf9f8aed2d21e288e7607c5ddd6dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 07B1 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8f3a8cc5eeeea95975fde4929c4db0b1d21eca16fa35c28b86a411d9fd78e3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame EDDD 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=7~lm0hlyzw&c=3471207935890&slotId=1735603967945&met.4=ghmsh_s.lm0hlyzx~ghmsh_s.lm0hlyzx~ghmsh_s.lm0hlyzy&ghmsh_vi=134%2C136%2C243%2C247%2C&cpn=CN0CWXgSd4R24YLp
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4002:806::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AE77 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1643
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 10:36:33 GMT
expires
Sat, 31 Aug 2024 10:36:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4649 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ff286bf0e792c1a2f0aa5cc4354793098d5984aba77e8e14eff7a8daab3f0680
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WNTtNFVYGgBEUr6OhCJzXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-WNTtNFVYGgBEUr6OhCJzXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 11:03:56 GMT
expires
Fri, 01 Sep 2023 11:03:56 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame EBB5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308240101&jk=333115261010236&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame EDDD 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=8~lm0hlz5m&c=3471207935890&slotId=1735603967945&qqid=CJqhgu-hiYEDFYPWmgodHgMM0w&gqid=G8XxZLbNI_Ww78EPs5e5kAc&fb=ima_html5-lima&sdkv=h.3.587.0&ppt=vidvertoplayer&ppv=1.0.0&mrd=4&aab=1&itv=1&ua_e=1
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4002:806::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EDDD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.587.0&e=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735%2C45786216&id=ima_html5&c=4487744110278680&domain=www.lebanonfiles.com
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Sep 2023 11:03:56 GMT
X-Content-Type-Options
nosniff
Server
cafe
Content-Type
image/gif
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame EDDD 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-1290995901905588
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 10:21:52 GMT
x-content-type-options
nosniff
age
2524
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 11:11:52 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame EDDD 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=Cw3h4G8XxZLTPHpuIgAePvZSgC8Lzjv5xkJv63cMRsJAfEAEggM_UfGCV-vCBjAegAfjvyNwDyAEFqQJTB1TmjjGyPuACAKgDAZgEAKoEvgJP0Jq9VzWuATI0IaMCcmyWfFx17sp2vsrNiA7B4Sygf9uodUyzaMecRduC8RnSYsSh-LgGkOctEpCyjnjRN4YJVLKPrZfbSFCIOHJbVpZKhevfkKtpi-AwKg-h4rflKeD9rJi1a2MgBQZ4_4rl50yZoTfGf9L2ZlB_sNqRb4PB8zoDEsfBRyNEFgU1ZfhjwistKFqVdNyARlWrGRBxs7vJl0_8jFtrKeT2OIzcWezpRj25DtQH9JUCjoC9yQHBKhWMNFMEhr_dql_Jg4J8Xv5vip4cJpTY_lTGig8KBY4-ZHBX6MeTQmrlRCibExeU8MKK9dUpQ-Vv-YVQcYlCBSUEIP4cq_YIHI2qNwJATeGVooSjAimHwx0OpCFeCfeH4ZYCeVR-ko3Ei27-tDsFlGkjUjZBC_0h_PTUewSZgHDABMSq2v-7BOAEAYgF-a65hUygBlSAB6_C9n6oB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgksaHR0cHM6Ly93d3cuYmFyY2xheXMuZGUvbHAvYmFyY2xheXMtdmlzYS15dC-xCdjwDUd_RztSgAoDyAsB0AsP4AsB2gwQCgoQ4IOuwNDMgOoxEgIBA5oNAQ-qDQJERcgNAdgTE9AVAfgWAYAXAQ&sigh=B184xHelKX8&label=show_ad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/gampad/live/ Frame EDDD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/live/adview?ai=CG3U2G8XxZLTPHpuIgAePvZSgC8Lzjv5xkJv63cMRsJAfEAEggM_UfGCV-vCBjAegAfjvyNwDyAEFqQJTB1TmjjGyPuACAKgDAZgEAKoEuwJP0Jq9VzWuATI0IaMCcmyWfFx17sp2vsrNiA7B4Sygf9uodUyzaMecRduC8RnSYsSh-LgGkOctEpCyjnjRN4YJVLKPrZfbSFCIOHJbVpZKhevfkKtpi-AwKg-h4rflKeD9rJi1a2MgBQZ4_4rl50yZoTfGf9L2ZlB_sNqRb4PB8zoDEsfBRyNEFgU1ZfhjwistKFqVdNyARlWrGRBxs7vJl0_8jFtrKeT2OIzcWezpRj25DtQH9JUCjoC9yQHBKhWMNFMEhr_dql_Jg4J8Xv5vip4cJpTY_lTGig8KBY4-ZHBX6MeTQmrlRCibExeU8MKK9dUpQ-Vv-YVQcYlCBSUEIKYdMQObjss46ruXRk9CynsYFtc8h8u14PfNDNCNTJwpYbiMMckSEsbTmiPaGqYo_MOVJ9E5QCl3b_rABMSq2v-7BOAEAYgF-a65hUySBRAIEhAFGA8wzKGJj8LxnctroAZUgAevwvZ-qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCH_EGoCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgktaHR0cHM6Ly93d3cuYmFyY2xheXMuZGUvbHAvYmFyY2xheXMtdmlzYS15dC8_gAoDyAsBwhMGGPjvyNwD2BMT0BUBgBcBshceChwIABIUcHViLTU4NTUxNDk5OTg5MDM5NzYYu4l2&sigh=UiZdTQnY6W4&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWtaQ1p6XJ8Isp26yVNXM0DXIcpqY9RPTEJb1abFcFhXbetPWkeuQ7QOZT7tOVax6cfE9BeAg5GAE&vt=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 6AFA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjP_SPTZyHFswi1glB9wQRPFXAKWNJZWYajgu03y1Q3fR5yEPWxz_oJ9kty7ULXLrHxUsPgxkW2b1RL5RPPp323ae4cS1JkoJDiw8YDoCIhv_R67Vipt_ZJ904lUx1ojt71ZcF2-HEzr2vlKyHGhE0gHztKEbwk5zubIB699xgW-1WP-YeIXycP9VBXAThIkBvfKox3QvAV4hGbG4gdXytgDtunJhmR6xJCmWJKmIr9IljLLHx5piVHnVZLSM5QgoZ-LbXN8zZbgmM9hBwDMwz3nfaTvSqo6o88En5ujl5CVFt7gWxF-L1yd-oZ-2DwMWIK7bJZGBE6hZ1RqoB52pWTL3KcJsdZw&sai=AMfl-YQoI2Fl-EyAGJJ9Du_mwsZb6W8pyU9w6TE8fTz0HwLSWmhJkf6YFWqwHDtnFVyVyBGVYSCFGJy26FMCBMc6kDv5MBwd5ks4ilFDqkKXVvxmpKmG_r_57ZtBi4gv6nI&sig=Cg0ArKJSzLdWyavQebl-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Sep 2023 11:03:56 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EAA2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuY37XUZXds8oY0wL5kprK7nX91XI68m4TlYnv8-F_Gc6wVjLjVnbrDUPNt5579QIeMwioZ-KVA_l6C_TyEnRdhmNeS1wLzbnUSkwfBb46WIG0&sig=Cg0ArKJSzNcb6TTk6qoVEAE&id=lidar2&mcvt=1080&p=0,0,90,728&mtos=1080,1080,1080,1080,1080&tos=1080,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&vs=4&r=v&rst=1693566234299&rpt=906&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame DF03 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hp087sqahtfe3cv85xgpjx6tfz90dadm44c5vn1252p416ptxcbqhcbepp0e4w8kgzpkq5pa4vq3mjmxhw13zh9kn1gycmmdys70xcw4shqry26cvek1p9np4vch838erjpzs89cy9503h0388417pr6x51n6pnmhkbzwjm5mvk7xag1v06qjc5pmyq76g621qr5gp9skq9xypf8y72b8np400r21gd6wd915g3gyhjfy4ek2bj0r1ajvfe00avx48yr7c4pdd6q88n5sf5ppvz86s5x7znxhkwq22430ajw6d2f13sbgwv84rtqf368w1fvxngs2ye8merxrjw2vxh1czgs1jxg2dyah9pmbyk7gwqne3m5v9mh1hq3ky7x4p1n0xez65h5za018ppsr754bwmbfh1d92kmaf2v8a44sx79a5jc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRYYvG8XxZOv9I-qJ9fgP1K68gAOQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NzQ1NTkzOTQ1NjA4MjAyyAEJqQJTB1TmjjGyPuACAKgDAcgDAqoEngJP0GWJM0qfjVb0z5-owycBjjBBriK-AyOzUDgtL39HSZcuk9VIeNIJh2HPLOen3_-EChJO9uktMOAjDHcIoGfq_Wkwzy0eSbawjLIjvDziReG7vqC90cHx8wpIpbNE5Qo-j5OAylseYfPSW1zytis6NC6XpNAsPIJIUV7kFIlrNFN1RCVRRexf_aUIxqeWGaI1ypeXZdVZSOUN3xK7csXEBSTpXixRQ-Xmlx524_m_UA5dUAPPjIdppLv42fM__aHCqeRLXLBaIq1uyq-9RKmUY-ULY2qZox35uDWijOorXnBI-TVpBEHOntc7FOH7AlM7o7f-CSmgLLVEMqFcsTZCwOdBOMLHCfhgfA3TefQYsEoOqVZtN4DjJ-CfOBz34AQBgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1NU2TL0eVsj6idZy8bUHJkct6-NQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hp087sqahtfe3cv85xgpjx6tfz90dadm44c5vn1252p416ptxcbqhcbepp0e4w8kgzpkq5pa4vq3mjmxhw13zh9kn1gycmmdys70xcw4shqry26cvek1p9np4vch838erjpzs89cy9503h0388417pr6x51n6pnmhkbzwjm5mvk7xag1v06qjc5pmyq76g621qr5gp9skq9xypf8y72b8np400r21gd6wd915g3gyhjfy4ek2bj0r1ajvfe00avx48yr7c4pdd6q88n5sf5ppvz86s5x7znxhkwq22430ajw6d2f13sbgwv84rtqf368w1fvxngs2ye8merxrjw2vxh1czgs1jxg2dyah9pmbyk7gwqne3m5v9mh1hq3ky7x4p1n0xez65h5za018ppsr754bwmbfh1d92kmaf2v8a44sx79a5jc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRYYvG8XxZOv9I-qJ9fgP1K68gAOQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NzQ1NTkzOTQ1NjA4MjAyyAEJqQJTB1TmjjGyPuACAKgDAcgDAqoEngJP0GWJM0qfjVb0z5-owycBjjBBriK-AyOzUDgtL39HSZcuk9VIeNIJh2HPLOen3_-EChJO9uktMOAjDHcIoGfq_Wkwzy0eSbawjLIjvDziReG7vqC90cHx8wpIpbNE5Qo-j5OAylseYfPSW1zytis6NC6XpNAsPIJIUV7kFIlrNFN1RCVRRexf_aUIxqeWGaI1ypeXZdVZSOUN3xK7csXEBSTpXixRQ-Xmlx524_m_UA5dUAPPjIdppLv42fM__aHCqeRLXLBaIq1uyq-9RKmUY-ULY2qZox35uDWijOorXnBI-TVpBEHOntc7FOH7AlM7o7f-CSmgLLVEMqFcsTZCwOdBOMLHCfhgfA3TefQYsEoOqVZtN4DjJ-CfOBz34AQBgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1NU2TL0eVsj6idZy8bUHJkct6-NQ%26client%3Dca-pub-8745593945608202%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
777046
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46TfxolqeIWnSx5bCajNvOq8JtPlcQdPOCRrbauc5lTJ6jx1vsncU3vTNYGAimJJ8DsfFFfx43IBgWRzVAN1IvsPzUawxHt1BROf5Dv%2B%2FKyUsg8SwWBDDLIqC0ZFaG6%2BXljAMBkjN%2B8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7ffd07919fd31c20-FRA
expires
Fri, 01 Sep 2023 12:03:56 GMT
r62eglto.js
ad4m.at/ Frame DF03 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hp087sqahtfe3cv85xgpjx6tfz90dadm44c5vn1252p416ptxcbqhcbepp0e4w8kgzpkq5pa4vq3mjmxhw13zh9kn1gycmmdys70xcw4shqry26cvek1p9np4vch838erjpzs89cy9503h0388417pr6x51n6pnmhkbzwjm5mvk7xag1v06qjc5pmyq76g621qr5gp9skq9xypf8y72b8np400r21gd6wd915g3gyhjfy4ek2bj0r1ajvfe00avx48yr7c4pdd6q88n5sf5ppvz86s5x7znxhkwq22430ajw6d2f13sbgwv84rtqf368w1fvxngs2ye8merxrjw2vxh1czgs1jxg2dyah9pmbyk7gwqne3m5v9mh1hq3ky7x4p1n0xez65h5za018ppsr754bwmbfh1d92kmaf2v8a44sx79a5jc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRYYvG8XxZOv9I-qJ9fgP1K68gAOQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NzQ1NTkzOTQ1NjA4MjAyyAEJqQJTB1TmjjGyPuACAKgDAcgDAqoEngJP0GWJM0qfjVb0z5-owycBjjBBriK-AyOzUDgtL39HSZcuk9VIeNIJh2HPLOen3_-EChJO9uktMOAjDHcIoGfq_Wkwzy0eSbawjLIjvDziReG7vqC90cHx8wpIpbNE5Qo-j5OAylseYfPSW1zytis6NC6XpNAsPIJIUV7kFIlrNFN1RCVRRexf_aUIxqeWGaI1ypeXZdVZSOUN3xK7csXEBSTpXixRQ-Xmlx524_m_UA5dUAPPjIdppLv42fM__aHCqeRLXLBaIq1uyq-9RKmUY-ULY2qZox35uDWijOorXnBI-TVpBEHOntc7FOH7AlM7o7f-CSmgLLVEMqFcsTZCwOdBOMLHCfhgfA3TefQYsEoOqVZtN4DjJ-CfOBz34AQBgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1NU2TL0eVsj6idZy8bUHJkct6-NQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
239617
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFpAD75hMIFJIhpH8V11a0uuqWFyOYZs484AcTAhrSW007MEczz8eytQw%2FYMkkMmT2DCekDIoD9yfFeMvgR38Ji0%2FGGGLeF8yeE8I4leATqr4T1IksHQDoBu0rCb4yEc6CfOcNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7ffd0791bfeb1c20-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 29 Aug 2023 16:30:19 GMT
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&top=1&puid=1~lm0hlxkp&c=3471207935890&slotId=1735603967945&eee=missing-element&bi=missing-id&ulv=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4002:806::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
pagead2.googlesyndication.com/bg/ Frame 0738 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
246311
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14793
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Aug 2024 14:38:45 GMT
i.match
s.tribalfusion.com/z/ Frame BE86
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEA-yPqqCUfGFE6Gh5_Gkhp8&google_cver=1&google_push=AXcoOmSGyQTs8sczA_YjKiltrPQ15DUJuGxgL9yxqZYPbfwl58Aj3M5twC9Jl4S8Kv2KhBINmldzvan-9LsxB8aH84YnPizz3JbW5...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEA-yPqqCUfGFE6Gh5_Gkhp8&google_cver=1&google_push=AXcoOmSGyQTs8sczA_YjKiltrPQ15DUJuGxgL9yxqZYPbfwl58Aj3M5twC9Jl4S8Kv2KhBINmldzvan-9LsxB8aH84YnPizz3Jb...
43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEA-yPqqCUfGFE6Gh5_Gkhp8&google_cver=1&google_push=AXcoOmSGyQTs8sczA_YjKiltrPQ15DUJuGxgL9yxqZYPbfwl58Aj3M5twC9Jl4S8Kv2KhBINmldzvan-9LsxB8aH84YnPizz3JbW548&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSGyQTs8sczA_YjKiltrPQ15DUJuGxgL9yxqZYPbfwl58Aj3M5twC9Jl4S8Kv2KhBINmldzvan-9LsxB8aH84YnPizz3JbW548%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
URL: https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7ffd07936fcdaca7-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
394
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEA-yPqqCUfGFE6Gh5_Gkhp8&google_cver=1&google_push=AXcoOmSGyQTs8sczA_YjKiltrPQ15DUJuGxgL9yxqZYPbfwl58Aj3M5twC9Jl4S8Kv2KhBINmldzvan-9LsxB8aH84YnPizz3JbW548&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSGyQTs8sczA_YjKiltrPQ15DUJuGxgL9yxqZYPbfwl58Aj3M5twC9Jl4S8Kv2KhBINmldzvan-9LsxB8aH84YnPizz3JbW548%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7ffd07920d18aca7-TXL
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BE86
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEE7ujMiuFzKYJPQ5HzcdSlI&google_cver=1&google_push=AXcoOmQvA4ygQDO-as8T_X1qyUHlavRrSXXP8OksRe8d0lKKN74NK2hhxIzy9mJYelVnXCzWY0TK6vRLGOE...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQvA4ygQDO-as8T_X1qyUHlavRrSXXP8OksRe8d0lKKN74NK2hhxIzy9mJYelVnXCzWY0TK6vRLGOEZNUeYm7_5JtzNJYpS-fQ&google_hm=-tMMNsbWQOa1jv3aH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQvA4ygQDO-as8T_X1qyUHlavRrSXXP8OksRe8d0lKKN74NK2hhxIzy9mJYelVnXCzWY0TK6vRLGOEZNUeYm7_5JtzNJYpS-fQ&google_hm=-tMMNsbWQOa1jv3aHCMCVfg
Requested by
Host: cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
URL: https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:55 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQvA4ygQDO-as8T_X1qyUHlavRrSXXP8OksRe8d0lKKN74NK2hhxIzy9mJYelVnXCzWY0TK6vRLGOEZNUeYm7_5JtzNJYpS-fQ&google_hm=-tMMNsbWQOa1jv3aHCMCVfg
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame BE86 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENl5woi7ryeMhewJhDCivxU&google_cver=1&google_push=AXcoOmTrynQLM6ttMIRB6GatJg_C_iHC9L-RJl66_JC2sWP33jvM9yrzqEUVrO1XNQncaUVT5d2_fy5NRrfqg0YNg1S66F6ieRKjOho
Requested by
Host: cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
URL: https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.210.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-210-119.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame BE86
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK487k_fOeIuD49vXMES-U8&google_cver=1&google_push=AXcoOmSKBzUTxXMFeZNvpHOFRkfw1GheL2dkIaVjxuswF-o0pDLEXMv5pKBlJi3SLymJaqnuYFC5pnau...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzM3NTYxMDk0MTU0NzQ0OTM1MQ&google_push=AXcoOmSKBzUTxXMFeZNvpHOFRkfw1GheL2dkIaVjxuswF-o0pDLEXMv5pKBlJi3SLymJaqnuYFC5pn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzM3NTYxMDk0MTU0NzQ0OTM1MQ&google_push=AXcoOmSKBzUTxXMFeZNvpHOFRkfw1GheL2dkIaVjxuswF-o0pDLEXMv5pKBlJi3SLymJaqnuYFC5pnauIJOnXGfNsQIwMRtychYClZg
Requested by
Host: cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
URL: https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzM3NTYxMDk0MTU0NzQ0OTM1MQ&google_push=AXcoOmSKBzUTxXMFeZNvpHOFRkfw1GheL2dkIaVjxuswF-o0pDLEXMv5pKBlJi3SLymJaqnuYFC5pnauIJOnXGfNsQIwMRtychYClZg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame BE86
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEKcFPCNnxt08yfrSgDXjYHk&google_cver=1&google_push=AXcoOmTQ6wpDjpRBZxPXvYkKjVPEvpBVlT8WhVW2upCJML21s41Yqi052Wq7ufxKtyCyqL0o1bxNI0e9TqilcltlB8YD4pp...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEKcFPCNnxt08yfrSgDXjYHk&google_cver=1&google_push=AXcoOmTQ6wpDjpRBZxPXvYkKjVPEvpBVlT8WhVW2upCJML21s41Yqi052Wq7ufxKtyCyqL0o1bxNI0e9TqilcltlB8YD4...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTQ6wpDjpRBZxPXvYkKjVPEvpBVlT8WhVW2upCJML21s41Yqi052Wq7ufxKtyCyqL0o1bxNI0e9TqilcltlB8YD4ppOEPW0IA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTQ6wpDjpRBZxPXvYkKjVPEvpBVlT8WhVW2upCJML21s41Yqi052Wq7ufxKtyCyqL0o1bxNI0e9TqilcltlB8YD4ppOEPW0IA
Requested by
Host: cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
URL: https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTQ6wpDjpRBZxPXvYkKjVPEvpBVlT8WhVW2upCJML21s41Yqi052Wq7ufxKtyCyqL0o1bxNI0e9TqilcltlB8YD4ppOEPW0IA
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame BE86
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK487k_fOeIuD49vXMES-U8&google_cver=1&google_push=AXcoOmTKAi73THLu6fWP6w84Clrgry2Oovj3R9F-U2df2X2GvFAZkeGypu5O8lLzEI9LjUkqKY21ECOy...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzM3NTYxMDk0MTU0NzQ0OTM1MQ&google_push=AXcoOmTKAi73THLu6fWP6w84Clrgry2Oovj3R9F-U2df2X2GvFAZkeGypu5O8lLzEI9LjUkqKY21EC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzM3NTYxMDk0MTU0NzQ0OTM1MQ&google_push=AXcoOmTKAi73THLu6fWP6w84Clrgry2Oovj3R9F-U2df2X2GvFAZkeGypu5O8lLzEI9LjUkqKY21ECOy9j1ZHhfEK7_C7c4B1Zo8tQ
Requested by
Host: cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
URL: https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzM3NTYxMDk0MTU0NzQ0OTM1MQ&google_push=AXcoOmTKAi73THLu6fWP6w84Clrgry2Oovj3R9F-U2df2X2GvFAZkeGypu5O8lLzEI9LjUkqKY21ECOy9j1ZHhfEK7_C7c4B1Zo8tQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame BE86
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAwb5PYOU1JWEuS8X_fNaQc&google_cver=1&google_push=AXcoOmR0Tye1bjK0gbLfBPmFXJPkCjAkpTsz41hu0ecDClQgwA9bqvimZSfnugQP7HQnTy1lZWpv_kcjvbzQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR0Tye1bjK0gbLfBPmFXJPkCjAkpTsz41hu0ecDClQgwA9bqvimZSfnugQP7HQnTy1lZWpv_kcjvbzQza6dY0HHO0NnqJd_RVE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR0Tye1bjK0gbLfBPmFXJPkCjAkpTsz41hu0ecDClQgwA9bqvimZSfnugQP7HQnTy1lZWpv_kcjvbzQza6dY0HHO0NnqJd_RVE
Requested by
Host: cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
URL: https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR0Tye1bjK0gbLfBPmFXJPkCjAkpTsz41hu0ecDClQgwA9bqvimZSfnugQP7HQnTy1lZWpv_kcjvbzQza6dY0HHO0NnqJd_RVE
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame BE86 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ja_5IdP10hBb0FaVXtb1lUO2ue3K_zOEFUZWtdtwMe_WpTJS6HlM2IbgZMbf0jMGhA4naM
Requested by
Host: cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
URL: https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:56 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
videoplayback
rr3---sn-5hne6nzs.googlevideo.com/ 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-5hne6nzs.googlevideo.com/videoplayback?expire=1693595035&ei=G8XxZLH5K6CJ6dsP86uE6AU&ip=2a03:1b20:b:f011::4e&id=6b96778c21e250cc&itag=22&source=youtube&requiressl=yes&mh=2G&mm=31&mn=sn-5hne6nzs&ms=au&mv=m&mvi=3&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.069&lmt=1692883913867311&mt=1693565609&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAITjwvE8hHn3pXbVffxC-z011deihm1NZjyytenZOV-GAiB3RXD6hcC6xxA5EkW7dIHMR82Uw9n-0C5aqpLszfiaRQ==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALJf7jw6qsEsH5vMWbYDIzc0_tTnBHSIQ2V4l0Gw3YfZAiB9rxnbVUzLaITnwQ4Xeas0rmvV_sI-cC5WlMmTLwrH5g==&cpn=-lDuXMdhG6NsLmuT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:9::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
2d01f8e068de8d775f3097dc41e766360a3a1f5fd86201697b8d83a7765f8061
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.lebanonfiles.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Range
bytes=0-

Response headers

client-protocol
quic
date
Fri, 01 Sep 2023 11:03:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Aug 2023 13:31:53 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-1414270/1414271
cache-control
private, max-age=28499
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
1414271
expires
Fri, 01 Sep 2023 11:03:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 07B1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstEgPzE30K0NGdv4oRWHgqxqDEPSaAQ10kph-001U3v4Mmctd_mkNKNO98nDjWdeNEP1EehXGHajH8S86zM1TlsHhDIvLu1vR7o8xqI-BNqwsv91xOXYgIWCBP4bivTmi76fzWE61q2Pqm20SmKh2zo-kP6tQ-EL49erN0dAdM5k50sEdh_6AKerJA2geVqc_y4axenvGgLJuEfeQjW2YaOlQw0CaY9LVbk2ieHaf_h5SuI8_-yLTsKW3xe7W763Vh2oeazTy9TmEkfortS4YS5i88EquA5MR8o8xOI6u6q3rmiinqzTkRKVhxyc-Koe-Po-jTAU2DDrYJ3_jHJ3gprw77W4A&sai=AMfl-YSgHkBZExvCzo7jSSO290uH8v7zjf1WQjt5nPO6lk-K6Qw6oAJbeuuKegkhvdfBWEqTT1sdPpUnoS1UF2n-4ZWRguclfWNqmXmsbJIIodvNxjw2eU8Rwy6Mj6QDpw&sig=Cg0ArKJSzMYzeTTStHkbEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Sep 2023 11:03:56 GMT
async_usersync
ib.adnxs.com/ Frame 9720 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
an-x-request-uuid
c0de3318-3105-4fc0-ae4f-fbf01cebb8d1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
193.32.248.248; 193.32.248.248; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EAA2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4369662345387&version=m202307240101&ct=76&x=60&cor=11994052974245542000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 11B4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWekZGsXxZOmTLuefjuwPwNG2sAgAAAAAOAHgBAI&bg=!aGulayTNAAYHwnCgJ8I7ADQBe5WfOJc1c7iC9DX4vUv0-58iYwmaTZ9psmKkRED7Ils3Ds0_f40idY1j5zsXHuXl8-MGAgAAAz1SAAAACWgBB5kDmsxWUxllYjo5ybC3552opU6UEy7IxC6xNLz3yZZI2g0Q2oPhzmMICKmKAGYI0l-FqdVPZK3joga-JhZYSDMybXdjKuKXE1ixWaN4i6NvIMSZsVqfytYIb0JXZ6CoWRvlZN4rEPeN-jQzqxWnUVMqmPLzvMEoCUzocEtEvxgqUh_lx0rxhmLiDKc-Ooy6pLrEpCr7u5MZKFCbbg3Yqmn27AzVfek9K1v8U7FwHQCWxqIERRnT1AyguuEBQAB9W96475QCkhvY8C2VUZWb8x4wjxL9Tu2xuZ0PXcQVJNQbr1d05sk5UWR5J2slJP8jhnD3pFBamVWaPThCRLk7E_VjkyIZNQEzDJkKD22TLNegRQORwPHIX5UMy9GTeR2_LQYPrg5zn_3n-GAnLKy6ihq39Qaj_IAs9LN10Gw3SCnRuVs3N19J0hMD_MaBWI4Dlj1PgT9B6kVGEh_1lAn6PuL1BZocNV8jC6sPi6Cg-hgcD9b-v_z-MFWID9F0-u8rvG2idQbdVvVAjlLfeRrAedWnHNLV0XLYGyX3h2721XS0q-SLKGbplLSYAiGlMpU9TSVvOf4TG8IeuIG2KToIArODAKD15jH7c2Te9lb876diWq9PYQ9YrXcGlLDF43syIDkBDwrqyxkWKwOJbn5pwIQ3xwYcwywpNFCPbLA5dlFLW2BlKwbhO6UxoOAlZ-z9dUsAk7CrRrl1oOuxhwBY0xZc1feZ03kn7Ed6xYyMY5baolpApFmJhJx0KyDNvN5AYQAq5mmdVWNoHxVCqrKW37-7lmq6CjD2rw7QcaNM68ptXdXAJ7Petmj714O1lCe5R5vC5TUt8E_8CGKzfnjezldtuv3sRVtOCuzHFeuK12vN9P1t4Fg6gQTSb8X52TjiaguSV_Z9BxvIOmvr9ENtJ_zemy3YsJE7ZSe_f7ZI8Gidn9HcaO2idk4vvl0CgI6Rxp7hpbTmaNKyWIQ0uWMVKpcjFPOc2j4Y6TtA8ZBJBmZKD0JsTicWjL7oRUaJ69aRqtUl3IrwbEWduBiEV0d2kQd8mQULqu1Ge710E2oy2awHcceoR07Uu8rat-ZjoIt5_fmPuEh2QpTLmRbuCMlcwrAXpU4FzPXheHQhzfM3q4ONm7WPTMV9ceR3xpg42hghVG1DRY0QY-V-rTdLwnO6ueghlId723LFgD-dv9R5Eol1Oz913ZUQolP1AOMocSdOr7Pgs8k-Yj4wq27DlWo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4649 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308240101&jk=1340710480238468&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame F300 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-LpIG8XxZOv9I-qJ9fgP1K68gAOQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NzQ1NTkzOTQ1NjA4MjAyyAEJqQJTB1TmjjGyPuACAKgDAcgDAqoEmwJP0GWJM0qfjVb0z5-owycBjjBBriK-AyOzUDgtL39HSZcuk9VIeNIJh2HPLOen3_-EChJO9uktMOAjDHcIoGfq_Wkwzy0eSbawjLIjvDziReG7vqC90cHx8wpIpbNE5Qo-j5OAylseYfPSW1zytis6NC6XpNAsPIJIUV7kFIlrNFN1RCVRRexf_aUIxqeWGaI1ypeXZdVZSOUN3xK7csXEBSTpXixRQ-Xmlx524_m_UA5dUAPPjIdppLv42fM__aHCqeRLXLBaIq1uyq-9RKmUY-ULY2qZox35uDWijOorXnBI-TVpBEHOntc7FOH7AlM7o7f-CWuiDSeTyyYcebEKVj0IqjD-HfLNdiPLpHTa-dj2PUhBL1U_uKBX4AQBgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODc0NTU5Mzk0NTYwODIwMhiE_3Q&sigh=CP3GC73otUo&uach_m=[UACH]&cid=CAQSOwBpAlJWXJuW5OKjclDMYQMVTkRrtslfqs-WyGn_3-IaA9SUooVqmesoyKzCiho2BEUGuYG2EeAdQHO3GAE&cbvp=2&vis=1
Requested by
Host: cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
URL: https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame F300 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gywj1bynq118vbetxt8v8x0wrwmke18b69hj5zgjr09bf0wp0q7zn4jyp4fzkrphsj4dje0jfnwnfxmhpyme0dxd9mwd30ajm7jbwkb8aykjzd8qc0h969g263m3h4hqkt6eevjxkz51dvtsjtcy2ksrvydvahz4xxfyg7f8sv472bz51r3z9fffrn7tcmeb89jsvy4qxk8616hjqbb8cjzxe66phercyspfyny3h340n01m6fgmccj1r3098evj6gn7ggkfp26wrfkzccdw0db611ec8c4arhapwf5h61qgw5rbn7wghw7k774ngd7dhp9rzc80h2ytddskj74bf1g8jzy4b0wv6xzd3pa6t5k019zbwfc6cj077fa8jpxwg3f1y7e7m&b=ZPHFGwAI_usJHUTqAA8XVF0YSppfgz9ZKiAuuA&cbvp=2
Requested by
Host: cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
URL: https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Sep 2023 11:03:56 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
pagead2.googlesyndication.com/bg/ Frame AE77 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
246311
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14793
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Aug 2024 14:38:45 GMT
frame.html
ad4m.at/ Frame 3D21 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1607898
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7ffd079388e49a3f-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 01 Sep 2023 11:03:56 GMT
expires
Wed, 09 Aug 2023 01:00:19 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzNqGACLHakdXmL%2BAEGXSSL%2Fs5%2BVjHBHGzJB8qzO486CY8nqatCZzt8zhD8DeiTiUYmcX74AOW%2BQWyQOEjT3MZRdu%2Fn9NJA6dCozBExjSMOOKdSuuIkkjrxQnQg8tyAW99A0Zkk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame EDDD 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=Cw3h4G8XxZLTPHpuIgAePvZSgC8Lzjv5xkJv63cMRsJAfEAEggM_UfGCV-vCBjAegAfjvyNwDyAEFqQJTB1TmjjGyPuACAKgDAZgEAKoEvgJP0Jq9VzWuATI0IaMCcmyWfFx17sp2vsrNiA7B4Sygf9uodUyzaMecRduC8RnSYsSh-LgGkOctEpCyjnjRN4YJVLKPrZfbSFCIOHJbVpZKhevfkKtpi-AwKg-h4rflKeD9rJi1a2MgBQZ4_4rl50yZoTfGf9L2ZlB_sNqRb4PB8zoDEsfBRyNEFgU1ZfhjwistKFqVdNyARlWrGRBxs7vJl0_8jFtrKeT2OIzcWezpRj25DtQH9JUCjoC9yQHBKhWMNFMEhr_dql_Jg4J8Xv5vip4cJpTY_lTGig8KBY4-ZHBX6MeTQmrlRCibExeU8MKK9dUpQ-Vv-YVQcYlCBSUEIP4cq_YIHI2qNwJATeGVooSjAimHwx0OpCFeCfeH4ZYCeVR-ko3Ei27-tDsFlGkjUjZBC_0h_PTUewSZgHDABMSq2v-7BOAEAYgF-a65hUygBlSAB6_C9n6oB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgksaHR0cHM6Ly93d3cuYmFyY2xheXMuZGUvbHAvYmFyY2xheXMtdmlzYS15dC-xCdjwDUd_RztSgAoDyAsB0AsP4AsB2gwQCgoQ4IOuwNDMgOoxEgIBA5oNAQ-qDQJERcgNAdgTE9AVAfgWAYAXAQ&sigh=B184xHelKX8&label=video_ad_loaded
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/gampad/live/ Frame EDDD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/adview?ai=CG3U2G8XxZLTPHpuIgAePvZSgC8Lzjv5xkJv63cMRsJAfEAEggM_UfGCV-vCBjAegAfjvyNwDyAEFqQJTB1TmjjGyPuACAKgDAZgEAKoEuwJP0Jq9VzWuATI0IaMCcmyWfFx17sp2vsrNiA7B4Sygf9uodUyzaMecRduC8RnSYsSh-LgGkOctEpCyjnjRN4YJVLKPrZfbSFCIOHJbVpZKhevfkKtpi-AwKg-h4rflKeD9rJi1a2MgBQZ4_4rl50yZoTfGf9L2ZlB_sNqRb4PB8zoDEsfBRyNEFgU1ZfhjwistKFqVdNyARlWrGRBxs7vJl0_8jFtrKeT2OIzcWezpRj25DtQH9JUCjoC9yQHBKhWMNFMEhr_dql_Jg4J8Xv5vip4cJpTY_lTGig8KBY4-ZHBX6MeTQmrlRCibExeU8MKK9dUpQ-Vv-YVQcYlCBSUEIKYdMQObjss46ruXRk9CynsYFtc8h8u14PfNDNCNTJwpYbiMMckSEsbTmiPaGqYo_MOVJ9E5QCl3b_rABMSq2v-7BOAEAYgF-a65hUySBRAIEhAFGA8wzKGJj8LxnctroAZUgAevwvZ-qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCH_EGoCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgktaHR0cHM6Ly93d3cuYmFyY2xheXMuZGUvbHAvYmFyY2xheXMtdmlzYS15dC8_gAoDyAsBwhMGGPjvyNwD2BMT0BUBgBcBshceChwIABIUcHViLTU4NTUxNDk5OTg5MDM5NzYYu4l2&sigh=UiZdTQnY6W4&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWtaQ1p6XJ8Isp26yVNXM0DXIcpqY9RPTEJb1abFcFhXbetPWkeuQ7QOZT7tOVax6cfE9BeAg5GAE&nis=4
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame EDDD 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 17:43:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
235246
Cross-Origin-Resource-Policy
cross-origin
Content-Length
15406
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 20:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="adspam-signals-scs"
Vary
Accept-Encoding
Report-To
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Wed, 28 Aug 2024 17:43:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EDDD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.587.0&e=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735%2C45786216&id=ima_html5&c=4487744110278680&domain=www.lebanonfiles.com
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Sep 2023 11:03:56 GMT
X-Content-Type-Options
nosniff
Server
cafe
Content-Type
image/gif
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
magic.png
bgstats.mox.tv/ Frame EDDD 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgstats.mox.tv/magic.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:56 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
0
content-type
image/png
tracking
ad.vidverto.io/delivery/v2/video/ Frame EDDD 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ad.vidverto.io/delivery/v2/video/tracking?vast=tracker&vsp=iN1dPlZIvLAzgOxj7oYvSwzpH8%2BXDXv6GiYWp8MlJkXsngLZHrb%2FdXDpAlc13S%2F%2BNZuExvnjdk1LhJky7eNMGIzP3yn0VRbBZTp%2FgG2zWg5QBhqNhu5eJXhLO85s%2F1ZfXPqk2y1VWerpusj2nApDJVptwW8LhTPvyBPSpzg9VOuVFcxNFVcRNOA7laselyUFr8YEjA7gb%2FZliz%2BOfMwT%2FDS%2FROXz1AJJDv9aWmPwLDleOUgurnxBRMHxbwFdk4XJ&cb=1693566235
Protocol
HTTP/1.1
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:56 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame EDDD 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=COjbPG8XxZLTPHpuIgAePvZSgC8Lzjv5xkJv63cMRsJAfEAEggM_UfGCV-vCBjAegAfjvyNwDyAEFqQJTB1TmjjGyPuACAKgDAZgEAKoEuwJP0Jq9VzWuATI0IaMCcmyWfFx17sp2vsrNiA7B4Sygf9uodUyzaMecRduC8RnSYsSh-LgGkOctEpCyjnjRN4YJVLKPrZfbSFCIOHJbVpZKhevfkKtpi-AwKg-h4rflKeD9rJi1a2MgBQZ4_4rl50yZoTfGf9L2ZlB_sNqRb4PB8zoDEsfBRyNEFgU1ZfhjwistKFqVdNyARlWrGRBxs7vJl0_8jFtrKeT2OIzcWezpRj25DtQH9JUCjoC9yQHBKhWMNFMEhr_dql_Jg4J8Xv5vip4cJpTY_lTGig8KBY4-ZHBX6MeTQmrlRCibExeU8MKK9dUpQ-Vv-YVQcYlCBSUEIKYdMQObjss46ruXRk9CynsYFtc8h8u14PfNDNCNTJwpYbiMMckSEsbTmiPaGqYo_MOVJ9E5QCl3b_rABMSq2v-7BOAEAYgF-a65hUygBlSAB6_C9n6oB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2gwQCgoQ4IOuwNDMgOoxEgIBA6oNAkRF2BMT0BUB-BYBgBcB&sigh=9vickNE10qU&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D955%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D3309,440,3714,1160%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26is%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1533%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D43146328%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2585%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1693566236283
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking
ad.vidverto.io/delivery/v2/video/ Frame EDDD 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ad.vidverto.io/delivery/v2/video/tracking?vast=events&token=QKLK3sAAwfxtI7JRGv5N2wa2%2FW1Kjz4P9gzFvYi%2Fml%2Bw6OhC31CbLnDq5FevLtdxEPkttm4IPf8oiUQn%2BbnDaMZGAdgqg12EUKo%2BXnF%2BCZKWIcs6ZaXlTrQ3Itta6rwLW0RxNz7VORVQozdqXd6ohpr%2BFCBEH5Va5q%2FAeEMhk7HhpbfGopHlM11bEwR8AsovgEKOAclHJvfkCKm01FbiRw%3D%3D&cb=1693566235
Protocol
HTTP/1.1
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:56 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
activeview
pagead2.googlesyndication.com/pcs/ Frame EDDD 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4Lq-G8C1jEf2YKK5JbfOB9Mo1ZYkzgvLZmYsffJmkUmSQ5QBottu41Ms8n4BIs80GBOEkWuD3G088hhqVtesKfk4a0VAaAUZHU1eZYqSpBcx6nVk3s_RDxLCishvvKHRnqnakY3SnKnxw&sai=AMfl-YQzEb7YiWWf5cNXIy4bi9u5vNjYwOF2VecjyjriPsq_5s_Kc5iKw8tvn9xJVRAC04RoJsOhVFcjM40qHnllbknGalweChshTylZ-DTOo56aRgg4hSlAk4ALVOg&sig=Cg0ArKJSzFiIL7jM3Ob4EAE&cid=CAQSOwBpAlJWtaQ1p6XJ8Isp26yVNXM0DXIcpqY9RPTEJb1abFcFhXbetPWkeuQ7QOZT7tOVax6cfE9BeAg5GAE&id=lidarv&acvw=sv%3D955%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D3309,440,3714,1160%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1533%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D43146328%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2587%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1693566236283&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking
ad.vidverto.io/delivery/v2/video/ Frame EDDD 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ad.vidverto.io/delivery/v2/video/tracking?vast=events&token=i30Lisme6IklRHkRXEjZrIR4ZA%2FrGVGRoXyD13UN5ZMl51GQC2dr6lta00803f9a29P7Zf0ntdCtp4KEy7B2UnBeh%2B7JGp4DMQXY1rgokxRhZf9fFVC6Wbceoft0FO72%2FesshKSo8omPyuTilsWH2VgI%2FAtY5NfFWB8mSik2uN03V8Vo%2F%2BOlqN4buqQf6DmNpImS4nYiZDe%2Fpw%2FHPC2uvyB2ZH5ueaQYLA6AM3r150c%3D&cb=1693566235
Protocol
HTTP/1.1
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:56 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame EDDD 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=COjbPG8XxZLTPHpuIgAePvZSgC8Lzjv5xkJv63cMRsJAfEAEggM_UfGCV-vCBjAegAfjvyNwDyAEFqQJTB1TmjjGyPuACAKgDAZgEAKoEuwJP0Jq9VzWuATI0IaMCcmyWfFx17sp2vsrNiA7B4Sygf9uodUyzaMecRduC8RnSYsSh-LgGkOctEpCyjnjRN4YJVLKPrZfbSFCIOHJbVpZKhevfkKtpi-AwKg-h4rflKeD9rJi1a2MgBQZ4_4rl50yZoTfGf9L2ZlB_sNqRb4PB8zoDEsfBRyNEFgU1ZfhjwistKFqVdNyARlWrGRBxs7vJl0_8jFtrKeT2OIzcWezpRj25DtQH9JUCjoC9yQHBKhWMNFMEhr_dql_Jg4J8Xv5vip4cJpTY_lTGig8KBY4-ZHBX6MeTQmrlRCibExeU8MKK9dUpQ-Vv-YVQcYlCBSUEIKYdMQObjss46ruXRk9CynsYFtc8h8u14PfNDNCNTJwpYbiMMckSEsbTmiPaGqYo_MOVJ9E5QCl3b_rABMSq2v-7BOAEAYgF-a65hUygBlSAB6_C9n6oB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2gwQCgoQ4IOuwNDMgOoxEgIBA6oNAkRF2BMT0BUB-BYBgBcB&sigh=9vickNE10qU&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D955%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D3309,440,3714,1160%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1533%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D43146328%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2589%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1693566236283
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking
ad.vidverto.io/delivery/v2/video/ Frame EDDD 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ad.vidverto.io/delivery/v2/video/tracking?vast=events&token=D7k29Ahy3nfCTXhEIal2fNEDM4%2F8VKu9sCiGdOTh8Q9jkNxzxtDOmLU3PmfoyGVCtVMoQCBKYlqSxatFGwfG%2FmYKvxUauvHa0HAm75KTCwvaWo1cemLz2OKNErdofrqAT6nGlIYnnPDByv0nshR%2BaqZR2V8jJTtrRm1D%2FfgbNcDI816R%2BufJ6CkxE%2F01LsrZIUKGdPfNIycarcZ%2FUJuwCQ%3D%3D&cb=1693566235
Protocol
HTTP/1.1
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:56 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame EDDD 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=COjbPG8XxZLTPHpuIgAePvZSgC8Lzjv5xkJv63cMRsJAfEAEggM_UfGCV-vCBjAegAfjvyNwDyAEFqQJTB1TmjjGyPuACAKgDAZgEAKoEuwJP0Jq9VzWuATI0IaMCcmyWfFx17sp2vsrNiA7B4Sygf9uodUyzaMecRduC8RnSYsSh-LgGkOctEpCyjnjRN4YJVLKPrZfbSFCIOHJbVpZKhevfkKtpi-AwKg-h4rflKeD9rJi1a2MgBQZ4_4rl50yZoTfGf9L2ZlB_sNqRb4PB8zoDEsfBRyNEFgU1ZfhjwistKFqVdNyARlWrGRBxs7vJl0_8jFtrKeT2OIzcWezpRj25DtQH9JUCjoC9yQHBKhWMNFMEhr_dql_Jg4J8Xv5vip4cJpTY_lTGig8KBY4-ZHBX6MeTQmrlRCibExeU8MKK9dUpQ-Vv-YVQcYlCBSUEIKYdMQObjss46ruXRk9CynsYFtc8h8u14PfNDNCNTJwpYbiMMckSEsbTmiPaGqYo_MOVJ9E5QCl3b_rABMSq2v-7BOAEAYgF-a65hUygBlSAB6_C9n6oB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2gwQCgoQ4IOuwNDMgOoxEgIBA6oNAkRF2BMT0BUB-BYBgBcB&sigh=9vickNE10qU&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&label=admute&ad_mt=0&acvw=sv%3D955%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D3309,440,3714,1160%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D16%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D16%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D16%26is%3D33554450%26i0%3D33554450%26ic%3D4096%26cs%3D33558546%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1533%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D43146328%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2594%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1693566236283
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:56 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		427 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		415 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		414 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml
sync
vid.vidoomy.com/ Frame 7C16 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Fri, 01 Sep 2023 11:03:57 GMT
etag
W/"64abbb76-c2af"
last-modified
Mon, 10 Jul 2023 08:04:06 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-cache
HIT
x-77-nzt
AcO1rydDh1r/PsAGAA
x-77-nzt-ray
25b0213148eb79c21dc5f16424189702
x-77-pop
frankfurtDE
x-accel-date
1693123807
x-accel-expires
@1694160607
x-age
442430
x-cache
HIT
generate_204
tpc.googlesyndication.com/ Frame 0738 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?UPXeUQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:56 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame 7588 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
25062
Cache-Control
public, max-age=31536000
Content-Encoding
gzip
Content-Length
8727
Content-Type
text/html
Cross-Origin-Opener-Policy
same-origin; report-to="adspam-signals-scs"
Cross-Origin-Resource-Policy
cross-origin
Date
Fri, 01 Sep 2023 04:06:15 GMT
Expires
Sat, 31 Aug 2024 04:06:15 GMT
Last-Modified
Tue, 03 Mar 2020 20:15:00 GMT
Report-To
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Server
sffe
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ffd0795b9944dcd-FRA
content-length
24
content-type
text/plain
date
Fri, 01 Sep 2023 11:03:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3W4c8vd8Urzj7OLk7N1ayAESmDwNFEyy2wQDEPY7pXcpN1wxY3nEwKZa1jjNJemzNvH04MudaHbNFOJVXha82C5i2dgQn4va7Rj%2BBnfE6nrSIQ72PYaAEeLcEKtMN5%2B24YxR480%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-5ggx
rs
ad4m.at/ Frame DF03 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa3bee6b076d1ddcf5339ded3e713f184d8f0b72907f10732bee5eb4be840514

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 01 Sep 2023 11:03:57 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20P2z9YPZxaTB5rhzesPDBpqVZlZTy9%2F5lZjmG4PuYD3ayuMNBYJ3v%2FRl77iJ7gi1bSDdugqS%2BWTHpel4D7z%2Bwiv0wk4POyOG5LPpcMEZa63OYiKP%2BILgUxZS9qDXePz%2BQl5rmc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7ffd07960a044dcd-FRA
x-backend-server
aa-reachservice-group-europe-west1-n1s0
alt-svc
h3=":443"; ma=86400
playback
www.youtube.com/api/stats/ Frame EDDD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/playback?ns=yt&fexp=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735%2C45786216&el=adunit&cpn=-lDuXMdhG6NsLmuT&docid=a5Z3jCHiUMw&visitordata=CgtoeF9YNElBV2d6OA%253D%253D&of=-_xhI4eL4MjOL53E0nwGhA&ver=2&cmt=0.222&fmt=18&rt=0.000&adformat=2_2_1&euri=http%3A%2F%2Fwww.lebanonfiles.com%2F&len=15.000&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=116.0.5845.140&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=13&rtn=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame AE77 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?J6DnAA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:57 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
pagead2.googlesyndication.com/bg/ Frame 7588 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Requested by
Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 20:24:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
225557
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
Cross-Origin-Resource-Policy
cross-origin
Content-Length
16622
X-XSS-Protection
0
Last-Modified
Mon, 28 Aug 2023 09:28:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="botguard-scs"
Vary
Accept-Encoding
Report-To
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Expires
Wed, 28 Aug 2024 20:24:40 GMT
setuid
user-sync.adxpremium.services/ Frame C15B
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZPHFGz0IGCvxrvg0RKIHOQAA%263245
86 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZPHFGz0IGCvxrvg0RKIHOQAA%263245
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:57 GMT
content-length
86
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Fri, 01 Sep 2023 11:03:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZPHFGz0IGCvxrvg0RKIHOQAA%263245
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rar
as.ad4m.at/ad/ Frame FCFC 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=b18b4247d7068452247f05697732b247%2F2981324858884716948&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693566237110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hyhqad3d3ygbnw7abgk8a6xny4j86p3nxwrznmjycbahfm179jvgdf29g26j000f78vjgycccsg99z12crf2p9a6g3bhhqcg887vt8jmpjser2ehbvr1n6b0fvx1q4rydprzzvdfvcdrwjgz6spgv0p2mkchfnnmdbetapd2btne9xmcsn749er5rydzp2jg0gmy9nwckbzg6w2p8c46zrd4v0qdf242b6h8m6v341rzd6bnfcccjngdt8bxwdx3th7anqsje8xdfnfj9r0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRYYvG8XxZOv9I-qJ9fgP1K68gAOQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NzQ1NTkzOTQ1NjA4MjAyyAEJqQJTB1TmjjGyPuACAKgDAcgDAqoEngJP0GWJM0qfjVb0z5-owycBjjBBriK-AyOzUDgtL39HSZcuk9VIeNIJh2HPLOen3_-EChJO9uktMOAjDHcIoGfq_Wkwzy0eSbawjLIjvDziReG7vqC90cHx8wpIpbNE5Qo-j5OAylseYfPSW1zytis6NC6XpNAsPIJIUV7kFIlrNFN1RCVRRexf_aUIxqeWGaI1ypeXZdVZSOUN3xK7csXEBSTpXixRQ-Xmlx524_m_UA5dUAPPjIdppLv42fM__aHCqeRLXLBaIq1uyq-9RKmUY-ULY2qZox35uDWijOorXnBI-TVpBEHOntc7FOH7AlM7o7f-CSmgLLVEMqFcsTZCwOdBOMLHCfhgfA3TefQYsEoOqVZtN4DjJ-CfOBz34AQBgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1NU2TL0eVsj6idZy8bUHJkct6-NQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5ea88cde93f1e0c2b9db4c4c6935c26aaf34b48e5148606f6ab44db4b0d85a1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hp087sqahtfe3cv85xgpjx6tfz90dadm44c5vn1252p416ptxcbqhcbepp0e4w8kgzpkq5pa4vq3mjmxhw13zh9kn1gycmmdys70xcw4shqry26cvek1p9np4vch838erjpzs89cy9503h0388417pr6x51n6pnmhkbzwjm5mvk7xag1v06qjc5pmyq76g621qr5gp9skq9xypf8y72b8np400r21gd6wd915g3gyhjfy4ek2bj0r1ajvfe00avx48yr7c4pdd6q88n5sf5ppvz86s5x7znxhkwq22430ajw6d2f13sbgwv84rtqf368w1fvxngs2ye8merxrjw2vxh1czgs1jxg2dyah9pmbyk7gwqne3m5v9mh1hq3ky7x4p1n0xez65h5za018ppsr754bwmbfh1d92kmaf2v8a44sx79a5jc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRYYvG8XxZOv9I-qJ9fgP1K68gAOQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NzQ1NTkzOTQ1NjA4MjAyyAEJqQJTB1TmjjGyPuACAKgDAcgDAqoEngJP0GWJM0qfjVb0z5-owycBjjBBriK-AyOzUDgtL39HSZcuk9VIeNIJh2HPLOen3_-EChJO9uktMOAjDHcIoGfq_Wkwzy0eSbawjLIjvDziReG7vqC90cHx8wpIpbNE5Qo-j5OAylseYfPSW1zytis6NC6XpNAsPIJIUV7kFIlrNFN1RCVRRexf_aUIxqeWGaI1ypeXZdVZSOUN3xK7csXEBSTpXixRQ-Xmlx524_m_UA5dUAPPjIdppLv42fM__aHCqeRLXLBaIq1uyq-9RKmUY-ULY2qZox35uDWijOorXnBI-TVpBEHOntc7FOH7AlM7o7f-CSmgLLVEMqFcsTZCwOdBOMLHCfhgfA3TefQYsEoOqVZtN4DjJ-CfOBz34AQBgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1NU2TL0eVsj6idZy8bUHJkct6-NQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ffd07968c579a3f-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 11:03:57 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame FCFC 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=b18b4247d7068452247f05697732b247%2F2981324858884716948&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693566237110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hyhqad3d3ygbnw7abgk8a6xny4j86p3nxwrznmjycbahfm179jvgdf29g26j000f78vjgycccsg99z12crf2p9a6g3bhhqcg887vt8jmpjser2ehbvr1n6b0fvx1q4rydprzzvdfvcdrwjgz6spgv0p2mkchfnnmdbetapd2btne9xmcsn749er5rydzp2jg0gmy9nwckbzg6w2p8c46zrd4v0qdf242b6h8m6v341rzd6bnfcccjngdt8bxwdx3th7anqsje8xdfnfj9r0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRYYvG8XxZOv9I-qJ9fgP1K68gAOQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NzQ1NTkzOTQ1NjA4MjAyyAEJqQJTB1TmjjGyPuACAKgDAcgDAqoEngJP0GWJM0qfjVb0z5-owycBjjBBriK-AyOzUDgtL39HSZcuk9VIeNIJh2HPLOen3_-EChJO9uktMOAjDHcIoGfq_Wkwzy0eSbawjLIjvDziReG7vqC90cHx8wpIpbNE5Qo-j5OAylseYfPSW1zytis6NC6XpNAsPIJIUV7kFIlrNFN1RCVRRexf_aUIxqeWGaI1ypeXZdVZSOUN3xK7csXEBSTpXixRQ-Xmlx524_m_UA5dUAPPjIdppLv42fM__aHCqeRLXLBaIq1uyq-9RKmUY-ULY2qZox35uDWijOorXnBI-TVpBEHOntc7FOH7AlM7o7f-CSmgLLVEMqFcsTZCwOdBOMLHCfhgfA3TefQYsEoOqVZtN4DjJ-CfOBz34AQBgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1NU2TL0eVsj6idZy8bUHJkct6-NQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=b18b4247d7068452247f05697732b247%2F2981324858884716948&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693566237110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hyhqad3d3ygbnw7abgk8a6xny4j86p3nxwrznmjycbahfm179jvgdf29g26j000f78vjgycccsg99z12crf2p9a6g3bhhqcg887vt8jmpjser2ehbvr1n6b0fvx1q4rydprzzvdfvcdrwjgz6spgv0p2mkchfnnmdbetapd2btne9xmcsn749er5rydzp2jg0gmy9nwckbzg6w2p8c46zrd4v0qdf242b6h8m6v341rzd6bnfcccjngdt8bxwdx3th7anqsje8xdfnfj9r0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRYYvG8XxZOv9I-qJ9fgP1K68gAOQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NzQ1NTkzOTQ1NjA4MjAyyAEJqQJTB1TmjjGyPuACAKgDAcgDAqoEngJP0GWJM0qfjVb0z5-owycBjjBBriK-AyOzUDgtL39HSZcuk9VIeNIJh2HPLOen3_-EChJO9uktMOAjDHcIoGfq_Wkwzy0eSbawjLIjvDziReG7vqC90cHx8wpIpbNE5Qo-j5OAylseYfPSW1zytis6NC6XpNAsPIJIUV7kFIlrNFN1RCVRRexf_aUIxqeWGaI1ypeXZdVZSOUN3xK7csXEBSTpXixRQ-Xmlx524_m_UA5dUAPPjIdppLv42fM__aHCqeRLXLBaIq1uyq-9RKmUY-ULY2qZox35uDWijOorXnBI-TVpBEHOntc7FOH7AlM7o7f-CSmgLLVEMqFcsTZCwOdBOMLHCfhgfA3TefQYsEoOqVZtN4DjJ-CfOBz34AQBgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1NU2TL0eVsj6idZy8bUHJkct6-NQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
777047
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZmY53SwOOx0hi9wNYSb5D1lWpTm9YEHShVJLozFX6wHH0VPIgo4P1SAITacCgvAMEiL51Gw%2BHiXQUWWGOjLfVf16i0SHrjTy6%2FLdgxSDlyI8MjBYWaMl9IDpKZadeI34x5vL161d7M%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7ffd07974d139a3f-FRA
expires
Fri, 01 Sep 2023 12:03:57 GMT
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame FCFC 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=b18b4247d7068452247f05697732b247%2F2981324858884716948&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693566237110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hyhqad3d3ygbnw7abgk8a6xny4j86p3nxwrznmjycbahfm179jvgdf29g26j000f78vjgycccsg99z12crf2p9a6g3bhhqcg887vt8jmpjser2ehbvr1n6b0fvx1q4rydprzzvdfvcdrwjgz6spgv0p2mkchfnnmdbetapd2btne9xmcsn749er5rydzp2jg0gmy9nwckbzg6w2p8c46zrd4v0qdf242b6h8m6v341rzd6bnfcccjngdt8bxwdx3th7anqsje8xdfnfj9r0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRYYvG8XxZOv9I-qJ9fgP1K68gAOQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NzQ1NTkzOTQ1NjA4MjAyyAEJqQJTB1TmjjGyPuACAKgDAcgDAqoEngJP0GWJM0qfjVb0z5-owycBjjBBriK-AyOzUDgtL39HSZcuk9VIeNIJh2HPLOen3_-EChJO9uktMOAjDHcIoGfq_Wkwzy0eSbawjLIjvDziReG7vqC90cHx8wpIpbNE5Qo-j5OAylseYfPSW1zytis6NC6XpNAsPIJIUV7kFIlrNFN1RCVRRexf_aUIxqeWGaI1ypeXZdVZSOUN3xK7csXEBSTpXixRQ-Xmlx524_m_UA5dUAPPjIdppLv42fM__aHCqeRLXLBaIq1uyq-9RKmUY-ULY2qZox35uDWijOorXnBI-TVpBEHOntc7FOH7AlM7o7f-CSmgLLVEMqFcsTZCwOdBOMLHCfhgfA3TefQYsEoOqVZtN4DjJ-CfOBz34AQBgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1NU2TL0eVsj6idZy8bUHJkct6-NQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1252328
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400
content-length
44710
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:45:52 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sxD9MwSIsoDOe%2FenBxIagThpGLyYFquW0r48E167iXD0QLWy3ox162SoPp9DIohEzd7tgmJBI2wBGmLpA7fmOYW9gZwDf9Qsx1NP7nzFa6dFtbVikqfRpO7E%2BIG7MmW4NnlbUTyHa%2F7TShP5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ffd07976f601c20-FRA
expires
Sat, 02 Sep 2023 11:03:57 GMT
809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
assets.ad4m.at/ Frame FCFC 		699 KB
701 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=b18b4247d7068452247f05697732b247%2F2981324858884716948&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693566237110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hyhqad3d3ygbnw7abgk8a6xny4j86p3nxwrznmjycbahfm179jvgdf29g26j000f78vjgycccsg99z12crf2p9a6g3bhhqcg887vt8jmpjser2ehbvr1n6b0fvx1q4rydprzzvdfvcdrwjgz6spgv0p2mkchfnnmdbetapd2btne9xmcsn749er5rydzp2jg0gmy9nwckbzg6w2p8c46zrd4v0qdf242b6h8m6v341rzd6bnfcccjngdt8bxwdx3th7anqsje8xdfnfj9r0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRYYvG8XxZOv9I-qJ9fgP1K68gAOQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NzQ1NTkzOTQ1NjA4MjAyyAEJqQJTB1TmjjGyPuACAKgDAcgDAqoEngJP0GWJM0qfjVb0z5-owycBjjBBriK-AyOzUDgtL39HSZcuk9VIeNIJh2HPLOen3_-EChJO9uktMOAjDHcIoGfq_Wkwzy0eSbawjLIjvDziReG7vqC90cHx8wpIpbNE5Qo-j5OAylseYfPSW1zytis6NC6XpNAsPIJIUV7kFIlrNFN1RCVRRexf_aUIxqeWGaI1ypeXZdVZSOUN3xK7csXEBSTpXixRQ-Xmlx524_m_UA5dUAPPjIdppLv42fM__aHCqeRLXLBaIq1uyq-9RKmUY-ULY2qZox35uDWijOorXnBI-TVpBEHOntc7FOH7AlM7o7f-CSmgLLVEMqFcsTZCwOdBOMLHCfhgfA3TefQYsEoOqVZtN4DjJ-CfOBz34AQBgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1NU2TL0eVsj6idZy8bUHJkct6-NQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4b8cd0d6d8c57ef39e1bb5cff8557261b3b2f640656680a72e421471032d841

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
489495
cf-polished
origFmt=png, origSize=1123807
alt-svc
h3=":443"; ma=86400
content-length
716228
cf-bgj
imgq:85,h2pri
last-modified
Wed, 26 Jul 2023 14:19:55 GMT
server
cloudflare
etag
"5f84457cb2289c51e589af098eed3611"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dWntZ%2BITo%2BBBsEOTms3zRX4W3a8ykzENU97SHetOn6zTOS%2BIfzUmLxDTza46JqrEpPa1huh7Py1znC4GeWoCMJCzkDk9Eqyp%2FLaghvtNPIMcTCPE4hgyUe6g9YEqV1BVGMkCiBhMUBc0Xnta"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ffd07976f5f1c20-FRA
expires
Sat, 02 Sep 2023 11:03:57 GMT
ztpv.php
www.conrad.de/ Frame FCFC
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1693566237_3f5eda61-48b7-11ee-8502-226591661de6&insert=AW&&gdpr=0&gdpr_consent=
0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1693566237_3f5eda61-48b7-11ee-8502-226591661de6&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=b18b4247d7068452247f05697732b247%2F2981324858884716948&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693566237110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hyhqad3d3ygbnw7abgk8a6xny4j86p3nxwrznmjycbahfm179jvgdf29g26j000f78vjgycccsg99z12crf2p9a6g3bhhqcg887vt8jmpjser2ehbvr1n6b0fvx1q4rydprzzvdfvcdrwjgz6spgv0p2mkchfnnmdbetapd2btne9xmcsn749er5rydzp2jg0gmy9nwckbzg6w2p8c46zrd4v0qdf242b6h8m6v341rzd6bnfcccjngdt8bxwdx3th7anqsje8xdfnfj9r0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRYYvG8XxZOv9I-qJ9fgP1K68gAOQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NzQ1NTkzOTQ1NjA4MjAyyAEJqQJTB1TmjjGyPuACAKgDAcgDAqoEngJP0GWJM0qfjVb0z5-owycBjjBBriK-AyOzUDgtL39HSZcuk9VIeNIJh2HPLOen3_-EChJO9uktMOAjDHcIoGfq_Wkwzy0eSbawjLIjvDziReG7vqC90cHx8wpIpbNE5Qo-j5OAylseYfPSW1zytis6NC6XpNAsPIJIUV7kFIlrNFN1RCVRRexf_aUIxqeWGaI1ypeXZdVZSOUN3xK7csXEBSTpXixRQ-Xmlx524_m_UA5dUAPPjIdppLv42fM__aHCqeRLXLBaIq1uyq-9RKmUY-ULY2qZox35uDWijOorXnBI-TVpBEHOntc7FOH7AlM7o7f-CSmgLLVEMqFcsTZCwOdBOMLHCfhgfA3TefQYsEoOqVZtN4DjJ-CfOBz34AQBgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1NU2TL0eVsj6idZy8bUHJkct6-NQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6813:afbe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:57 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache
cf-ray
7ffd0798ef504150-HAM
content-length
0
expires
-1

Redirect headers

Date
Fri, 01 Sep 2023 11:03:57 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1693566237_3f5eda61-48b7-11ee-8502-226591661de6&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame FCFC 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=b18b4247d7068452247f05697732b247%2F2981324858884716948&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693566237110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hyhqad3d3ygbnw7abgk8a6xny4j86p3nxwrznmjycbahfm179jvgdf29g26j000f78vjgycccsg99z12crf2p9a6g3bhhqcg887vt8jmpjser2ehbvr1n6b0fvx1q4rydprzzvdfvcdrwjgz6spgv0p2mkchfnnmdbetapd2btne9xmcsn749er5rydzp2jg0gmy9nwckbzg6w2p8c46zrd4v0qdf242b6h8m6v341rzd6bnfcccjngdt8bxwdx3th7anqsje8xdfnfj9r0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRYYvG8XxZOv9I-qJ9fgP1K68gAOQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NzQ1NTkzOTQ1NjA4MjAyyAEJqQJTB1TmjjGyPuACAKgDAcgDAqoEngJP0GWJM0qfjVb0z5-owycBjjBBriK-AyOzUDgtL39HSZcuk9VIeNIJh2HPLOen3_-EChJO9uktMOAjDHcIoGfq_Wkwzy0eSbawjLIjvDziReG7vqC90cHx8wpIpbNE5Qo-j5OAylseYfPSW1zytis6NC6XpNAsPIJIUV7kFIlrNFN1RCVRRexf_aUIxqeWGaI1ypeXZdVZSOUN3xK7csXEBSTpXixRQ-Xmlx524_m_UA5dUAPPjIdppLv42fM__aHCqeRLXLBaIq1uyq-9RKmUY-ULY2qZox35uDWijOorXnBI-TVpBEHOntc7FOH7AlM7o7f-CSmgLLVEMqFcsTZCwOdBOMLHCfhgfA3TefQYsEoOqVZtN4DjJ-CfOBz34AQBgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1NU2TL0eVsj6idZy8bUHJkct6-NQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
192894
cf-polished
origSize=115129, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
75430
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnLLxp0aPzgUxDbD%2BeDOQXiTohmWcE%2Bfd223tOnzozU%2BtbcOiq82NyiD2y8YnUPlH49maz4nyVnh1WNV73VOh9gGdMrHDumxRnc8Jwchymo1MDv1O4Va3Hof2hxlQj2cfkbDx20LMEKO62EV"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ffd07976f5a1c20-FRA
expires
Sat, 02 Sep 2023 11:03:57 GMT
F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame FCFC 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=b18b4247d7068452247f05697732b247%2F2981324858884716948&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693566237110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hyhqad3d3ygbnw7abgk8a6xny4j86p3nxwrznmjycbahfm179jvgdf29g26j000f78vjgycccsg99z12crf2p9a6g3bhhqcg887vt8jmpjser2ehbvr1n6b0fvx1q4rydprzzvdfvcdrwjgz6spgv0p2mkchfnnmdbetapd2btne9xmcsn749er5rydzp2jg0gmy9nwckbzg6w2p8c46zrd4v0qdf242b6h8m6v341rzd6bnfcccjngdt8bxwdx3th7anqsje8xdfnfj9r0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRYYvG8XxZOv9I-qJ9fgP1K68gAOQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NzQ1NTkzOTQ1NjA4MjAyyAEJqQJTB1TmjjGyPuACAKgDAcgDAqoEngJP0GWJM0qfjVb0z5-owycBjjBBriK-AyOzUDgtL39HSZcuk9VIeNIJh2HPLOen3_-EChJO9uktMOAjDHcIoGfq_Wkwzy0eSbawjLIjvDziReG7vqC90cHx8wpIpbNE5Qo-j5OAylseYfPSW1zytis6NC6XpNAsPIJIUV7kFIlrNFN1RCVRRexf_aUIxqeWGaI1ypeXZdVZSOUN3xK7csXEBSTpXixRQ-Xmlx524_m_UA5dUAPPjIdppLv42fM__aHCqeRLXLBaIq1uyq-9RKmUY-ULY2qZox35uDWijOorXnBI-TVpBEHOntc7FOH7AlM7o7f-CSmgLLVEMqFcsTZCwOdBOMLHCfhgfA3TefQYsEoOqVZtN4DjJ-CfOBz34AQBgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1NU2TL0eVsj6idZy8bUHJkct6-NQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
973928
cf-polished
qual=85, origFmt=jpeg, origSize=132437
alt-svc
h3=":443"; ma=86400
content-length
23154
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Dec 2021 17:51:23 GMT
server
cloudflare
etag
"c348b177953ac5720836c04e1a21673d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfV4LSEozxEJ7%2F06WbYL6BlVWHK6BHaNdRwI3Ncgsq4%2FrYEnj%2FdiwSVP40WAeJDDWL2nweRv58ezVYgVa%2BAdSguNG7MRV%2F5eqMQ2NQCBgSZ%2Fb5CBumgiK03OgJXPaQz6jTnZao9r5PZvJIOH"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ffd07976f5c1c20-FRA
expires
Sat, 02 Sep 2023 11:03:57 GMT
/
partner.o2online.de/a/ Frame FCFC
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNqO9O-hiYEDFVyPgwcdMVMLDg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023090113035788480820755X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Ne...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023090113035788480820755X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023090113035788480820755X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=b18b4247d7068452247f05697732b247%2F2981324858884716948&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693566237110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hyhqad3d3ygbnw7abgk8a6xny4j86p3nxwrznmjycbahfm179jvgdf29g26j000f78vjgycccsg99z12crf2p9a6g3bhhqcg887vt8jmpjser2ehbvr1n6b0fvx1q4rydprzzvdfvcdrwjgz6spgv0p2mkchfnnmdbetapd2btne9xmcsn749er5rydzp2jg0gmy9nwckbzg6w2p8c46zrd4v0qdf242b6h8m6v341rzd6bnfcccjngdt8bxwdx3th7anqsje8xdfnfj9r0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRYYvG8XxZOv9I-qJ9fgP1K68gAOQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NzQ1NTkzOTQ1NjA4MjAyyAEJqQJTB1TmjjGyPuACAKgDAcgDAqoEngJP0GWJM0qfjVb0z5-owycBjjBBriK-AyOzUDgtL39HSZcuk9VIeNIJh2HPLOen3_-EChJO9uktMOAjDHcIoGfq_Wkwzy0eSbawjLIjvDziReG7vqC90cHx8wpIpbNE5Qo-j5OAylseYfPSW1zytis6NC6XpNAsPIJIUV7kFIlrNFN1RCVRRexf_aUIxqeWGaI1ypeXZdVZSOUN3xK7csXEBSTpXixRQ-Xmlx524_m_UA5dUAPPjIdppLv42fM__aHCqeRLXLBaIq1uyq-9RKmUY-ULY2qZox35uDWijOorXnBI-TVpBEHOntc7FOH7AlM7o7f-CSmgLLVEMqFcsTZCwOdBOMLHCfhgfA3TefQYsEoOqVZtN4DjJ-CfOBz34AQBgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1NU2TL0eVsj6idZy8bUHJkct6-NQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:58 GMT
X-NODEIP
46.4.62.19
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023090113035788480820755X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023090113035788480820755X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
date
Fri, 01 Sep 2023 11:03:57 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame FCFC 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=b18b4247d7068452247f05697732b247%2F2981324858884716948&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693566237110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hyhqad3d3ygbnw7abgk8a6xny4j86p3nxwrznmjycbahfm179jvgdf29g26j000f78vjgycccsg99z12crf2p9a6g3bhhqcg887vt8jmpjser2ehbvr1n6b0fvx1q4rydprzzvdfvcdrwjgz6spgv0p2mkchfnnmdbetapd2btne9xmcsn749er5rydzp2jg0gmy9nwckbzg6w2p8c46zrd4v0qdf242b6h8m6v341rzd6bnfcccjngdt8bxwdx3th7anqsje8xdfnfj9r0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRYYvG8XxZOv9I-qJ9fgP1K68gAOQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NzQ1NTkzOTQ1NjA4MjAyyAEJqQJTB1TmjjGyPuACAKgDAcgDAqoEngJP0GWJM0qfjVb0z5-owycBjjBBriK-AyOzUDgtL39HSZcuk9VIeNIJh2HPLOen3_-EChJO9uktMOAjDHcIoGfq_Wkwzy0eSbawjLIjvDziReG7vqC90cHx8wpIpbNE5Qo-j5OAylseYfPSW1zytis6NC6XpNAsPIJIUV7kFIlrNFN1RCVRRexf_aUIxqeWGaI1ypeXZdVZSOUN3xK7csXEBSTpXixRQ-Xmlx524_m_UA5dUAPPjIdppLv42fM__aHCqeRLXLBaIq1uyq-9RKmUY-ULY2qZox35uDWijOorXnBI-TVpBEHOntc7FOH7AlM7o7f-CSmgLLVEMqFcsTZCwOdBOMLHCfhgfA3TefQYsEoOqVZtN4DjJ-CfOBz34AQBgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1NU2TL0eVsj6idZy8bUHJkct6-NQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
134004
cf-polished
origFmt=png, origSize=24833
alt-svc
h3=":443"; ma=86400
content-length
9258
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYwuw1215axJdhF2%2BlHJv8ZMtNxxDzrnAwHotk3q%2Fiw4ZXCiQM7N%2FnGJGA4P8xQ%2FXYU1xvRHzUTZRpwcpLAQKHbFTEx0MBjP92yXYR6L0a2PJJBkLWBMMeNDnIcxJB%2B2Rixf%2FaIwKzMo94%2Bl"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ffd07976f561c20-FRA
expires
Sat, 02 Sep 2023 11:03:57 GMT
BD296E86E998D91867132DA66ADF2A85F2CAF435EEB1621B3B7969B9EEA301A7B7C778E98190EE655C15B3F6F0886739D1832F3029FA7C86F597F5CA85554689
assets.ad4m.at/ Frame FCFC 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/BD296E86E998D91867132DA66ADF2A85F2CAF435EEB1621B3B7969B9EEA301A7B7C778E98190EE655C15B3F6F0886739D1832F3029FA7C86F597F5CA85554689
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=b18b4247d7068452247f05697732b247%2F2981324858884716948&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693566237110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hyhqad3d3ygbnw7abgk8a6xny4j86p3nxwrznmjycbahfm179jvgdf29g26j000f78vjgycccsg99z12crf2p9a6g3bhhqcg887vt8jmpjser2ehbvr1n6b0fvx1q4rydprzzvdfvcdrwjgz6spgv0p2mkchfnnmdbetapd2btne9xmcsn749er5rydzp2jg0gmy9nwckbzg6w2p8c46zrd4v0qdf242b6h8m6v341rzd6bnfcccjngdt8bxwdx3th7anqsje8xdfnfj9r0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRYYvG8XxZOv9I-qJ9fgP1K68gAOQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NzQ1NTkzOTQ1NjA4MjAyyAEJqQJTB1TmjjGyPuACAKgDAcgDAqoEngJP0GWJM0qfjVb0z5-owycBjjBBriK-AyOzUDgtL39HSZcuk9VIeNIJh2HPLOen3_-EChJO9uktMOAjDHcIoGfq_Wkwzy0eSbawjLIjvDziReG7vqC90cHx8wpIpbNE5Qo-j5OAylseYfPSW1zytis6NC6XpNAsPIJIUV7kFIlrNFN1RCVRRexf_aUIxqeWGaI1ypeXZdVZSOUN3xK7csXEBSTpXixRQ-Xmlx524_m_UA5dUAPPjIdppLv42fM__aHCqeRLXLBaIq1uyq-9RKmUY-ULY2qZox35uDWijOorXnBI-TVpBEHOntc7FOH7AlM7o7f-CSmgLLVEMqFcsTZCwOdBOMLHCfhgfA3TefQYsEoOqVZtN4DjJ-CfOBz34AQBgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1NU2TL0eVsj6idZy8bUHJkct6-NQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b1f6750b46c0fd1393db6e6f571ef836a29fd11b2d6e9c32e65b784e3b06ea5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1891951
cf-polished
qual=85, origFmt=jpeg, origSize=123474
alt-svc
h3=":443"; ma=86400
content-length
27302
cf-bgj
imgq:85,h2pri
last-modified
Mon, 10 Jul 2023 13:35:21 GMT
server
cloudflare
etag
"b2c66965c0cae09bbfaa712aade417a6"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSqzOwe%2Fjf6DdaBPtffKCJ25TwLQLesauGKolO12hATOgrc84jY3ZA0e%2F2FH5qsPfhp%2Fy%2BvwGbZPfIgmXsZRoIeGhhYA92h4ltuMo0P4Eu%2B5fqlhvuDadNuSoBSdmdb6NaENDMrBnDBlE2Jy"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ffd07976f571c20-FRA
expires
Sat, 02 Sep 2023 11:03:57 GMT
/
partner.blau.de/a/ Frame FCFC
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CICU9O-hiYEDFRaK_QcdSzkMXg;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023090113035788480820753X113752V1225131106MSviewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Net...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023090113035788480820753X113752V1225131106MSviewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C167497&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=b18b4247d7068452247f05697732b247%2F2981324858884716948&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693566237110&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hyhqad3d3ygbnw7abgk8a6xny4j86p3nxwrznmjycbahfm179jvgdf29g26j000f78vjgycccsg99z12crf2p9a6g3bhhqcg887vt8jmpjser2ehbvr1n6b0fvx1q4rydprzzvdfvcdrwjgz6spgv0p2mkchfnnmdbetapd2btne9xmcsn749er5rydzp2jg0gmy9nwckbzg6w2p8c46zrd4v0qdf242b6h8m6v341rzd6bnfcccjngdt8bxwdx3th7anqsje8xdfnfj9r0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCRYYvG8XxZOv9I-qJ9fgP1K68gAOQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NzQ1NTkzOTQ1NjA4MjAyyAEJqQJTB1TmjjGyPuACAKgDAcgDAqoEngJP0GWJM0qfjVb0z5-owycBjjBBriK-AyOzUDgtL39HSZcuk9VIeNIJh2HPLOen3_-EChJO9uktMOAjDHcIoGfq_Wkwzy0eSbawjLIjvDziReG7vqC90cHx8wpIpbNE5Qo-j5OAylseYfPSW1zytis6NC6XpNAsPIJIUV7kFIlrNFN1RCVRRexf_aUIxqeWGaI1ypeXZdVZSOUN3xK7csXEBSTpXixRQ-Xmlx524_m_UA5dUAPPjIdppLv42fM__aHCqeRLXLBaIq1uyq-9RKmUY-ULY2qZox35uDWijOorXnBI-TVpBEHOntc7FOH7AlM7o7f-CSmgLLVEMqFcsTZCwOdBOMLHCfhgfA3TefQYsEoOqVZtN4DjJ-CfOBz34AQBgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1NU2TL0eVsj6idZy8bUHJkct6-NQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:58 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023090113035788480820753X113752V1225131106MSviewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
date
Fri, 01 Sep 2023 11:03:57 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 6AFA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFMDgPCfD6uO-HvnH81nZkXFoMSGX9o4WBR0jboVtJRaocIqMdUeiJeB0hV6rZLAJM5hNI7s7FUkTWe-NgPaHxRNQn8FU7tKHwVQyh1ga0jID-YikHDng_JlSnDBcC&sig=Cg0ArKJSzKk6dp8ZKdCKEAE&id=lidar2&mcvt=1023&p=1110,436,1200,1164&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3076045770&rs=4&la=0&cr=0&vs=4&r=v&rst=1693566232771&rpt=3517&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
urlsvid.json
vpaid.vidoomy.com/sync/ Frame 7C16 		1 KB
841 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 01 Sep 2023 11:03:57 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
442733
x-accel-date
1693123504
x-77-nzt
AcO1rw6ESI7/bcEGAA
x-accel-expires
@1694160304
last-modified
Mon, 10 Jul 2023 08:02:46 GMT
server
CDN77-Turbo
etag
W/"64abbb26-479"
x-77-nzt-ray
908339305f7f23f61dc5f16454399d1d
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://vid.vidoomy.com
access-control-allow-credentials
true
/
onetag-sys.com/usync/ 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-store
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CDE8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=41428
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 01 Sep 2023 11:03:57 GMT
expires
Fri, 01 Sep 2023 22:34:25 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame C15B 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.152 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 01 Sep 2023 11:03:57 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6565 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308240101&jk=333115261010236&bg=!aGulayTNAAYHwnCgJ8I7ADQBe5WfOKz-f2ysy9Rf-0nfW0gkQHyFciOeSKJR7Q5M7TIPgjim_JP7likuiHrazg_miS2JAgAAAVpSAAAACWgBBwoAephjYz71odz41SOir9fqr0LtGWf4Zct-qPDufXZ1txenhfNO_vgGKUq5Ff6p2mXsk0_pJPzhiqiqg_hkm8U5HJk329nI2Dnj--XmAJCIZu6s6ViXK_gyT_Gf8oUUZe6uyZemfwvmvsLWDQJUzcKeoGpS07cNJpvwyvxfmQLy_S-LYNiPFBLff4XajmVB4aM_ZN9vb8GE2kr6PecGd4U4IThQSM0iG3NZuUFtTa2rvDJhai6A7570rAnpM7vS3IUeKAB2HE37Y-J8Nii89yg2FAIUXwnw5WVy0TPuPf3w8-ckU3mWztJkceXWNVN1ZnWLSHPduuSSwXQ8LMKys4g9uOwGCZxU05q-0KweWFIJGJtwr4ZDV9wshf4v33PcJ4JvkF--xWd4pgHk7NL692N7f3JdkDP1sU9YV15D9fhgwDX5aEgD8QUKmklKl7EyW_cGWL9kv0Ln_Fn9V-30PzNQkJrP49KnGM_sw0gnHKm2_ACGQcnFJuNUmnte8pvfsm9mfqoDPoU5G0bUl7EAie1kJYyTUrRhMcHj27YOxL5pdL0cm1tZZ0uPf5mWVf5kTe8lB01f6NFgW-iMXGieE8ksSy4Ne20hAPx_TwNRHNr3IqCr7YQkGirrRU1hMAfFNXafsLd2wLT1dWdGhz5WwEUztarT9L7pakr8TJvegOwry13KS0stxRxuD7Xv9OhyA4Y0rFLrvL-7-e4liqLUhQj-SqwrzFEv_psw0Ye077TBynYM3-MXNGHBf_O0qHCEFII0Os4OQPMEN3nB6dOu49jSNmakQLG-4IcWKrDUPgEc4vkCopINLuu7wT-z6XMyd99bn8fyJe_9-DTQD-oDJNZwyV5uBJueNaR4KwrZQb-efykj8kcUZz7njBh_7PUQFpNz7G9RGirPn2_aYdhZJOuuxV6qvgrthc_JJLTMKs6uiaF-Ps9a9-gJOKKo-NeAuWI4FubjHw-7S4hdQzohROlB5X83gnsc3SbnC3QZOehYrGbGKUCFpIWmBOTTm36StLa3bgMJGyUugM-_ED8mnQGZAdSxQp-zDoR9YdX4NN-mDKRRJCpTziP876WU9jlF8jNwisWHRsCXwnMIcSF2J7ZK0jrli1YLtveKF8TTHvocvw1q1rpU9VtpTNWkGJVviaL1_sxADEt4M5FU1bOaOq4mGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
SPug
simage4.pubmatic.com/AdServer/ Frame 3423 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7588 		0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.587.0&bgai=BPk1oG8XxZLTPHpuIgAePvZSgCwAAAAA4AboFEwiuzvnuoYmBAxVZDOAKHfBQAkQ&bg=!LS6lLmHNAAYHwnCgJ8I7ADQBe5WfOP8GGi3TBoEwWoF77I4bASO0N_s9f0JQiB96v1P7TQWzKlgGETH5ueSGW6V0EHu9AgAAASxSAAAACGgBB5kCOJQxWKkxpzqFyLl93Fqaloz2CG4Gtym66vlQDJTolW3sNmxV45HucSrNh9jqM2vf-lhF4dmi8mTlLYuwDP4R00Mb_pw-3LQyfLV0AxSXDDnVnxHz4Cz5vtJZZvVVxYFI8rTZidXhYDwbrHasGoSxvMW1AyFJ2gQSFvWnS8BwvMqnnryK73qt309b99RrRcEMqdAX_9S8ArF_vKyVaXozmRw4gTA1mG58bQJJjBp7Qw7zbHpL6skzf1gwfirPi1-t61F5w1bnhv02H2iRviunvArU83rtkLmWPh6Rq6q7V5DPj1d2sBlJfvM3KTiRHnTJ5oAxawskwFbfMfxU7MHLtL0XVnGFHTmWdmZ0vjZP6em5VS4-K83Cq6do27fRFDtlAROpvK6Q5l2GgHv5z6K4ghhwtDLG2ar3Mcwn8qpPKxHmSfSyO5-f4s_EcWwHUDqOHMTZ_JjfMgJaAS1zTm_TOpDJF92YScERyw1JL086q3QqTennZVc3DKSzxwCafxz6QyauGmkCFcs-CHAAhZV1pWmS9HdeuK2BjAbAeI-xPgWi11qftH3hOmR7rmCVsNdypIgj3z6IQobY5WR625xvRyVkVQBjAVn1SzRHcr5esZieKCX10u2AqCCCkPolgzmv-VFYGAadZtbvLZI6qHqZqeR9j8CsyRNecqiehHPaLDFPrL0zipDVQYEpsFZY7KDOmZERE5BaItXxWEyxxDj8rsDAFZayP06DN3scZc_XjIh1RrVbokWM5lA
Protocol
HTTP/1.1
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Sep 2023 11:03:57 GMT
X-Content-Type-Options
nosniff
Server
cafe
Content-Type
image/gif
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame CDE8 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=96286289&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
980d5a54a22bc8a482aab90a44c50cb9de7362a3a596f709f6fb1698da384f1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 01 Sep 2023 11:03:57 GMT
content-length
2046
content-type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ Frame CBE9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308240101&jk=1340710480238468&bg=!YmGlYS7NAAYHwnCgJ8I7ADQBe5WfOKZ1LIMiIcD7IpQjjwFvqlxM96BkSQ38zBADUHF4jBszMhXS2fB4v_gHOFLxZdkiAgAAAVlSAAAAB2gBBwoAPmdMNrI3WLK3M8lLGlHsGlkuxmYKSoWFvpkys6DdfQrObnyhReGdUx6LJ2sWbc0-zkNlXfUGl86HaRZokfoMmQMCAhCMCkl4t8PiBjy3ps9f25-VN6zHctAlJzspv7mOPqq-X6iSg1jcCHzuPkmEUMC8d0KMqQhlJLfT8P9LS9BKw_01NS4-AnK-7hLemrkP9rFY1zFZN0L9xv4OSt_luSwYtz54dMMvEVAkAl31Wa6HN450Y933YDJ5KaHJKKmC-3qPgk53YEZsrkWKNUpUXvLLGfmBUAGgBWshzMWD6TmElmbPv8Z1GPTGDJ0hYECzl6wOc2fRzqJnIjU20quNppxBjZ3Xqx__OBguXPuWkdS55BftvR--F_MLx0U1MIo7pv4zaBNgO6IA6yvM0hqMPnCn4ebnYQbGnqD-YdH5wOWEJ20C18UlMiNaXR26gRadVz27GneHo6fBLtKBWP950c03-ht7l1IZvd-EGWrK1FklX-BQp1tAiPDvURl8q0Eou_SUZ0SyjXzQWXVrXOaBJqNfpUfDeT9GSk5uOcWbin405rlW7iGA25dr5qAHj-wTMozzgs7UFWT10Jo_-Uz4I72AoWEn5J2q9bFcPgVaaiDGDFf9LRMnne-HwlVj4lm89GHmnFYiX1Nfw2VnrPPT0jo9jZRNc_AkJb1eKDDCyIYPtXHS3WXCnnuFAOQKajkOYkoH_1I8lIaT63W_e5mSahaeHp6830jj5Q-i32H82HbEj4VVBkCdiW0u6aTrJcHaSA8FcypFXSqvr2jLzE4ZtXTR95cJlP-qeNmpd4irsE7iOQDyHpyvALKr1CDFUE5znDY1PS7iLBKEAvdAkSbJkHPH-AZHrYZ5TVe9rDYM_WsyYeG-C8ZtWmIxu-Hr-UllyOTiYPMLmg628sU60AuSAwaBnWDRFBWBjJWvkkLufpwVpqK-FxGUDb9TDOO0Sd1jV4cMkpRibE7STYV8u_BzpnWi7It8MQ9I0Uo_IOtVh8sMkxmEwGDm4P4dYkg4Q9kNE4ffGRGSpIEmYRKh_vuqC7ijAtvx2I5W9IFYMglN6wZlqzkKYYN8rqC71s8OhGZm4b41nVMLRbj1l_O3h8niA8lFfyA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
sync.php
pixel.rubiconproject.com/exchange/ Frame C15B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixelSync
pixel.sitescout.com/dmp/ Frame 7EBF 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D86b2998d6e37678b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
ddos.com
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:57 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
eb2.3lift.com/ Frame 7EBF 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/sync?px=1&src=prebid&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
um
u-ams03.e-planning.net/ Frame 7EBF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D86b2998d6e37678b%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=86b2998d6e37678b&uid=6913797373196767614
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=86b2998d6e37678b&uid=6913797373196767614
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

server
openresty
date
Fri, 01 Sep 2023 11:03:57 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:57 GMT
an-x-request-uuid
83dec1b0-0bba-4fe4-9a49-a658723382fb
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=86b2998d6e37678b&uid=6913797373196767614
x-proxy-origin
193.32.248.248; 193.32.248.248; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pd
u.openx.net/w/1.0/ Frame 7EBF 		43 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:57 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7EBF
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=660898&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZPHFGwAJwnUCQQBV&gdpr=0
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZPHFGwAJwnUCQQBV&gdpr=0
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSrsoRs7yMyudauhkjb5406kDpAun4J0Qxf%2FBFB5PYFc6Bo4Xu9kAvH26aItbp%2FcBOY7to10NPoBPf2EiWaOplo9v4aP1Vtsto%2BkPJ4DZhdxQqT65EYv9FQYXnPQpp2IBZt%2Fo%2FtJt1lICA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7ffd079b6d5a2681-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-fra-eddf8230037-FRA
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:57 GMT
via
1.1 varnish
server
Varnish
x-timer
S1693566238.954683,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZPHFGwAJwnUCQQBV&gdpr=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
prebid
rtb.openx.net/sync/ Frame 7EBF 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D86b2998d6e37678b%26uid%3D%24%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:57 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
um
u-ams03.e-planning.net/ Frame 7EBF
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D86b2998d6e37678b%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=86b2998d6e37678b&uid=ua-e755f5a5-d945-37eb-8b12-dce486826668
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=86b2998d6e37678b&uid=ua-e755f5a5-d945-37eb-8b12-dce486826668
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

server
openresty
date
Fri, 01 Sep 2023 11:03:58 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=86b2998d6e37678b&uid=ua-e755f5a5-d945-37eb-8b12-dce486826668
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:57 GMT
cache-control
no-store
content-length
0
expires
0
pbs.gif
sync.admanmedia.com/ Frame 7EBF 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D86b2998d6e37678b%26uid%3D%5BUID%5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:58 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
match
c1.adform.net/serving/cookie/ Frame 54EC 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=0181DC67-EB40-4A05-A565-44BE2E17BD8B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 01 Sep 2023 11:03:57 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame CAEA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6913797373196767614&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6913797373196767614&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 01 Sep 2023 11:03:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
2df50949-2c6d-482e-96ee-16743da2fb78
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 01 Sep 2023 11:03:57 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6913797373196767614&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
193.32.248.248; 193.32.248.248; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3123
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7273811592946841743&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7273811592946841743&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 01 Sep 2023 11:03:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Fri, 01 Sep 2023 11:03:57 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7273811592946841743&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame C90F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TzQf0P2KVUdxXR8QejjcL8Eg-Pg&gdpr=0&gdpr_consent=
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TzQf0P2KVUdxXR8QejjcL8Eg-Pg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 01 Sep 2023 11:03:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Fri, 01 Sep 2023 11:03:57 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TzQf0P2KVUdxXR8QejjcL8Eg-Pg&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame C60E 		85 B
177 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 01 Sep 2023 11:03:58 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230037-FRA
x-timer
S1693566238.927089,VS0,VE89
Pug
image2.pubmatic.com/AdServer/ Frame 1A61
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU5e10832b45cc4462b3572c448e5a45ae
42 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU5e10832b45cc4462b3572c448e5a45ae
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 01 Sep 2023 11:03:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Fri, 01 Sep 2023 11:03:58 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU5e10832b45cc4462b3572c448e5a45ae
pragma
no-cache
server
Tengine
Pug
image2.pubmatic.com/AdServer/ Frame 78B3
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEVUFFN0o0NG9BQUNZUkFTSngzZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADUAE7J44oAACYRASJx3g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7880629492407760853&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AADUAE7J44oAACYRASJx3g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D7880629492407760853%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=7880629492407760853&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADUAE7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADUAE7J44oAACYRASJx3g&gdpr=0&gdpr_consent=
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADUAE7J44oAACYRASJx3g&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 01 Sep 2023 11:03:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 01 Sep 2023 11:03:58 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADUAE7J44oAACYRASJx3g&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
setuid
user-sync.adxpremium.services/ Frame 8829 		86 B
836 B 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=0181DC67-EB40-4A05-A565-44BE2E17BD8B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
86
content-type
image/png
date
Fri, 01 Sep 2023 11:03:57 GMT
mw
mwzeom.zeotap.com/ Frame CDE8 		95 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=0181DC67-EB40-4A05-A565-44BE2E17BD8B
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7ffd079b0aed5c62-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame CDE8
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0181DC67-EB40-4A05-A565-44BE2E17BD8B&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0181DC67-EB40-4A05-A565-44BE2E17BD8B&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0181DC67-EB40-4A05-A565-44BE2E17BD8B&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:04:11 GMT
frontend-id
6
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:04:11 GMT
frontend-id
3
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=0181DC67-EB40-4A05-A565-44BE2E17BD8B&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame CDE8
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=0181DC67-EB40-4A05-A565-44BE2E17BD8B&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
sync
x.bidswitch.net/ Frame CDE8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=0e6106d9-cb1a-488f-8355-e1be61655f1d&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=0e6106d9-cb1a-488f-8355-e1be61655f1d&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=b97da03c-12cd-47f3-a6d6-155bf5698b5d&ssp=pubmatic&expires=30&user_group=5&bsw_param=0e6106d9-cb1a-488f-8355-e1be61655f1d
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=4&user_id=b97da03c-12cd-47f3-a6d6-155bf5698b5d&ssp=pubmatic&expires=30&user_group=5&bsw_param=0e6106d9-cb1a-488f-8355-e1be61655f1d
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
18.185.210.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-210-119.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=4&user_id=b97da03c-12cd-47f3-a6d6-155bf5698b5d&ssp=pubmatic&expires=30&user_group=5&bsw_param=0e6106d9-cb1a-488f-8355-e1be61655f1d
Date
Fri, 01 Sep 2023 11:03:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame CDE8 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0181DC67-EB40-4A05-A565-44BE2E17BD8B&gdpr=0&gdpr_consent=
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:57 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame CDE8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7061777754893075511&gdpr=0&gdpr_consent=&us_privacy=
1 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7061777754893075511&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 01 Sep 2023 11:03:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7061777754893075511&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:57 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame CDE8
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0c2c575f-ffd4-46d8-b1f6-6c1a8f7f0181&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0c2c575f-ffd4-46d8-b1f6-6c1a8f7f0181&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 01 Sep 2023 11:03:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0c2c575f-ffd4-46d8-b1f6-6c1a8f7f0181&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 01 Sep 2023 11:03:58 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
setuid
user-sync.adxpremium.services/ Frame C15B
Redirect Chain
  • https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=3375610941547449351
86 B
812 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=3375610941547449351
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:58 GMT
content-length
86
content-type
image/png

Redirect headers

location
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=3375610941547449351
date
Fri, 01 Sep 2023 11:03:53 GMT
server
nginx
content-length
0
content-type
text/plain
um
u-ams03.e-planning.net/ Frame 5D06
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D86b2998d6e37678b%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=86b2998d6e37678b&uid=ua-e755f5a5-d945-37eb-8b12-dce486826668
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=86b2998d6e37678b&uid=ua-e755f5a5-d945-37eb-8b12-dce486826668
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

server
openresty
date
Fri, 01 Sep 2023 11:03:58 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=86b2998d6e37678b&uid=ua-e755f5a5-d945-37eb-8b12-dce486826668
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:57 GMT
cache-control
no-store
content-length
0
expires
0
um
u-ams03.e-planning.net/ Frame 5D06
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D86b2998d6e37678b%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=86b2998d6e37678b&uid=6913797373196767614
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=86b2998d6e37678b&uid=6913797373196767614
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

server
openresty
date
Fri, 01 Sep 2023 11:03:57 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:57 GMT
an-x-request-uuid
2338f33c-e21f-4a41-a1c0-799b73a28d2d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=86b2998d6e37678b&uid=6913797373196767614
x-proxy-origin
193.32.248.248; 193.32.248.248; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
rtb.openx.net/sync/ Frame 5D06 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D86b2998d6e37678b%26uid%3D%24%7BUID%7D
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:57 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixelSync
pixel.sitescout.com/dmp/ Frame 5D06 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D86b2998d6e37678b
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
ddos.com
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:57 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
pbs.gif
sync.admanmedia.com/ Frame 5D06 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D86b2998d6e37678b%26uid%3D%5BUID%5D
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:58 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
sync
eb2.3lift.com/ Frame 5D06 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/sync?px=1&src=prebid&
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pd
u.openx.net/w/1.0/ Frame 5D06 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.projectagora-adtag-library.com
URL: http://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:57 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
bridge
cm.adgrx.com/ Frame 5D06
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=660920&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=0
43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=0
Protocol
H2
Server
72.251.241.204 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:58 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-6
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yORQivqigXm7TQhX%2BAB9pqEgRjD%2BfhpsgaH2%2FHR3M3FajE12qpEKw46Bl8tLwkj4KGsg3cVorb%2BaE1eFxK3Qyg%2FvNa9E8GyAHNIneZgcWBoyo1c1W78im7uQF1w%2BovVxwpqhzH%2Bk"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=0
cache-control
no-cache
cf-ray
7ffd079b2d042681-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
/
onetag-sys.com/usync/ Frame 5D06 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-store
PugMaster
image6.pubmatic.com/AdServer/ Frame 3423 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=95076348&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
645f32435eff1b832d53a3927fe2398fdc7f1eefaca18fac753f242d5a4e74c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 01 Sep 2023 11:03:58 GMT
content-length
1456
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 0012
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 01 Sep 2023 11:03:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 01 Sep 2023 11:03:58 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 8680
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329527491353795
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329527491353795
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 01 Sep 2023 11:03:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Fri, 01 Sep 2023 11:03:58 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329527491353795
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame 7D93
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=0181DC67-EB40-4A05-A565-44BE2E17BD8B&gdpr=0&gdpr_consent=
42 B
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=0181DC67-EB40-4A05-A565-44BE2E17BD8B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 01 Sep 2023 11:03:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 01 Sep 2023 11:03:58 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=0181DC67-EB40-4A05-A565-44BE2E17BD8B&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bridge
cm.adgrx.com/ Frame 6FC4 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Fri, 01 Sep 2023 11:03:58 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-6
Pug
image2.pubmatic.com/AdServer/ Frame 258A
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5280225782490877415
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5280225782490877415
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 01 Sep 2023 11:03:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5280225782490877415
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
cm
ipac.ctnsnet.com/int/ Frame 142F 		43 B
312 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Fri, 01 Sep 2023 11:03:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame ED1E
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1rtm15qasr2p
42 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1rtm15qasr2p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 01 Sep 2023 11:03:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Fri, 01 Sep 2023 11:03:59 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1rtm15qasr2p
lws
38
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
cookiesync
core.iprom.net/ Frame 363E 		43 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 01 Sep 2023 11:03:59 GMT
Vary
Accept-Encoding
X-adserver-worker
molok-d0b60f25cdfd@version_1.568v2
X-core-time
1ms
X-server-arch
v2
Pug
image2.pubmatic.com/AdServer/ Frame B7F4
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=1fa4a74a21afe60f/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbMgWgTWgXbgMnUaM&gdpr=0&gdpr_consent=
42 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbMgWgTWgXbgMnUaM&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 01 Sep 2023 11:03:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbMgWgTWgXbgMnUaM&gdpr=0&gdpr_consent=
setuid
sync.quantumdex.io/ Frame 41D5 		43 B
117 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=0181DC67-EB40-4A05-A565-44BE2E17BD8B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7ffd07a0da2e1cab-FRA
content-length
43
content-type
image/gif
date
Fri, 01 Sep 2023 11:03:58 GMT
server
cloudflare
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 3423 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
ddos.com
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Fri, 01 Sep 2023 11:03:58 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
dspsync
vid.vidoomy.com/ Frame 2623
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=vidoomy
  • https://creativecdn.com/cm-notify?pi=vidoomy&tc=1
  • https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=izrLvbA0RdEVbh7ky2FE&pi=vidoomy&tc=1
37 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=izrLvbA0RdEVbh7ky2FE&pi=vidoomy&tc=1
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
374018aee649958e1ae4a55f5c4c7adad1d84334c8d4ea6805f10f152734de1e

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Fri, 01 Sep 2023 11:03:59 GMT
etag
W/"621c89af-93db"
last-modified
Mon, 28 Feb 2022 08:37:03 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-cache
MISS
x-77-nzt
AcO1ryfu/Yih
x-77-nzt-ray
25b0213148eb79c21fc5f164a10c3e08
x-77-pop
frankfurtDE
x-cache
MISS

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 01 Sep 2023 11:03:59 GMT Fri, 01 Sep 2023 11:03:59 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=izrLvbA0RdEVbh7ky2FE&pi=vidoomy&tc=1
pragma
no-cache
sync.php
pixel.rubiconproject.com/exchange/ Frame 7C16 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pbscookie
a.vidoomy.com/api/rtbserver/ Frame 7C16
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3D84505256fda787db755d084ff7155137%26dspid%3Dopenx
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=715219ce-cb9e-072b-3cfe-e8b558efe2b6&vid=84505256fda787db755d084ff7155137&dspid=openx
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=715219ce-cb9e-072b-3cfe-e8b558efe2b6&vid=84505256fda787db755d084ff7155137&dspid=openx
Protocol
HTTP/1.1
Server
212.36.83.245 Terrassa, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb1.vdmy.dtic.es
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:59 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:03:59 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=715219ce-cb9e-072b-3cfe-e8b558efe2b6&vid=84505256fda787db755d084ff7155137&dspid=openx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166
pbscookie
p.vidoomy.com/api/rtbserver/ Frame 2623 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.vidoomy.com/api/rtbserver/pbscookie?dspid=RTBH&uid=izrLvbA0RdEVbh7ky2FE&vid=84505256fda787db755d084ff7155137
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=izrLvbA0RdEVbh7ky2FE&pi=vidoomy&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.246 Terrassa, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb2.vdmy.dtic.es
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:03:59 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://vid.vidoomy.com
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
SPug
simage4.pubmatic.com/AdServer/ Frame CDE8 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:03:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame CDE8 		958 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32695868&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3b5d73fa340db31585aebcfce36179c00e6d27639350832c94b6445d2ceee819

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 01 Sep 2023 11:04:00 GMT
content-length
958
content-type
text/html; charset=UTF-8
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame EDDD 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=COjbPG8XxZLTPHpuIgAePvZSgC8Lzjv5xkJv63cMRsJAfEAEggM_UfGCV-vCBjAegAfjvyNwDyAEFqQJTB1TmjjGyPuACAKgDAZgEAKoEuwJP0Jq9VzWuATI0IaMCcmyWfFx17sp2vsrNiA7B4Sygf9uodUyzaMecRduC8RnSYsSh-LgGkOctEpCyjnjRN4YJVLKPrZfbSFCIOHJbVpZKhevfkKtpi-AwKg-h4rflKeD9rJi1a2MgBQZ4_4rl50yZoTfGf9L2ZlB_sNqRb4PB8zoDEsfBRyNEFgU1ZfhjwistKFqVdNyARlWrGRBxs7vJl0_8jFtrKeT2OIzcWezpRj25DtQH9JUCjoC9yQHBKhWMNFMEhr_dql_Jg4J8Xv5vip4cJpTY_lTGig8KBY4-ZHBX6MeTQmrlRCibExeU8MKK9dUpQ-Vv-YVQcYlCBSUEIKYdMQObjss46ruXRk9CynsYFtc8h8u14PfNDNCNTJwpYbiMMckSEsbTmiPaGqYo_MOVJ9E5QCl3b_rABMSq2v-7BOAEAYgF-a65hUygBlSAB6_C9n6oB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2gwQCgoQ4IOuwNDMgOoxEgIBA6oNAkRF2BMT0BUB-BYBgBcB&sigh=9vickNE10qU&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&label=videoplaytime25&ad_mt=3822&acvw=sv%3D955%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D3309,440,3714,1160%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3867%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D891%26pst%3D475%26dur%3D15000%26vmtime%3D3821%26dvs%3D0%26dfvs%3D0%26dvpt%3D3851%26is%3D33554450%26i0%3D33554450%26i1%3D33554450%26ic%3D0%26cs%3D33558546%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1533%26femvt%3D0%26emc%3D21%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D43146328%26psm%3D-2147483633%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D6444%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1693566236283
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:04:00 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking
ad.vidverto.io/delivery/v2/video/ Frame EDDD 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ad.vidverto.io/delivery/v2/video/tracking?vast=events&token=hCfIBtznnf7Jm1F6RJYwptHbFDPRzcyNQiNXgF4O%2Bf1mrIgjhjWNgcKZuuQNdrDadHx3YCIuYyFfO1bOhVzB2UDiRDc%2BMlv%2F%2BA94rk7qe1v1EnDuEfXDhUUk8lUbh0F%2FB6%2FjjcB4vB2YZtAk%2FlWnVarPIMOvziZAUTV6eRG3B7y%2FbKLgcSDLmV1enTMoAgRJm9p7gw132FUT9RUX9D%2BSQw%3D%3D&cb=1693566235
Protocol
HTTP/1.1
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:04:00 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
i.match
a.tribalfusion.com/ Frame E227 		43 B
484 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7ffd07ac1bc0aca7-TXL
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 01 Sep 2023 11:04:00 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
pub
matching.truffle.bid/sync/ Frame D5DE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 01 Sep 2023 11:04:00 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame C4BA
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1693566240743
  • https://ad.turn.com/r/cs?pid=45&rndcb=4662367904
  • https://sync.1rx.io/usersync/turn/7061777754893075511?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-7dc8566d-b21b-455e-9d99-1df35d6c5b04-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7dc8566d-b21b-455e-9d99-1df35d6c5b04-003
42 B
336 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7dc8566d-b21b-455e-9d99-1df35d6c5b04-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 01 Sep 2023 11:03:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Fri, 01 Sep 2023 11:04:00 GMT
etag
RX7dc8566db21b455e9d991df35d6c5b04003
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7dc8566d-b21b-455e-9d99-1df35d6c5b04-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Pug
simage2.pubmatic.com/AdServer/ Frame F933
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:76557FB67D564EDD94437832115B10D2&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:76557FB67D564EDD94437832115B10D2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 01 Sep 2023 11:03:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Fri, 01 Sep 2023 11:04:00 GMT
expires
Thu, 31 Aug 2023 11:04:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:76557FB67D564EDD94437832115B10D2&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
setuid
user-sync.adxpremium.services/ Frame A175 		86 B
952 B 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=0181DC67-EB40-4A05-A565-44BE2E17BD8B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
86
content-type
image/png
date
Fri, 01 Sep 2023 11:04:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CDE8
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6913797373196767614
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6913797373196767614
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 01 Sep 2023 11:03:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:04:00 GMT
an-x-request-uuid
54a7c181-901b-47ac-9b3a-19f4895c98a7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6913797373196767614
x-proxy-origin
193.32.248.248; 193.32.248.248; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 3423 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:04:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
user-sync.adxpremium.services/ Frame 7C16 		86 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=84505256fda787db755d084ff7155137
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
86
content-type
image/png
date
Fri, 01 Sep 2023 11:04:01 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame EDDD 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=COjbPG8XxZLTPHpuIgAePvZSgC8Lzjv5xkJv63cMRsJAfEAEggM_UfGCV-vCBjAegAfjvyNwDyAEFqQJTB1TmjjGyPuACAKgDAZgEAKoEuwJP0Jq9VzWuATI0IaMCcmyWfFx17sp2vsrNiA7B4Sygf9uodUyzaMecRduC8RnSYsSh-LgGkOctEpCyjnjRN4YJVLKPrZfbSFCIOHJbVpZKhevfkKtpi-AwKg-h4rflKeD9rJi1a2MgBQZ4_4rl50yZoTfGf9L2ZlB_sNqRb4PB8zoDEsfBRyNEFgU1ZfhjwistKFqVdNyARlWrGRBxs7vJl0_8jFtrKeT2OIzcWezpRj25DtQH9JUCjoC9yQHBKhWMNFMEhr_dql_Jg4J8Xv5vip4cJpTY_lTGig8KBY4-ZHBX6MeTQmrlRCibExeU8MKK9dUpQ-Vv-YVQcYlCBSUEIKYdMQObjss46ruXRk9CynsYFtc8h8u14PfNDNCNTJwpYbiMMckSEsbTmiPaGqYo_MOVJ9E5QCl3b_rABMSq2v-7BOAEAYgF-a65hUygBlSAB6_C9n6oB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2gwQCgoQ4IOuwNDMgOoxEgIBA6oNAkRF2BMT0BUB-BYBgBcB&sigh=9vickNE10qU&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&label=video_skip_shown&ad_mt=5148&acvw=sv%3D955%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D3309,440,3714,1160%26p0%3D3309,440,3714,1160%26p1%3D3309,440,3714,1160%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mtos1%3D0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5193%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1293%26pst%3D475%26dur%3D15000%26vmtime%3D5148%26is%3D33554450%26i0%3D33554450%26i1%3D33554450%26cs%3D33558546%26c%3D0%26c0%3D0%26c1%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1533%26femvt%3D0%26emc%3D28%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D43146328%26psm%3D-2147483585%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D7771%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26ss0%3D0%26ss1%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1693566236283
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:04:01 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame CDE8 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:04:01 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame EDDD 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=COjbPG8XxZLTPHpuIgAePvZSgC8Lzjv5xkJv63cMRsJAfEAEggM_UfGCV-vCBjAegAfjvyNwDyAEFqQJTB1TmjjGyPuACAKgDAZgEAKoEuwJP0Jq9VzWuATI0IaMCcmyWfFx17sp2vsrNiA7B4Sygf9uodUyzaMecRduC8RnSYsSh-LgGkOctEpCyjnjRN4YJVLKPrZfbSFCIOHJbVpZKhevfkKtpi-AwKg-h4rflKeD9rJi1a2MgBQZ4_4rl50yZoTfGf9L2ZlB_sNqRb4PB8zoDEsfBRyNEFgU1ZfhjwistKFqVdNyARlWrGRBxs7vJl0_8jFtrKeT2OIzcWezpRj25DtQH9JUCjoC9yQHBKhWMNFMEhr_dql_Jg4J8Xv5vip4cJpTY_lTGig8KBY4-ZHBX6MeTQmrlRCibExeU8MKK9dUpQ-Vv-YVQcYlCBSUEIKYdMQObjss46ruXRk9CynsYFtc8h8u14PfNDNCNTJwpYbiMMckSEsbTmiPaGqYo_MOVJ9E5QCl3b_rABMSq2v-7BOAEAYgF-a65hUygBlSAB6_C9n6oB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2gwQCgoQ4IOuwNDMgOoxEgIBA6oNAkRF2BMT0BUB-BYBgBcB&sigh=9vickNE10qU&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&label=videoplaytime50&ad_mt=7535&acvw=sv%3D955%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D3309,440,3714,1160%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7585%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1898%26pst%3D475%26dur%3D15000%26vmtime%3D7535%26dvs%3D0%26dfvs%3D0%26dvpt%3D3718%26is%3D33554450%26i0%3D33554450%26i1%3D33554450%26i2%3D33554450%26ic%3D512%26cs%3D33559058%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1533%26femvt%3D0%26emc%3D40%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D43146328%26psm%3D-2147483393%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D10162%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1693566236283
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 11:04:04 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking
ad.vidverto.io/delivery/v2/video/ Frame EDDD 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ad.vidverto.io/delivery/v2/video/tracking?vast=events&token=nDYQwQ5BA84oBTTA7oUO1poqdxbfRDeR4yCa6YuhQTQkb3UOU6kC%2B3qHgqe9fdcSDzuLCaOUBcb6FjEUy9IwrNIFN%2FAUvNpddDZK%2BvOu5XTSYkgtht7ggbyDFSP9FL2V1ogcpGLFq58%2FIu7a8tLcZ6WOgMrs0y3pfyBEQVwXCaJiLoZ1uGZDIgOuAx698zisLh%2FQL3mBi6J%2FJwLslYZaQg%3D%3D&cb=1693566235
Protocol
HTTP/1.1
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 11:04:04 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t.effectivemeasure.net
URL
https://t.effectivemeasure.net/tag.js?1693
Domain
www.lebanonfiles.com
URL
http://www.lebanonfiles.com/
Domain
s.exitbee.com
URL
https://s.exitbee.com/[object%20Object]/settings
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Domain
match.adsrvr.org
URL
http://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Domain
engine.widespace.com
URL
https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361

Verdicts & Comments Add Verdict or Comment

180 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| __cfQR object| __cfBeacon object| _wpemojiSettings undefined| $ function| jQuery object| TMNCWP object| $jscomp$this function| anime function| Plyr function| IScroll function| Swiper function| gtag object| dataLayer object| _Hasync function| documentInitOneSignal function| OneSignal function| fbq function| _fbq object| googletag string| em_ns function| _em object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| google_tag_manager object| google_tag_data object| TWAGORAINARTICLE object| AdSlotCollection function| setCookie function| getCookie function| createGeoRestrictionCookie string| GoogleAnalyticsObject function| ga object| twemoji object| wp function| chfh function| chfh2 string| _HST_cntval object| Histats object| mc function| $mcj object| fnames object| ftypes object| swv object| wpcf7 object| __oa360ScriptsState boolean| __isGoogleAllowed object| pbjs325474 function| renderInvisibleReCaptcha function| SimpleBar object| lbfscripts function| getUrlParameter function| setUrl function| getHourlyNewsAjax function| isValidEmailAddress function| showCoverageLetters function| newsletterPopupRegister boolean| __cfRLUnblockHandlers function| ES6Promise function| FuckAdBlock object| fuckAdBlock object| FB object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| player object| gaGlobal function| onYouTubeIframeAPIReady function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| iFrameResize object| ProjectAgora function| addcss string| ExitBeeObject function| xtb number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| gaplugins object| gaData object| pbjs325474Chunk object| ADAGIO object| GoogleGcLKhOms object| __buffer object| _HistatsCounterGraphics_0_setValues object| recaptcha object| Criteo object| regeneratorRuntime object| xtbClient object| aries object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_134 object| Criteo_prebid_134 number| vidverto object| aries_registry object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| projectAgora function| IMA function| VidvertoPlayer function| inView function| VASTClient object| pbjsChunk object| pbjs object| _google_rum_ns_ function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog object| _aries object| vidvertoPromiseCache object| closure_lm_538533 object| inViewWindow function| VidvertoPlayerVideoPlaylistUI object| closure_lm_496774 object| _ADAGIO object| closure_lm_299625 function| arrive function| unbindArrive function| leave function| unbindLeave

174 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQnOeng6UxCgoI4gEQnOeng6UxCgoItAIQnOeng6UxCgoI5gEQnOeng6UxCgoIhwIQnOeng6UxCgkICRCc56eDpTEKCQg6EJznp4OlMQoKCIwCEJznp4OlMQoJCF8QnOeng6UxCgkIHxCc56eDpTE=
.tesseradigital.com/ Name: tpuuid
Value: ASodpfIZjOnBwhMrThCSNfMsFWAnEBWSr8JFfSDUXPaq
.onesignal.com/ Name: __cf_bm
Value: IuVQA99sVcg5CX6XkriReNsmbn7jhz5ED1.2vXeWN7M-1693566229-0-ARZjV6t97SzXYSOt5j69cMCXtZe+SRgbtA63sfNsL16vVWwU06Od0shl7lW3VII0DJItsfPzHyEoRoBQhEFEo5o=
www.lebanonfiles.com/ Name: __oagr
Value: true
www.lebanonfiles.com/ Name: HstCfa1238494
Value: 1693566230424
www.lebanonfiles.com/ Name: HstCla1238494
Value: 1693566230424
www.lebanonfiles.com/ Name: HstCmu1238494
Value: 1693566230424
www.lebanonfiles.com/ Name: HstPn1238494
Value: 1
www.lebanonfiles.com/ Name: HstPt1238494
Value: 1
www.lebanonfiles.com/ Name: HstCnv1238494
Value: 1
www.lebanonfiles.com/ Name: HstCns1238494
Value: 1
.lebanonfiles.com/ Name: _fbp
Value: fb.1.1693566230715.111581842
.lebanonfiles.com/ Name: _ga_G4EQ7NKTZM
Value: GS1.1.1693566230.1.0.1693566230.0.0.0
.lebanonfiles.com/ Name: _ga
Value: GA1.2.514337933.1693566231
.lebanonfiles.com/ Name: _gid
Value: GA1.2.2064550162.1693566231
.lebanonfiles.com/ Name: _gat_gtag_UA_60620050_1
Value: 1
.lebanonfiles.com/ Name: _sharedID
Value: 800fd301-011e-4aee-af56-fd92b2a381f2
pbjs.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: AI4IEhqoWAAG/TON
.prebid.a-mo.net/ Name: __amc
Value: 1_1693566231_1693566231
.quantumdex.io/ Name: uid
Value: 4b586ae2-5093-45a9-89ab-8be2dbc58e0a
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 569660=5609463
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pid
Value: 7880629492407760853
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1311347762%3B%24ql%3DUnknown%3B%24qt%3D144_0_0t%3B%24dma%3D0&c=1&l=1753299863&lo=1996585735&lt=638291630314341008&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1311347762%3B%24ql%3DUnknown%3B%24qt%3D144_0_0t%3B%24dma%3D0
.lebanonfiles.com/ Name: __gads
Value: ID=665a0bdd65695e9b:T=1693566230:RT=1693566230:S=ALNI_MbxOnCpqBOJUxUsRWeV1iYR8xLRNg
.lebanonfiles.com/ Name: __gpi
Value: UID=00000c94e2703003:T=1693566230:RT=1693566230:S=ALNI_MbHm2tplRfyPHW6D_IZakKlnjCeRg
.doubleclick.net/ Name: IDE
Value: AHWqTUnizn2oH_04-R26eDKCjBHSMaoZQPGnNipem4C6prjFIEg8esGZ5uchL_hXoNU
.criteo.com/ Name: uid
Value: 0bb90bcf-07ee-4bef-ac3b-a4b7f48491f9
a4p.adpartner.pro/ Name: apuid
Value: 8949061f-68bd-4d45-89fe-13a4f764bb78
.doubleclick.net/ Name: DSID
Value: NO_DATA
ad.vidverto.io/ Name: adpartner
Value: 9fe47168-debf-4cf1-bc31-b3e8292fd01c
www.lebanonfiles.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.lebanonfiles.com/ Name: _lr_retry_request
Value: true
www.lebanonfiles.com/ Name: _lr_env_src_ats
Value: false
.lebanonfiles.com/ Name: cto_bundle
Value: vPbDAV9Kd1dPUFdtNkQ1N01kaUpOdlRPVk1WUVBNczljRHFvTG1jb0h1JTJGQ2ZXQUdGWnpIdXpRdG5UbFdTdDNrJTJGeWhsbG5LYWlDZVRBbnk5NDlxT0tLWElwNUp4U2x3NmxlQnVBaTQ0VUhtWVlaNVhZblBkREV4U0xRY0ZQRXNQVXBwVjI2M2ZlNDZkYmpMWXB1Z1BzNnQyaE5KRnZPYlNFZ0FaZUMzMVN1NWglMkJEN3MlM0Q
.rubiconproject.com/ Name: khaos
Value: LM0HLXVR-3-HH89
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrjmwJ1j3i08QmOsfVVM1TCDevM3UyPj6jbrKeLArukHD/XwdF9T8F9uN2ZQUosaWIVybX0eh9trfPzJ6cr+j5/9BVyb4qvVgGXvnqSXrQ1MyKPLRELhl3x0A+VO7RH1E0=
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: APC
Value: AfxxVi5_6CSq7qkWFcOnkjc8CZF7mtCBnZFDJyNhuveEqV3ufS_Ahw
ads.smartstream.tv/ Name: DID
Value: 786b4a3bec89987139dd6174c3ef78c6
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
.script.ac/ Name: __cf_bm
Value: ZYp1dumF0su9nGZiooNxgG1b74jyApSn4wjhU2hOLaI-1693566235-0-AWyAZzb5Zbay8HsxPuOvXagYSAieuDaHXaK/OwxAM1k2xmC9hCjO2+LqBCFO7gbM7MBVdigjH9n24g1Tw0qLB88=
ad.vidverto.io/ Name: moxuuid
Value: 20caa787-9e3f-4de5-b9f9-60f86769aae2
.adnxs.com/ Name: uuid2
Value: 6913797373196767614
.openx.net/ Name: i
Value: 9b20a958-db86-0b35-0da4-e048bd9313c6|1693566235
cm.adsafety.net/ Name: UID
Value: CM120230901112255903683b48a1ce16
.adsafety.net/ Name: cm_uid
Value: CM120230901112255903683b48a1ce16
cm.adsafety.net/ Name: cache0
Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvb01TamRaUGxXOWhVb0RkeGtEOFl4aEV5SlEvMnJLVCt1WWFEWGpuQm44dmRlbXpCR2pnOWZpMEtBZjNiZHNNMGpLTkRHMU1lWHNlVFd1WVRPSWdPUFpPYUNBQXFvOXJnVFMvejRwRjAwOUJDZ1RNUjFQOGVUOE84SDVKVHM0UWZVRlQ4b3NGaHo3dDJINE16c2dwNHowT0YxUzZFcFdyVFlmdWcxUzNVTmR3dlRSOHNrNnZwaEhlWTZVUERWanptSkhXVWxxcmhJcGFiWXVLUkcrdW42TnZMQ1FTa1lYUGd3eG5VV0hjbTNyWkVXaXVWQkxOdVhYYld2ZUttWTlEMW9nVlBXbXlGV1hOcG9mTnBPR05xZEdTeVhBSER6ZE94SEt5ZjJWOUd4cndWL0FYN3cxcVp3N3VSbzFkbXh4N3JBPT0%3D
.zeotap.com/ Name: zc
Value: 953a2b3d-5dbd-4c11-5a79-f9fef21b859d
.zeotap.com/ Name: zsc
Value: %23b%2A%DE%2A%C2%CF%F61%FEI%1C%B0_9X%CDl%60%29%FDL%DA%88%C6%7B%18%A3%8A%1A%EB%5ELM%F6%BA%0F%81f%08%88B%8D6%DF%28%FF%D9d%BB%0DU%88T%0Eif%9A%981c%03U%E3%81%24%AB%9D%CB%E2%19%DF%D3%B1%8E%7B%60%FA%FB%0B%1AFt%D99E%D1%A1%EF%CEj%A5%A0T%F0%07c%3D%D7%C1%19%CA%BD%EF5%1D%17%1EX%98%B7-c%83%F4%D4%BC%8DXFH%D5%11H%98%84x%22%13%12%BD%8B%9DK%11%FF%1BC%F8m%89%25%E0U%3E%DE%CEu%0A%E2k6%BD%AD%26%ED%5E%AAo%40j%D8%8D%99%27e1%88
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 3375610941547449351
.yahoo.com/ Name: A3
Value: d=AQABBBvF8WQCEFsY7vrI7JhB7D9LO2cqsooFEgEBAQEW82T7ZAAAAAAA_eMAAA&S=AQAAAtKr-NVLdoAofIPbFX8DoVQ
.adfarm1.adition.com/ Name: UserID1
Value: 7273811592946841743
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.linkedin.com/ Name: bcookie
Value: "v=2&975999f4-f207-414e-877c-3d57fd42d95b"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTM1NjYyMzU7MjswMjGPwxvgbDFndFQwTxZvF8rTyjTgvJaLTk6QATXo/V3S1w==
.linkedin.com/ Name: lidc
Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2646:u=1:x=1:i=1693566235:t=1693652635:v=2:sig=AQFC_ekpOHKDGK2JIH59hT7nlig9TQsE"
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: e3c2486d-9af6-52f4-a3c0-e8aec7312db5
.betweendigital.com/ Name: ss
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1693566235430
.tapad.com/ Name: TapAd_DID
Value: ab5980be-a108-4a25-a2b4-bb48ab98ecb2
.3lift.com/ Name: tluid
Value: 690995089885911284039
.betweendigital.com/ Name: ut
Value: ZPHFGwAHSzCMh9W9S5Y5u5vfFb0KNhcf1L0IBA==
.casalemedia.com/ Name: CMID
Value: ZPHFGz0IGCvxrvg0RKIHOQAA
.casalemedia.com/ Name: CMPS
Value: 3245
.casalemedia.com/ Name: CMPRO
Value: 3245
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.analytics.yahoo.com/ Name: IDSYNC
Value: 19ah~2dob
.weborama.fr/ Name: AFFICHE_W
Value: 8hBRVBEVVjry52
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.demdex.net/ Name: demdex
Value: 72145796973904721492166289012063486841
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 0181DC67-EB40-4A05-A565-44BE2E17BD8B
.vidoomy.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI2OTEzNzk3MzczMTk2NzY3NjE0IiwiZXhwaXJlcyI6IjIwMjMtMDktMTVUMTE6MDM6NTUuNjE3MDc5NzgzWiJ9fSwiYmRheSI6IjIwMjMtMDktMDFUMTE6MDM6NTUuNjE3MDUwMjM3WiJ9
.dpm.demdex.net/ Name: dpm
Value: 72145796973904721492166289012063486841
.bidswitch.net/ Name: tuuid
Value: 0e6106d9-cb1a-488f-8355-e1be61655f1d
.bidswitch.net/ Name: c
Value: 1693566235
.bidswitch.net/ Name: tuuid_lu
Value: 1693566235
.agkn.com/ Name: ab
Value: 0001%3ASaygws0w5N7xaGWYAh3hzj%2FHd7GyBNRP
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-e755f5a5-d945-37eb-8b12-dce486826668
.krxd.net/ Name: _kuid_
Value: PxRY6R9z
.amazon-adsystem.com/ Name: ad-id
Value: AxHXvP9R2kuev_A5HlRCo5U
.bing.com/ Name: MUID
Value: 09A7C5260A0F68AD0604D6590B6469D7
.c.bing.com/ Name: MR
Value: 0
.quantserve.com/ Name: d
Value: EIUBCwHsKfijAA
.quantserve.com/ Name: mc
Value: 64f1c51b-bcdff-5264e-9f1bd
.turn.com/ Name: uid
Value: 7061777754893075511
.simpli.fi/ Name: suid
Value: 76557FB67D564EDD94437832115B10D2
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZPHFGwAJwnUCQQBV
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3375610941547449351&KRTB&23263-3375610941547449351&KRTB&23481-3375610941547449351
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-am8-pT9uafZxOTvwOj11oW5tbPFxYj6lPj_aaM7n&KRTB&19420-am8-pT9uafZxOTvwOj11oW5tbPFxYj6lPj_aaM7n&KRTB&22979-am8-pT9uafZxOTvwOj11oW5tbPFxYj6lPj_aaM7n&KRTB&23403-am8-pT9uafZxOTvwOj11oW5tbPFxYj6lPj_aaM7n
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEAFDW_I0UzM5UUSUpm5oMvw&KRTB&23025-CAESEAFDW_I0UzM5UUSUpm5oMvw&KRTB&23386-CAESEAFDW_I0UzM5UUSUpm5oMvw
.fwmrm.net/ Name: _uid
Value: "o0bc5_7273811592935699392"
.as.ck-ie.com/ Name: CID
Value: 6b1bb2dea66a09357436d83b8f240368ef6545b9
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4f341fd0-fd8a-5547-715d-1f107a38dc2f.J71sKfOuXIjOrT6W2Jn8eV6nnl7VoGRL7Rfqgsvc8qw
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4f341fd0-fd8a-5547-715d-1f107a38dc2f.J71sKfOuXIjOrT6W2Jn8eV6nnl7VoGRL7Rfqgsvc8qw
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ATzQf0P2KVUdxXR8QejjcL8Eg-Pg.DRpn5yr0CU9zaM9r%2B5oFAc4t3Ikgc6vgRy1W5VjBjS8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ATzQf0P2KVUdxXR8QejjcL8Eg-Pg.DRpn5yr0CU9zaM9r%2B5oFAc4t3Ikgc6vgRy1W5VjBjS8
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIM14Fa3SuHZ9lJYrFLwURnOlNY_Nz3RyPuGXMkPscqelEHwYBCCcisenBjABOgRDMKv5QgQezwtA.o72kjrTG8plGcOoQ9lanP2uetrJgjZsrjz9zb%2Becadk
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIM14Fa3SuHZ9lJYrFLwURnOlNY_Nz3RyPuGXMkPscqelEHwYBCCcisenBjABOgRDMKv5QgQezwtA.o72kjrTG8plGcOoQ9lanP2uetrJgjZsrjz9zb%2Becadk
.ctnsnet.com/ Name: gid_CAESEE7ujMiuFzKYJPQ5HzcdSlI
Value: 1
.de17a.com/ Name: guid
Value: 1.5280225782490877415
.awin1.com/ Name: awpv11354
Value: 412871|1693566237|3f5eda61-48b7-11ee-8502-226591661de6
.awin1.com/ Name: AWSESS
Value: 377129:2470185
www.conrad.de/ Name: HTLP_timestamp
Value: 1693566237600
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: MWz8.TnO6iS4tbD5Dw0nL9TlZgd3iLXjpMQRqMdFrhA-1693566237-0-AZyQfbLHVPCvq/zGqkN6jehQY2ZGckIXEhphjDYwWW47twplGhVn9gZBo4KPexn3viLkfw5eDUiF+A83wdR+skI=
.pubmatic.com/ Name: DPSync3
Value: 1694736000%3A227_226_219_197_201_245_241_235
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7273811592946841743&KRTB&23369-7273811592946841743
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6913797373196767614&KRTB&23339-6913797373196767614
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7061777754893075511&KRTB&23150-7061777754893075511
.adsby.bidtheatre.com/ Name: __kuid
Value: 0c2c575f-ffd4-46d8-b1f6-6c1a8f7f0181.462780238
.adx.opera.com/ Name: UID
Value: OPU5e10832b45cc4462b3572c448e5a45ae
.onaudience.com/ Name: cookie
Value: 1fa4a74a21afe60f
.onaudience.com/ Name: done_redirects147
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU5e10832b45cc4462b3572c448e5a45ae&KRTB&23485-OPU5e10832b45cc4462b3572c448e5a45ae
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-TzQf0P2KVUdxXR8QejjcL8Eg-Pg&KRTB&23334-TzQf0P2KVUdxXR8QejjcL8Eg-Pg&KRTB&23417-TzQf0P2KVUdxXR8QejjcL8Eg-Pg&KRTB&23426-TzQf0P2KVUdxXR8QejjcL8Eg-Pg
.creative-serving.com/ Name: tuuid
Value: b97da03c-12cd-47f3-a6d6-155bf5698b5d
.creative-serving.com/ Name: c
Value: 1693566238
.creative-serving.com/ Name: tuuid_lu
Value: 1693566238
.semasio.net/ Name: SEUNCY
Value: 6BA3DAB29A82B6F4
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMxMDAwMDAwMDA2MTY5MzU2NjIzOHZsZWExZGUyMDIzMDkwMTEzMDM1Nzg4NDgwODIwNzUzWDExMzc1MlYxMjI1MTMxMTA2TVN2aWV3b25laWRqODN1RWZaZVNxeDJLU1lIRUgydDZ0UlJKVUtUelR4SmM5b25laWRfX3N1aXRlX05ldG1peF9SZWFjaDEzX0JsYWNrRnJpZGF5UHVzaDExMzc1Mg
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2023090113035788480820753X113752V1225131106MSviewoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&wfid=113752&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMxMDAwMDAwMDA2MTY5MzU2NjIzOHZsZWExZGUyMDIzMDkwMTEzMDM1Nzg4NDgwODIwNzUzWDExMzc1MlYxMjI1MTMxMTA2T
.bidr.io/ Name: bito
Value: AADUAE7J44oAACYRASJx3g
.bidr.io/ Name: bitoIsSecure
Value: ok
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY5MzU2NjIzOHZsZWExZGUyMDIzMDkwMTEzMDM1Nzg4NDgwODIwNzU1WDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWRZWDFIcmYxNXNwQnBIVkg5SGV0UXRSUjhjQVQxVDZtSHJvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTNfQmxhY2tGcmlkYXlQdXNoMTIwMjEx
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023090113035788480820755X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY5MzU2NjIzOHZsZWExZGUyMDIzMDkwMTEzMDM1Nzg4NDgwODIwNzU1WDEyMDIxMVYxMjI2MTMyNzAyT
.audrte.com/ Name: arcki2
Value: 90ekb-1-wmeSQmqCFvTzlaz0g!20220908!1693566237617!ip#193.32.248.248
.audrte.com/ Name: arcki2_pubmatic
Value: 0181DC67-EB40-4A05-A565-44BE2E17BD8B!20220908!1693566237619
.smartadserver.com/ Name: csync
Value: 76:CAESEPzxmmaABqF1OwUiZkweeV0|79:0bb90bcf-07ee-4bef-ac3b-a4b7f48491f9|127:AADUAE7J44oAACYRASJx3g|134:OB_OK
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: b47a6e36d8da240a
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADUAE7J44oAACYRASJx3g
.ctnsnet.com/ Name: cid
Value: fad30c36c6d640e6b58efdda1c230255
.audrte.com/ Name: arcki2_ddp2
Value: 90ekb-1-wmeSQmqCFvTzlaz0g!20220908!1693566238592
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5280225782490877415
.csync.loopme.me/ Name: viewer_token
Value: db7d4f6e-2d1b-4bc4-a00d-fb537c8111d4
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjexNDQ2NTa3NBXiM9Q1TkkrtDBLMinLD_UDAIv760UlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlsamZmZGxhaWYOAKqX51UQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjexNDQ2NTa3NBXiM9Q1TkkrtDBLMinLD_UDAIv760UlAAAA
.richaudience.com/ Name: avcid-zeo-uid
Value: 953a2b3d-5dbd-4c11-5a79-f9fef21b859d
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5133329527491353795
.onaudience.com/ Name: done_redirects104
Value: 1
.creativecdn.com/ Name: u
Value: izrLvbA0RdEVbh7ky2FE
.creativecdn.com/ Name: ts
Value: 1693566239
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-0181DC67-EB40-4A05-A565-44BE2E17BD8B&KRTB&23413-0181DC67-EB40-4A05-A565-44BE2E17BD8B&KRTB&23479-0181DC67-EB40-4A05-A565-44BE2E17BD8B&KRTB&23505-0181DC67-EB40-4A05-A565-44BE2E17BD8B
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-NOvcHvPGbMgWgTWgXbgMnUaM
.gammaplatform.com/ Name: _aGeoIp
Value: US|Washington
.gammaplatform.com/ Name: _aUID
Value: 1rtm15qasr2p
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-1rtm15qasr2p&KRTB&23446-1rtm15qasr2p&KRTB&23465-1rtm15qasr2p
.audrte.com/ Name: arcki2_adform
Value: 3375610941547449351!20220908!1693566239886
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: SyncRTB3
Value: 1696118400%3A203%7C1694390400%3A63%7C1694822400%3A35%7C1698710400%3A69%7C1694736000%3A8_71_264_176_3_54_13_234_214_88_81_22_233_46_166_165_243_56_220_251_254_204_99_249_238_21_55_161%7C1694131200%3A2_223_15
ads.playground.xyz/ Name: connect.sid
Value: s%3AIVC6HPNU3Jqebih0_XywgD5ykcpysMJN.uuqd%2FNhVTXl9qpJ%2FoUvax%2BYJ6ehzqxT2%2ByTp%2BNTErvU
.tribalfusion.com/ Name: ANON_ID
Value: aqnwYSmMZaE8DXqwmMVTRga0eivBqMMtsNyOAnly6EG2TBSadIeTs7uAkkHZcwPWI81f1eZbgZckGTAQJwcTZcV7vpOQgYgetZbojlkrmxHclUXjbTfLNtVIRyj0udZbgTX
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7dc8566d-b21b-455e-9d99-1df35d6c5b04-003%22%2C%22nxtrdr%22%3Afalse%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7dc8566d-b21b-455e-9d99-1df35d6c5b04-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-7dc8566d-b21b-455e-9d99-1df35d6c5b04-003&KRTB&17107-RX-7dc8566d-b21b-455e-9d99-1df35d6c5b04-003
.pubmatic.com/ Name: PugT
Value: 1693566239
.adxpremium.services/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiMzM3NTYxMDk0MTU0NzQ0OTM1MSIsImV4cGlyZXMiOiIyMDIzLTA5LTE1VDEzOjAzOjU4LjE0MTkyMzUyMSswMjowMCJ9LCJpeCI6eyJ1aWQiOiJaUEhGR3owSUdDdnhydmcwUktJSE9RQUFcdTAwMjYzMjQ1IiwiZXhwaXJlcyI6IjIwMjMtMDktMTVUMTM6MDM6NTcuMzk2OTExNzc5KzAyOjAwIn0sInB1Ym1hdGljIjp7InVpZCI6IjAxODFEQzY3LUVCNDAtNEEwNS1BNTY1LTQ0QkUyRTE3QkQ4QiIsImV4cGlyZXMiOiIyMDIzLTA5LTE1VDEzOjA0OjAwLjczMzkwMzAxMiswMjowMCJ9LCJzbWFydHlhZHMiOnsidWlkIjoiZWQ4ZjM5ZWJjMWRkNjNhZjUzYjE1ZTQ1Mjk5MDMyMzY4NjdiOTYyMjQ0MjkyNmRjNmM3MGEyYTZjMzAwZjc0NyIsImV4cGlyZXMiOiIyMDIzLTA5LTE1VDEzOjAzOjU2LjYxMjM2MzgzMyswMjowMCJ9LCJ2aWRvb215Ijp7InVpZCI6Ijg0NTA1MjU2ZmRhNzg3ZGI3NTVkMDg0ZmY3MTU1MTM3IiwiZXhwaXJlcyI6IjIwMjMtMDktMTVUMTM6MDQ6MDEuMTUxMTUzOTg2KzAyOjAwIn19LCJiZGF5IjoiMjAyMy0wOS0wMVQxMzowMzo1Ni42MTIzNjMzNDMrMDI6MDAifQ==
.pubmatic.com/ Name: SPugT
Value: 1693566241

25 Console Messages

Source Level URL
Text
network error URL: https://t.effectivemeasure.net/tag.js?1693
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript error URL: http://www.lebanonfiles.com/
Message:
Access to XMLHttpRequest at 'http://www.lebanonfiles.com/' (redirected from 'https://www.lebanonfiles.com/wp-admin/admin-ajax.php?action=get_breaking_news&nonce=83eab7eb9e') from origin 'http://www.lebanonfiles.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: http://www.lebanonfiles.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://www.lebanonfiles.com/
Message:
Access to XMLHttpRequest at 'https://s.exitbee.com/[object%20Object]/settings' from origin 'http://www.lebanonfiles.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://s.exitbee.com/[object%20Object]/settings
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://www.lebanonfiles.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'http://www.lebanonfiles.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 482)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other error URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html#goog_680513495
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
javascript error URL: http://www.lebanonfiles.com/
Message:
Access to XMLHttpRequest at 'http://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json' from origin 'http://www.lebanonfiles.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: http://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0181DC67-EB40-4A05-A565-44BE2E17BD8B&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 482)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other error URL: http://imasdk.googleapis.com/js/core/bridge3.587.0_en.html#goog_873462557
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
network error URL: https://tags.bluekai.com/site/87734?id=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=953a2b3d-5dbd-4c11-5a79-f9fef21b859d&reqId=37706181-b8c1-4e57-5017-426ec88882e0&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
other error URL: http://tpc.googlesyndication.com/sodar/hhrtBw21.html
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network error URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D86b2998d6e37678b%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D86b2998d6e37678b%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

507b28e6bc382b968688b6efa130e069.safeframe.googlesyndication.com
a-prebid.vidoomy.com
a.audrte.com
a.tribalfusion.com
a.vidoomy.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad.vidverto.io
ad4m.at
ads.betweendigital.com
ads.creative-serving.com
ads.playground.xyz
ads.projectagoraservices.com
ads.pubmatic.com
ads.smartstream.tv
adx.adform.net
adxbid.info
ap.lijit.com
api.rlcdn.com
apps.sascdn.com
as.ad4m.at
as.ck-ie.com
assets.ad4m.at
backend.lebanonfiles.com
bcp.crwdcntrl.net
beacon.krxd.net
bgstats.mox.tv
bh.contextweb.com
bidder.criteo.com
btlr.sharethrough.com
c.bing.com
c1.adform.net
c34d8e1ae512c01cdaf6d8af50b8937d.safeframe.googlesyndication.com
cadmus.script.ac
casale-match.dotomi.com
cd172977458b3ed85e10cb654b9d79cb.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.exitbee.com
cdn.jsdelivr.net
cdn.kdaimo.com
cdn.onesignal.com
cdn.optad360.net
cdn.projectagora-adtag-library.com
cdn.vidverto.io
ced-ns.sascdn.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.adsafety.net
cm.g.doubleclick.net
cmp.optad360.io
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-server-s2s.yellowblue.io
csi.gstatic.com
csync.loopme.me
d.vidoomy.com
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
engine.widespace.com
eu-u.openx.net
eus.rubiconproject.com
euw1.smartadserver.com
fastlane.rubiconproject.com
fd.tesseradigital.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
get.optad360.io
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
htagpa.tech
htlb.casalemedia.com
ib.adnxs.com
ic.tynt.com
id.crwdcntrl.net
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
ipac.ctnsnet.com
lb.eu-1-id5-sync.com
lebanonfiles.com
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
odr.mookie1.com
onesignal.com
onetag-sys.com
p.rfihub.com
p.vidoomy.com
pagead2.googlesyndication.com
palibzh.tech
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pbjs.e-planning.net
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prg.smartadserver.com
prod-rtb.ad4mat.net
projectagora-d.openx.net
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.google-analytics.com
rr2---sn-5hne6nzs.googlevideo.com
rr3---sn-5hne6nzs.googlevideo.com
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.exitbee.com
s.tribalfusion.com
s0.2mdn.net
s10.histats.com
s3.amazonaws.com
s4.histats.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.admanmedia.com
sync.crwdcntrl.net
sync.quantumdex.io
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
t.adx.opera.com
t.effectivemeasure.net
t.pubmatic.com
tags.bluekai.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tpx.tesseradigital.com
trc.taboola.com
u-ams03.e-planning.net
u.ipw.metadsp.co.uk
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
user-sync.adxpremium.services
usermatch.krxd.net
vid.vidoomy.com
vpaid.vidoomy.com
www.awin1.com
www.conrad.de
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.lebanonfiles.com
www.telefonica-partner.de
www.youtube.com
www8.smartadserver.com
x.bidswitch.net
api.rlcdn.com
engine.widespace.com
match.adsrvr.org
s.exitbee.com
t.effectivemeasure.net
www.lebanonfiles.com
104.18.39.155
104.79.25.60
134.122.57.34
137.74.6.209
141.94.170.77
141.94.171.214
141.95.171.141
142.250.184.230
142.250.185.194
142.250.185.98
142.250.186.98
145.40.97.66
151.101.66.49
158.69.254.144
162.19.138.119
162.55.120.196
167.233.13.224
167.71.9.19
168.119.146.39
172.217.22.35
172.64.148.101
178.250.7.11
178.250.7.13
18.185.210.119
18.196.91.239
18.197.118.54
18.202.14.156
185.106.140.18
185.132.133.133
185.165.240.175
185.184.8.90
185.64.189.226
185.64.190.81
185.64.191.210
185.80.39.216
185.86.138.124
185.86.139.101
185.89.210.122
188.42.196.115
193.0.160.131
193.135.9.129
193.3.178.4
195.5.165.20
198.47.127.19
198.47.127.205
2.23.197.190
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
208.93.169.131
209.191.163.152
209.192.201.180
209.54.182.161
212.36.83.245
212.36.83.246
212.8.250.83
213.155.156.166
217.79.178.221
23.197.149.186
23.213.168.226
23.218.210.30
23.32.184.192
2404:6800:4002:806::2003
2600:1901:0:76b9::
2600:1f16:e61:3f02:77d9:b48f:f0d0:e412
2600:9000:211e:da00:1b:5138:8a40:93a1
2600:9000:2156:5000:6:b871:4f00:93a1
2600:9000:21f3:a000:f:a31d:75c0:93a1
2600:9000:225e:3000:11:a4de:2580:93a1
2600:9000:225e:5e00:11:a4de:2580:93a1
2602:803:c003:200::31
2606:4700:10::6814:81f
2606:4700:10::6816:2560
2606:4700:10::ac43:db6
2606:4700:20::681a:8a9
2606:4700:20::681a:a47
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::ac43:441e
2606:4700:3033::6815:5ea5
2606:4700:3037::ac43:8a15
2606:4700:3037::ac43:c1e6
2606:4700::6810:3865
2606:4700::6810:5714
2606:4700::6812:1791
2606:4700::6812:18ad
2606:4700::6812:372
2606:4700::6812:d63b
2606:4700::6813:afbe
2606:4700:e6::ac40:c509
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::200a
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c0b::9a
2a00:1450:400e:9::7
2a00:1450:400e:9::8
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:3100::1735:287b
2a02:26f0:3100::1735:2883
2a02:26f0:3100::1735:2899
2a02:26f0:480:e::210:f104
2a02:26f0:780::210:ca80
2a02:6ea0:c700::10
2a02:6ea0:c700::11
2a02:fa8:8806:12::1370
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:600::300
2a05:d018:24:b002:d052:5c52:5326:4d26
2a05:d018:d29:3601:94c2:7e1f:39b:9367
2a06:8640:764::2
2a06:98c1:3121::3
3.122.33.245
3.126.69.45
3.71.149.231
3.77.18.147
34.102.163.6
34.102.253.54
34.111.113.62
34.111.129.221
34.111.131.239
34.160.236.64
34.199.23.6
34.254.109.178
34.98.64.218
35.157.179.180
35.157.81.77
35.186.154.107
35.186.193.173
35.186.253.211
35.204.74.118
35.210.239.72
35.214.155.7
35.240.50.85
35.71.131.137
37.157.2.229
37.157.6.233
37.157.6.243
44.193.104.224
46.228.174.117
51.89.9.254
52.17.126.53
52.213.174.162
52.216.60.56
52.222.214.35
52.222.214.88
52.95.126.138
54.147.123.103
54.154.110.236
54.160.39.45
54.204.16.44
54.78.254.47
67.202.105.33
69.173.144.138
69.173.144.165
72.251.241.204
76.223.111.18
77.243.51.121
8.2.110.113
8.2.110.24
81.17.55.161
81.17.55.99
82.145.213.8
84.200.5.215
85.114.159.118
98.98.134.241
98.98.134.243
0192d34daa937cbdfb7ea634aac957a5b2bc6c571706f6130f5800a561d41b61
0275fd9c31398a6f74dae09fab0e77492e54528b23a58b5235916fcff9ef3e3f
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
062134078ff1e2177138488800a233d7ed69e164265221188419bef80acb44b8
065ca54b4d42e68a8b6b723ab1953f3f643ef717a3e2047ca2c0d7e55907498e
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
098edf6f2f040b09a7f932e1824aa3295784a54fd3adf7d53daaf7398052a075
0a000afac31d99333c0fa4048be275b09c7ef6673b3aa08b88da326a0310e115
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9ea931ae179a9a41f8826287bf803ff573c6aea650579b57e481f88b41485e
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0de08609ea49246b75adf6b80690b6fe0a0551fe3e678889ae7416ebd692f2a5
0e34977bf7c86097febb926fec2dc06881eac9c79dbb22ee8e71cc360a0cf94d
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
1047d36624a664147c5517041a210da6085a0700885cfa2d01ebf3ec43911e95
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
10dc0d689c47a91889c13a6e851922bbb361fcea40a4e7d55867bada4e4e13fa
11b2f4d9312a4f37162c06df360dd1b9d2d92ded17f22e6b92bf27cb2c6d3916
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12f093bb3ec6b28936c066143b112e2c283f12b119b2b44139565faf946973e8
15afa297399fa3b4ac5c6f0dd1991fd68b6d8fe03629e45757ceadd88d7abbc5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18cffd85676d8fd824755449ed6c29ba276dca0f03ff541785aeab9bc5be4c95
1acee5ad44f4be0f7aada5a762a21c52eb60e9d563007ea0b97a216bba8e20cf
1c31415cc249dfae9d5f351225ec858c49518464cbfbce6fec3d1428627da7fd
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1dcb1d114416c41672277d95ab43ccc4b2fd9902e632de555a277a8f86b808c1
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
204e5904763b3e2c69360354c116945cc848d0b976490f24f2e57819ed8428dc
216f1b52bef7e178ff3ea257dd40e1dcabc2ed4accfca90e6626f456636066cf
222dd2655c39f59ce46d323a9c611e5768af6d45e35fd2541341311809074c72
22a6a146e4e0b4301cadabf5b6c942dae6b4e883e152aaaf9e81284ce35cfe68
241b2a3d7abaa8bda42766dc7e21e01cccb3c383d4ae3554e657aa04265ce1bc
26b355e51d20833eee32de8ae5afbf7012eefc45ae834736ee548d41bed87226
276a90d4688286da71921232e432b536470de98ba26fc983228c63e28e1a25f0
2801299fa911a18c77fdbdf6d4694d8c88bfba249bdbc6e20f2355188e77b36c
282289926c01a43c07f6cec070c2ab597b054259a702ec7aa92f74c94a2c7616
29d33e14740b67ee796b86ecdab930b6caf379fe9ddc74667318f21fc6fdf925
29f307f6b027d5c45c184fa155450971294eae602297f220ee69175c05efdf19
2a5afecad07cf11eca1a3d4c62f41e2a0dee5434f9ada75b51548eab249cbc8e
2a5ebf4174ef2895779f518b2298dd7086a0993b3be537fc7e3c16545d420efa
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2aec2a2ed7df1cd9532f583f9bc93ab550da9e050a40afcfa191618cc1aaf57c
2c2e515f1bc5a4a5528814fcb3e3823392c8c55b8cd5011f29170d5602ae544c
2d01f8e068de8d775f3097dc41e766360a3a1f5fd86201697b8d83a7765f8061
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957
2ea30109dd8ec35390a613a873648ce09e3745078dcbed365d22ec6345f89c21
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
2f04da2d5791a00303d73678e80414d364917bdd867abd26e2387607dca4bab4
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7a98b9c8d492e1c53f294ce4b1a068d527d2a83b189f0d378d4fe204f2ccba
30e54f6224c24c68d80f52168ce45ad5b05f3e79bdf595627900214d33115856
310e42b9231c04801d275fda37e9baa6ff08f23498d49eeb15af35bec210829c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31fd2f072a3e8fc65b6b3dec8ab86e1d8f480931ed29118010a4d3508a54ef89
32f7661668968ca1ddefa862d6cbefd845d9f9649e12dd4b8626bcf55a4bca27
33d70a655e38e1bbceeec6fa08dfe7b92f1280b39970b4d1bcc86f4d3d13548a
352b4d475ec2bf60a83d04e3bda58c57f30f7205d2a9ae6ecdf2df7285e046d7
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
374018aee649958e1ae4a55f5c4c7adad1d84334c8d4ea6805f10f152734de1e
37b816ab9205d7d5d3feb60625d45792c40a1f895344a5f24bbb31df5cd2ea2e
38329bdeb4a5e2a0bf0fb6521820e9c21d000d480abc05af31f15bd7b04a6d16
398479678a61a08fb0c4c6608eb274f3ff3900e40d6008f5d4b90c8d06efd331
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
3a5731c7ae45c851f611eb368487935d40317bbfb174378c3c0e659d34d1218d
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3b5d73fa340db31585aebcfce36179c00e6d27639350832c94b6445d2ceee819
3cc29d96c9287a978514a95a20e3286ab43fb4ee56a36a416f53dbf79d35182b
3d342b07d87840b66f504fcbb361ca50250e4566deb94a20c4dd2992a624da25
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
401322bc63046615783e0c917807bb0f898efa0b5ecc2fc4d18673ebc81f695b
407c89fe8e59d1bef14a0c3885d541d077f7d2222f17aa5c6c5637249af31c77
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
432fdce0f0497cde1876dbb3f9ece60e6510c9b6d2ab6f918f1044a5370f60a8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45a1fece3b1fc6b50c940b65528a438de1440d08f9254809ec4028d3d507945e
46234cd27cdffe4b0b922569527a0980d153880afbec215362eb7d8f5151474c
46481059ad4c254a1579d147870f279bf94675c70ad1f8adca69e2e134e58e8c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e2fc9da9fb73a8372b463ddee5a54c51a507759eca852582da61ba40e62ba0
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4ba5939372549192a9866bf2c9d828e9c7f16487c080a5339b2355601fd292c2
4bbdaa4383efe05132bb1963bd79c043b09ceb6b23c4572b91c0eacf62a597f1
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768
4dd0d73d5ecadb5b80d3e5a901564b14a90d3436e11f860795ab53098f24b1b7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5be5b6e3ff509bba2f9ee8a7dd4ebfd8016d1a0b2f085d980df240b10d25bc
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
501af02c12506c73a3916fc7bee2129ff768f2c259c6cb51ff045f474a565539
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
53202a3c73552b3385ff4cc5598c6cdabfa4d37acc87cd2fd8c0577494143285
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550ad922eea4d88edba9accf2fa1894bea60700886b0624fdab2a0878fe0e53f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99
5799c80112f6b166223cea0531c4d09ff77e4f72323b3298fe110344db1dfe08
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
5894d404add881e136e4e885c3b1d11fc3f181273fb9b01908f8e98530556efb
5aa5086dbe06cda16510b76fed86660bba2625a234d4f9e744579f15617ef72f
5b1f6750b46c0fd1393db6e6f571ef836a29fd11b2d6e9c32e65b784e3b06ea5
5b545867fa76275afab94da71ec2e4059d9694e77e7e3f3a879d16e677f0ec2d
5c06f51a7b5892f0981f5982dc2070d6ed19df0c799fb4eac6aa847eae018c1d
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5daceff2b9ea7d4877bae7ffcc7a192533a5152c68157a3eded1dab74b8ccd00
5ecda44a108d559f69ea5d0687a080fee360eb8ffd118aee7783edc269cd4c5e
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5f0b0fc6c27b851bbf9847e0f0892cb4747a23ba81a275ffc3775767e414ae10
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61b5366d80fbc92d5a5edc500e1af1789724072f42c6dab4328cb30674ac6c94
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
645f32435eff1b832d53a3927fe2398fdc7f1eefaca18fac753f242d5a4e74c8
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
667d77669d19714ac96c979a077c8c1ddeb43e5d9b425bf78da585cb92935dad
67b6584af0fff14908d8f05c0eb9d59cb809da113feffd197f3ddb38a779ea45
69029c3283440683ca2cc052d3aa9fe1b92af5dd0593921f2ed02c79ea3d06d6
698c414bc7041b7968c1a27a6b080c150925ba3169d7fde13456ecb43958a597
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb17c6c41827b7404a840e5f25577086ea0722d9b77489607f9c1ca9fcbbc78
6c25f17d25f76448906480fb83546ad8d0f7bdcb900a172c1d3f7488f34db723
6c3718a6ae4f2eb59d54458122825583392158ad8664f85806610271ad31f392
6d4e557fae260566d3a44d3b94eb31158760bf12fb0b8b3d0359b78a3110fb52
6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5
6ea94c67f2eb8aa9e96783b491f5cceaabf0294ed397771e8e72f968c48931a3
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
707d47e8f794caef2636919f7e4a1ee998ee9280fa0798af057c605a5894d569
737dc6a053f0457ed5b504f58971c3cdc1842a09bbb9f1cdbf5b6841e2d6efab
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
7559ba45677beff9ea485d64ab945d4a29a460c9319f20f8b131051629a1a67a
7597ad277148e47269a6b47304a0f20134464df89f6efbf2e3c9203a16f2ff1d
76bb29f790fef2e1b112aa9422f341c4983b82ead1995de7cff3dd50d8995eeb
76ef3b7b99ce518f4faadf518cc69abba129f12c282884facc4dc90c9f4a98df
770008a560398e6ab513700705e2431fce9e999b8e10c299ad9c4dafd0c9010b
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
7813f21ffc8ab5a9c4808a33cae9e6234b4ab3b14245a8900bdd62879642077c
78797b518e0df3bfe55a1edfca1a70d0009ab6d210aa1f46097bccf11343c84b
794e3d88441972246ca308a0691e501959dc53954cb2ac2d3405001b587e43ad
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7b6ed5e6a8a844dc3ab71db2fe35a8e9945c61cdc2470d3811f8fe372b1dfe4a
7ca3f47554f3cb82f337b0121cd649968e065f349162b635fbfb4088e9cf4877
7cfa1d7c4bc439e66028d23a3cd184f9b98d7da453c55c36594b15dc4453b1bb
7efd359cd7418393a4a48a1bdc760a0ca0562da42bbe89b8cb48cab89225a471
7f057babecc87f857745379d106f0555cb4fc3b946907d97c9f4f4be73b578c0
81519deacce30ac3640700d27b2125240a8e7c5418d7798c83aba2067f620463
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
81f5a03e1b49cbe1692501481bd08328870b21f448be669a04666ae2a6c96855
81f8adeb53004b623652a54fa8179ca0051c8081102b56f3c1fdbc742bbea170
82cece24628b41b342e64f2be9fa3d9d7ae40ab1d06c97b83ffbd28abb6d9eaf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc
83d806c88d8b26b6d03bf78c810da51a82e5c018a4cd4b332dd51696ec48490a
83fba236a8ccbeec9a261065fb1242c44017219cc2df249fc04b3ad582f33c3d
85353c730ff25e8bb5def64ccf39f12fa153df5e1678ecfe9c7eff7c2f0d1d6c
8579fcf68a694bb09f94fe1753a3956312c54377a09547e10ad54c2c4811282c
859700879b8f5b1a0499186a47d299a404a7cd99f755a0dad4f3bc814c39a7e8
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
8808269273561cc13c9a9ef1626b10d85f75f6a021b4a96b96cba3aa17918f58
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eff007f0d57869efbf35af404b8a454ea2c225fe3aa11c5570c234443f021ab
8f2c465681e2bebcdfad22e26c45c79d5c66c24e8ebd3e81188c134245130fd1
905bf003d2b911588a61f7ccca6166ff65f1866e6e4ead872f6add3fd92ef6d8
92091b636a01a36bfc6b24674f344ac82b928107c943ddef0b02d87a2386b3dc
92140fac6c0a2f7104c63ff3848412f4dc2c5876c3350db902de310d5f38491a
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94dc330d7ff3d82152b1ceaa92a712469c9eae969fa025972b1090bfcd9cfb3e
94e1ce5a00242c1352435871c46a8f36db344edf4d823234cdce4ccc5f40ca0c
958622e2ce103c663883a5e931b64fe435a4f6cb60e151242416727ea8529448
96b599fc1ed933b6f0851046c641e1bf25250a51d847167b645727e8fa5bd7e4
980d5a54a22bc8a482aab90a44c50cb9de7362a3a596f709f6fb1698da384f1f
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9835caf857ce89641ff388de4d9deb25ef12912ae950b5c3d7f35ef709b7bf54
98a627d81f9dca1e3fc11685c881c6543a8652834b4bd63c40d921a03dc671d2
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98f3074e159bfa2f2b2f46c1e66959ed5e09cab5c835837cd280f6bcecfc7954
9919db581b322a9912aaa2d88de756cb176e5e739c7d06398d839a35e90b8a36
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c786e0c70e18caa4eab34d207fefb33c91a8fed0ee81569a60d7bb19936267
9a1d07869cb049d588a77f11efd3beb17f80dafd3cbeac292c09bb98cdbbd40b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9be831c4bdaea604b35778a4b0469b488a4305db46f47072241168160fde3ee8
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992
a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042
a466aefe7e6de99952b112882fc5fe203612ece52a9dceee05b1b6fdba402138
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a7d4c054cf2b21f70c6fafd5f579719cf8ac50f399562b760029232fe87f6688
a86ed54db67b0b14aff5d9560b711c713f4b01f2bd641a89a77dd327d5f110c2
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa3bee6b076d1ddcf5339ded3e713f184d8f0b72907f10732bee5eb4be840514
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8
acb3fc3255a86bf16a940304f66f743c367cc01d3b6d6a28a0c4faa80c605930
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad4201efdc63f28f489ac3d0e135aa8dc69d92909d2e2dab075f3ef117f8cf6e
aecafa6faf66348367ef501ce6751e5700e714fe16dfad1bb0b152a5317fed00
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
afbeb022cae9e01bdf5fe7d8a890894c3779539e9807a30b4b7ef3aa2c1dec8d
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b2180d4a59447bea00847f9155a7950240291940000ac1ddd7da2477148bd656
b3d8de82fcd4eebac0fe6855db47b608fc70365a23c4883252baaba34d170f1c
b49146621cfe6b6029390414d145f23df852e1e16d22212fd75aaac65baf337a
b4c48883848fe55b523672410eeed2d0a0d19f1f0c095a37b0b62d3cacb6bc41
b4e600c8238df5644da3f8f32cbb20e4464870fc69cc50ff664a45103bed2c72
b682ef87b0ee4f3631fb1d297c2ad373d1e423ab2d1c14dc10a3fb1dd59a1466
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
b791d9b523b9be4615eed3ada77b540ecb01bcdbec149b19d7b3a323300662e5
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
b7fa3a38e05d8ffddb37e7b382e7feacc4de23aa5efa8ea540232aa974e74061
b8ae03988b6db28471f9795556a4020d8fa8063a2b03b69cf8e5df123e7515d2
b9723d048d0733d78d547eee2f28603e3ba051376e2a819ca5fd7c33af0b69ea
b9bdd1e43d064672f14ad2a8635e7720b3b9f457d788e159d8b6e9d4310c65a9
b9ea6ae99364ce66259b1181b149c52cc81e3fcff737c25ae0305dcab61925de
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
bf98351346a79f27a1707d7ac87740ad483b1469ecf7b0242727db7bcab89a49
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c68252b45c6245ea8a49f45ac89d3627bf3f787e40c0ee0fb90ff65a2ffed425
c6844dab634a8acc2a5419f1877946173bf6cad7dbdd601658c6289d939027a1
c6f14410f46ae33b84e0707dcf7bb436b153e7ee83485b583592052a48e983b6
c77866653e07fedab1f3b4a5411a3cfd271a100da3512feba2c072a64fdb255d
c804a48c27c95ece02166174d1ed784187384ae36ea58848fd362f30824d21f1
c8d3012d8e716cf826af58c652c98a55a239a643b25740302e26901a5647169b
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
ca296812f114107fa083d5231d83f2f12264be3f0fddf1e270b41f849fbfa8be
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd62a3605eede3a1175a2aacb441df716cf0f3bdef64a9e693d344726f4e8d1e
ce6abdc031b17ee4f3fececaf66348880d1a57323548c523b9c5a7d1d7e42f49
ceff9418d44f0ad295c88ed552b874e2b5eae6eb811c860f6d0541a90e7720ac
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d14014baeba87467e3b1feef05f044a599931a5fa12df9ad6a911d6f4224923b
d1fc0a819b52695aa13a983735a80158be26feb7f7165a186fff47b64d772295
d34083a65ff0e36a3d645ece2161f69414caf9f8aed2d21e288e7607c5ddd6dc
d47a786c6b9e0f114e0ff0c92a8ff81d27d822447e41279494336c84560ea675
d624ecaf5c9e39ce3ba27a74b04463bf132f8204c38064b4050ff58cd90a755b
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a
d9754c70bf18afb3a03065dae96aac1f2c32ab14acbbf7ad32bc27b9bedba421
d9f0196a37642b04ecaf289a2772042f8d51629c622b87a35b8876315c89f8ef
db5d999e356d97a5cf821870429655191d582cb778c71312215215751b922eb1
dbb2291a145e2525f1731567e3c12e281c95cec5cdfc50efadef31f99800626d
ddda17da3e459d2b08ddbf187631e6a12c685e847697e4e41001e17fb00149c6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de8500da818ea65726f88690218849735f4d32e528e673d557f1f27895cf1dc9
df4ed157474854943dd623b2d7918e46db1077b038bc75fec07b3a16196d73c1
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
e07a8d6bfa783740be1351aad3a83446f7e8fe90969a7db53a024db036a5149e
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
e352feac4af7dae9b14606626c40a3c87cfc38cffd56b2ad9dc1348ad4cb4681
e36d2c513c3043703f506aa20adfed339dbe9461df400ded949c0af23558250e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3eac6723c55eadfc133dcccd13ace342859c5457a776bae19934beb61002b39
e4628dfdad8ca5961a5b3810deac59cf7144d015b8bf3718d8540a4594447a38
e4b8cd0d6d8c57ef39e1bb5cff8557261b3b2f640656680a72e421471032d841
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5ea88cde93f1e0c2b9db4c4c6935c26aaf34b48e5148606f6ab44db4b0d85a1
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
e69d296b0a284ad3aa25fb3231b370cb4ac2dec672a588d96ecbd43075ab11b1
e7b06ebe0b395e1576fe13389a33ac68e3f049e3b644592fbcbdfe3506dd0ad5
e8f3a8cc5eeeea95975fde4929c4db0b1d21eca16fa35c28b86a411d9fd78e3a
e92c74ac042d0a4004c726f12f20be6d94e11ad8067dbaea8d62e99ad8c2b9c6
eb666583829babf53e0a80640fd618c55c293e3dd52ef1df117014ccbb0cdab4
ec00992b822d8451b2ff5a68c2cfd69e9a4b3773e4386285bad10237b8c81ba9
ec03d1a75f43b5c273016b00dfcaa3f5a318527652d67e00e0d6734338fa8bbe
ed5b6be0c8b4f13ce22fe22b9d7008b58ca0dbd8a5680ca96c5625357658f43c
ed91a50a26439612c396aa46a8369ce56248b4523abd6aca34d3346980e0faf9
ee2c65d3b0e08561a4b755c6d4a43f59ebe87bbb6eaf5ab9722be653858b2a79
ee89a843e6bb6f32bb96b6eb1b7c64bd83a21a339a47b0732b4f286120ee8115
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f164e72b28fd41369622c23191d7741cae3f2b1c7efc70233aafbebfd506dc02
f5273c63f43a5c2723fc0664f0476435ec8c1bfcc5a0c05a10a1a54ccc09399f
f792c997d72f15d754ddfdd292e79d2ab956d979b9eea179d83d131ed5eb572d
f8b706737cbde3a4b198983681ee1f63966f6af09bf93aabe28486235f40a7d3
f932ce7990a64af88556d0c1752d975a6ceabaa15ff215b27705801903e24f43
fb17c7b554cedaf29230a3bcc3a19623fc43cc108a9dd224fa0ed431e572eb26
fb9c54b9a3a86a8af1afa213efd33d118e186951b31f5470c2587eeef7faf3ef
fc075fd28c7c5fe13c0de6252ea367f0b679ad6b5f3a6403111b16539eaee1a0
fd3ef1e0cf7d865dd4a1b2e6d9745d8d0ae7bf1a488285e380200ca93425c16d
feb80efbbbfba9a8b76f1c51cbaf6c090eb99c23d1a9492800cd96b02529b641
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
feffa0462565c770b4ec4e96e046b286b948a4fd09ef0ecf516b3dd546e14215
ff286bf0e792c1a2f0aa5cc4354793098d5984aba77e8e14eff7a8daab3f0680
ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2